From ab67d9e98881e60e3903ad9482f215e2866f4301 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Wed, 12 Jun 2024 13:01:22 -0700 Subject: [PATCH] Fix output + branding for Azure examples (#227) - We don't just output true on a pass now - The product is called Azure SQL Database and it has one of the most terribly confusing set of names / terms that shows that it has been rebranded at least twice. Signed-off-by: Tim Smith --- docs/cnspec/cloud/azure/README.mdx | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/docs/cnspec/cloud/azure/README.mdx b/docs/cnspec/cloud/azure/README.mdx index 97b27c3ce..f788544fa 100644 --- a/docs/cnspec/cloud/azure/README.mdx +++ b/docs/cnspec/cloud/azure/README.mdx @@ -173,18 +173,22 @@ From the resulting list, you can drill down even further. You can also learn abo Now that you know how to discover what's possible with cnspec, let's run some actual tests in the shell. -#### Assess SQL server auditing +#### Assess Azure SQL Database auditing policy -This test assures that auditing is turned on for your SQL servers: +This test assures that auditing is turned on for your Azure SQL Database instances: ```bash azure.subscription.sql.servers { auditingPolicy['state'] == "Enabled" } ``` -If the test passes (all SQL servers have auditing enabled) then cnspec returns `ok`: +If the test passes (all servers have auditing enabled) then cnspec returns `true` for each server: ```coffeescript -[ok] value: true +azure.subscription.sql.servers: [ + 0: { + auditingPolicy.state == "Enabled": true + } +] ``` If the test fails, (one or more Cloud Storage buckets don't use uniform bucket-level access) then cnspec provides details about the failure.