diff --git a/.github/workflows/test_migration.yml b/.github/workflows/test_migration.yml index 62e2329e..e05b70f9 100644 --- a/.github/workflows/test_migration.yml +++ b/.github/workflows/test_migration.yml @@ -22,8 +22,8 @@ jobs: id: cache-migrations uses: actions/cache@v2 with: - path: resources/migrations - key: ${{ runner.os }}-${{ hashFiles('resources/migrations') }} + path: resources/provider/migrations + key: ${{ runner.os }}-${{ hashFiles('resources/provider/migrations') }} test_migration: needs: should_run @@ -32,7 +32,7 @@ jobs: matrix: dbversion: [ "postgres:latest" ] go: [ "1.17" ] - platform: [ ubuntu-latest ] # can not run in macOS and widnowsOS + platform: [ ubuntu-latest ] # can not run in macOS and windowsOS runs-on: ${{ matrix.platform }} services: postgres: @@ -49,7 +49,6 @@ jobs: --health-interval 10s --health-timeout 5s --health-retries 5 - steps: - name: Set up Go 1.x uses: actions/setup-go@v2 @@ -59,41 +58,21 @@ jobs: - name: Check out code into the Go module directory uses: actions/checkout@v2 - - name: Cache CQ - id: cache-cq-binary - uses: actions/cache@v2 - with: - path: cloudquery - key: ${{ runner.os }}-${{ hashFiles('cloudquery') }} - - - name: Download Cloudquery - if: steps.cache-cq-binary.cache-hit != 'true' - run: | - curl -L https://github.com/cloudquery/cloudquery/releases/latest/download/cloudquery_${OS}_x86_64 -o cloudquery - chmod a+x cloudquery - env: - OS: Linux - - - name: Build initial schema - run: | - CQ_NO_TELEMETRY=1 ./cloudquery provider build-schema azure --config ./client/testdata/initial_migration.hcl --enable-console-log - - name: Get dependencies run: | go get -v -t -d ./... - - name: Build - run: go build -v . + - name: Test migrations for Postgres + run: | + go test -v ./resources/provider/provider_test.go + env: + CQ_MIGRATION_TEST_DSN: postgres://postgres:pass@localhost:5432/postgres?sslmode=disable - - name: Run upgrade + - name: Test migrations for Timescale run: | - rm -rf .cq_reattach - go run main.go & while [ ! -f .cq_reattach ]; do sleep 1; done && \ - ./cloudquery provider upgrade azure --config ./client/testdata/default.hcl --enable-console-log + go test -v ./resources/provider/provider_test.go env: - CQ_PROVIDER_DEBUG: 1 - CQ_REATTACH_PROVIDERS: .cq_reattach - CQ_NO_TELEMETRY: 1 + CQ_MIGRATION_TEST_DSN: tsdb://postgres:pass@localhost:5432/postgres?sslmode=disable - name: Slack Notification uses: rtCamp/action-slack-notify@v2 @@ -103,4 +82,4 @@ jobs: SLACK_COLOR: ${{ job.status }} SLACK_MESSAGE: 'Azure - migration test failed' SLACK_TITLE: Azure - migration test failed - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} \ No newline at end of file diff --git a/client/testing.go b/client/testing.go index 5967cd27..6256bc4a 100644 --- a/client/testing.go +++ b/client/testing.go @@ -32,7 +32,7 @@ func AzureMockTestHelper(t *testing.T, table *schema.Table, builder func(*testin providertest.TestResource(t, providertest.ResourceTestCase{ Provider: &provider.Provider{ - Name: "aws_mock_test_provider", + Name: "azure_mock_test_provider", Version: "development", Configure: func(logger hclog.Logger, i interface{}) (schema.ClientMeta, error) { c := NewAzureClient(logging.New(&hclog.LoggerOptions{ @@ -59,7 +59,7 @@ func AzureTestHelper(t *testing.T, table *schema.Table) { providertest.TestResource(t, providertest.ResourceTestCase{ Provider: &provider.Provider{ - Name: "aws_mock_test_provider", + Name: "azure_mock_test_provider", Version: "development", Configure: Configure, Config: func() provider.Config { diff --git a/go.mod b/go.mod index cf0f6397..1d232d59 100644 --- a/go.mod +++ b/go.mod @@ -6,12 +6,13 @@ require ( github.com/Azure/azure-sdk-for-go v58.0.0+incompatible github.com/Azure/go-autorest/autorest v0.11.21 github.com/Azure/go-autorest/autorest/azure/auth v0.5.7 - github.com/cloudquery/cq-provider-sdk v0.6.1 + github.com/cloudquery/cq-provider-sdk v0.7.0-alpha2 github.com/cloudquery/faker/v3 v3.7.5 github.com/golang/mock v1.6.0 github.com/hashicorp/go-hclog v1.0.0 github.com/stretchr/testify v1.7.0 github.com/tombuildsstuff/giovanni v0.16.0 + golang.org/x/sync v0.0.0-20210220032951-036812b2e83c ) require ( @@ -44,8 +45,6 @@ require ( github.com/hashicorp/go-version v1.3.0 // indirect github.com/hashicorp/hcl/v2 v2.10.1 // indirect github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 // indirect - github.com/huandu/go-sqlbuilder v1.13.0 // indirect - github.com/huandu/xstrings v1.3.2 // indirect github.com/iancoleman/strcase v0.2.0 // indirect github.com/jackc/chunkreader/v2 v2.0.1 // indirect github.com/jackc/pgconn v1.10.0 // indirect @@ -83,7 +82,6 @@ require ( go.uber.org/atomic v1.6.0 // indirect golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 // indirect golang.org/x/net v0.0.0-20210825183410-e898025ed96a // indirect - golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359 // indirect golang.org/x/text v0.3.6 // indirect google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12 // indirect diff --git a/go.sum b/go.sum index 78ece263..c1510abc 100644 --- a/go.sum +++ b/go.sum @@ -199,8 +199,8 @@ github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJ github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/golz4 v0.0.0-20150217214814-ef862a3cdc58/go.mod h1:EOBUe0h4xcZ5GoxqC5SDxFQ8gwyZPKQoEzownBlhI80= -github.com/cloudquery/cq-provider-sdk v0.6.1 h1:pyHabGR81AdsnwtZF0oaJhF9VPK5tHiC8DukA5JEW/A= -github.com/cloudquery/cq-provider-sdk v0.6.1/go.mod h1:lLjzStk8uqMiunTDnAp26QXyQ3XAMexOqzuo8T2riMc= +github.com/cloudquery/cq-provider-sdk v0.7.0-alpha2 h1:GY0NJLEYf5JSHluVJsdAfFN00ygX5A+HZHw6/LDif5Q= +github.com/cloudquery/cq-provider-sdk v0.7.0-alpha2/go.mod h1:T+ngRXzcjJ6otKDGkWnPrHTsZuHUe3KZKtyhSLcvHCs= github.com/cloudquery/faker/v3 v3.7.4/go.mod h1:1b8WVG9Gh0T2hVo1a8dWeXfu0AhqSB6J/mmJaesqOeo= github.com/cloudquery/faker/v3 v3.7.5 h1:G7ANdEEcm8TvAAjIwNWSLrYK36CFCiSlrCqOTGCccL0= github.com/cloudquery/faker/v3 v3.7.5/go.mod h1:1b8WVG9Gh0T2hVo1a8dWeXfu0AhqSB6J/mmJaesqOeo= @@ -250,8 +250,8 @@ github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7 github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.8 h1:NmkCC1/QxyZFBny8JogwLpOy2f+VEbO/f6bV2Mqtwuw= -github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s= +github.com/containerd/containerd v1.5.9 h1:rs6Xg1gtIxaeyG+Smsb/0xaSDu1VgFhOCKBXxMxbsF4= +github.com/containerd/containerd v1.5.9/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -605,12 +605,6 @@ github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKe github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 h1:brI5vBRUlAlM34VFmnLPwjnCL/FxAJp9XvOdX6Zt+XE= github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/huandu/go-assert v1.1.5 h1:fjemmA7sSfYHJD7CUqs9qTwwfdNAx7/j2/ZlHXzNB3c= -github.com/huandu/go-assert v1.1.5/go.mod h1:yOLvuqZwmcHIC5rIzrBhT7D3Q9c3GFnd0JrPVhn/06U= -github.com/huandu/go-sqlbuilder v1.13.0 h1:IN1VRzcyQ+Kx74L0g5ZAY5qDaRJjwMWVmb6GrFAF8Jc= -github.com/huandu/go-sqlbuilder v1.13.0/go.mod h1:LILlbQo0MOYjlIiGgOSR3UcWQpd5Y/oZ7HLNGyAUz0E= -github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= -github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/iancoleman/strcase v0.2.0 h1:05I4QRnGpI0m37iZQRuskXh+w77mr6Z41lwQzuHLwW0= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= diff --git a/resources/provider/migrations/1_v0.3.8.down.sql b/resources/provider/migrations/1_v0.3.8.down.sql deleted file mode 100644 index 13f2f828..00000000 --- a/resources/provider/migrations/1_v0.3.8.down.sql +++ /dev/null @@ -1,8 +0,0 @@ -ALTER TABLE IF EXISTS azure_network_virtual_network_subnets - RENAME TO azure_networks_virtual_network_subnets; - -ALTER TABLE IF EXISTS azure_network_virtual_network_peerings - RENAME TO azure_networks_virtual_network_peerings; - -ALTER TABLE IF EXISTS azure_network_virtual_network_ip_allocations - RENAME TO azure_networks_virtual_network_ip_allocations; \ No newline at end of file diff --git a/resources/provider/migrations/1_v0.3.8.up.sql b/resources/provider/migrations/1_v0.3.8.up.sql deleted file mode 100644 index e7fc664e..00000000 --- a/resources/provider/migrations/1_v0.3.8.up.sql +++ /dev/null @@ -1,8 +0,0 @@ -ALTER TABLE IF EXISTS azure_networks_virtual_network_subnets - RENAME TO azure_network_virtual_network_subnets; - -ALTER TABLE IF EXISTS azure_networks_virtual_network_peerings - RENAME TO azure_network_virtual_network_peerings; - -ALTER TABLE IF EXISTS azure_networks_virtual_network_ip_allocations - RENAME TO azure_network_virtual_network_ip_allocations; diff --git a/resources/provider/migrations/2_v0.3.9.down.sql b/resources/provider/migrations/2_v0.3.9.down.sql deleted file mode 100644 index 22a84736..00000000 --- a/resources/provider/migrations/2_v0.3.9.down.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE IF EXISTS "azure_container_managed_cluster_pip_user_assigned_id_exceptions" - RENAME TO "azure_container_managed_cluster_pip_user_assigned_identity_exceptions"; \ No newline at end of file diff --git a/resources/provider/migrations/2_v0.3.9.up.sql b/resources/provider/migrations/2_v0.3.9.up.sql deleted file mode 100644 index 559d2398..00000000 --- a/resources/provider/migrations/2_v0.3.9.up.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE IF EXISTS "azure_container_managed_cluster_pip_user_assigned_identity_exceptions" - RENAME TO "azure_container_managed_cluster_pip_user_assigned_id_exceptions"; \ No newline at end of file diff --git a/resources/provider/migrations/3_v0.3.11.down.sql b/resources/provider/migrations/3_v0.3.11.down.sql deleted file mode 100644 index fcf1bde1..00000000 --- a/resources/provider/migrations/3_v0.3.11.down.sql +++ /dev/null @@ -1,92 +0,0 @@ ---make json column of azure_network_public_ip_addresses a table azure_network_public_ip_address_ip_tags - -CREATE TABLE IF NOT EXISTS public.azure_network_public_ip_address_ip_tags -( - cq_id UUID NOT NULL, - meta JSONB NULL, - public_ip_address_cq_id UUID NULL, - ip_tag_type TEXT NULL, - tag TEXT NULL, - CONSTRAINT azure_network_public_ip_address_ip_tags_pk PRIMARY KEY (cq_id) -); - - -ALTER TABLE public.azure_network_public_ip_address_ip_tags - ADD CONSTRAINT azure_network_public_ip_address_ip_public_ip_address_cq_id_fkey - FOREIGN KEY (public_ip_address_cq_id) REFERENCES public.azure_network_public_ip_addresses (cq_id) ON - DELETE CASCADE; - - -INSERT INTO azure_network_public_ip_address_ip_tags(cq_id, public_ip_address_cq_id, ip_tag_type, tag) -SELECT gen_random_uuid(), - cq_id, - json_data.key, - json_data.value -FROM azure_network_public_ip_addresses, - json_each_text(ip_tags) AS json_data; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN ip_tags; - ---ip configuration columns of azure_network_public_ip_addresses - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN private_ip_address TEXT; - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN private_ip_allocation_method TEXT; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN subnet JSON; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN public_ip_address JSON; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN ip_configuration; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN service_public_ip_address; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN nat_gateway; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN linked_public_ip_address; - ---change ip_address column of azure_network_public_ip_addresses from cidr to text - -ALTER TABLE azure_network_public_ip_addresses - ALTER COLUMN ip_address TYPE TEXT; -CREATE TABLE IF NOT EXISTS public.azure_network_virtual_network_ip_allocations -( - cq_id uuid NULL, - meta jsonb NULL, - virtual_network_cq_id uuid NOT NULL, - id TEXT NOT NULL, - CONSTRAINT azure_network_virtual_network_ip_allocations_cq_id_key UNIQUE (cq_id), - CONSTRAINT azure_network_virtual_network_ip_allocations_pk PRIMARY KEY (virtual_network_cq_id, id) -); --- public.azure_network_virtual_network_ip_allocations foreign keys; -ALTER TABLE public.azure_network_virtual_network_ip_allocations - ADD CONSTRAINT azure_network_virtual_network_ip_all_virtual_network_cq_id_fkey FOREIGN KEY (virtual_network_cq_id) REFERENCES public.azure_network_virtual_networks (cq_id) ON - DELETE CASCADE; - -INSERT INTO azure_network_virtual_network_ip_allocations(cq_id, virtual_network_cq_id, id) -SELECT gen_random_uuid(), - cq_id, - UNNEST(ip_allocations) -FROM azure_network_virtual_networks; - -ALTER TABLE IF EXISTS azure_network_virtual_networks DROP COLUMN ip_allocations; - -ALTER TABLE IF EXISTS azure_network_virtual_networks - ALTER - COLUMN dhcp_options_dns_servers TYPE _text; \ No newline at end of file diff --git a/resources/provider/migrations/3_v0.3.11.up.sql b/resources/provider/migrations/3_v0.3.11.up.sql deleted file mode 100644 index c1e21d60..00000000 --- a/resources/provider/migrations/3_v0.3.11.up.sql +++ /dev/null @@ -1,67 +0,0 @@ ---make azure_network_public_ip_address_ip_tags table a json column of azure_network_public_ip_addresses - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN ip_tags JSON; - - -UPDATE azure_network_public_ip_addresses ips -SET ip_tags = - (SELECT JSON_OBJECT_AGG(ip_tag_type, tag) - FROM azure_network_public_ip_address_ip_tags - WHERE public_ip_address_cq_id = ips.cq_id); - - -DROP TABLE IF EXISTS azure_network_public_ip_address_ip_tags; - ---ip configuration columns of azure_network_public_ip_addresses - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN private_ip_address; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN private_ip_allocation_method; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN subnet; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - DROP COLUMN public_ip_address; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN ip_configuration JSON; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN service_public_ip_address JSON; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN nat_gateway JSON; - - -ALTER TABLE IF EXISTS azure_network_public_ip_addresses - ADD COLUMN linked_public_ip_address JSON; - ---change ip_address column of azure_network_public_ip_addresses from text to inet - -ALTER TABLE azure_network_public_ip_addresses - ALTER COLUMN ip_address TYPE INET USING ip_address::INET; - -ALTER TABLE IF EXISTS azure_network_virtual_networks - ADD COLUMN IF NOT EXISTS ip_allocations _text; - -UPDATE azure_network_virtual_networks n -SET - ip_allocations = (SELECT array_agg(id) AS resources - FROM azure_network_virtual_network_ip_allocations anvnia - WHERE virtual_network_cq_id = n.cq_id); - -DROP TABLE IF EXISTS azure_network_virtual_network_ip_allocations; - -ALTER TABLE IF EXISTS azure_network_virtual_networks - ALTER COLUMN dhcp_options_dns_servers TYPE _inet - USING dhcp_options_dns_servers::inet[]; diff --git a/resources/provider/migrations/postgres/4_v0.4.0.down.sql b/resources/provider/migrations/postgres/4_v0.4.0.down.sql new file mode 100644 index 00000000..6b6269f3 --- /dev/null +++ b/resources/provider/migrations/postgres/4_v0.4.0.down.sql @@ -0,0 +1,128 @@ +-- Autogenerated by migration tool on 2022-01-20 11:53:40 + +-- Resource: authorization.role_assignments +DROP TABLE IF EXISTS azure_authorization_role_assignments; + +-- Resource: authorization.role_definitions +DROP TABLE IF EXISTS azure_authorization_role_definition_permissions; +DROP TABLE IF EXISTS azure_authorization_role_definitions; + +-- Resource: compute.disks +DROP TABLE IF EXISTS azure_compute_disk_encryption_settings; +DROP TABLE IF EXISTS azure_compute_disks; + +-- Resource: compute.virtual_machines +DROP TABLE IF EXISTS azure_compute_virtual_machine_win_config_rm_listeners; +DROP TABLE IF EXISTS azure_compute_virtual_machine_secret_vault_certificates; +DROP TABLE IF EXISTS azure_compute_virtual_machine_secrets; +DROP TABLE IF EXISTS azure_compute_virtual_machine_resources; +DROP TABLE IF EXISTS azure_compute_virtual_machine_network_interfaces; +DROP TABLE IF EXISTS azure_compute_virtual_machines; + +-- Resource: container.managed_clusters +DROP TABLE IF EXISTS azure_container_managed_cluster_pip_user_assigned_id_exceptions; +DROP TABLE IF EXISTS azure_container_managed_cluster_private_link_resources; +DROP TABLE IF EXISTS azure_container_managed_cluster_agent_pool_profiles; +DROP TABLE IF EXISTS azure_container_managed_cluster_pip_user_assigned_identities; +DROP TABLE IF EXISTS azure_container_managed_clusters; + +-- Resource: keyvault.vaults +DROP TABLE IF EXISTS azure_keyvault_vault_access_policies; +DROP TABLE IF EXISTS azure_keyvault_vault_private_endpoint_connections; +DROP TABLE IF EXISTS azure_keyvault_vault_keys; +DROP TABLE IF EXISTS azure_keyvault_vault_secrets; +DROP TABLE IF EXISTS azure_keyvault_vaults; + +-- Resource: monitor.activity_log_alerts +DROP TABLE IF EXISTS azure_monitor_activity_log_alert_conditions; +DROP TABLE IF EXISTS azure_monitor_activity_log_alert_action_groups; +DROP TABLE IF EXISTS azure_monitor_activity_log_alerts; + +-- Resource: monitor.activity_logs +DROP TABLE IF EXISTS azure_monitor_activity_logs; + +-- Resource: monitor.diagnostic_settings +DROP TABLE IF EXISTS azure_monitor_diagnostic_setting_metrics; +DROP TABLE IF EXISTS azure_monitor_diagnostic_setting_logs; +DROP TABLE IF EXISTS azure_monitor_diagnostic_settings; + +-- Resource: monitor.log_profiles +DROP TABLE IF EXISTS azure_monitor_log_profiles; + +-- Resource: mysql.servers +DROP TABLE IF EXISTS azure_mysql_server_private_endpoint_connections; +DROP TABLE IF EXISTS azure_mysql_server_configurations; +DROP TABLE IF EXISTS azure_mysql_servers; + +-- Resource: network.public_ip_addresses +DROP TABLE IF EXISTS azure_network_public_ip_addresses; + +-- Resource: network.security_groups +DROP TABLE IF EXISTS azure_network_security_group_security_rules; +DROP TABLE IF EXISTS azure_network_security_group_flow_logs; +DROP TABLE IF EXISTS azure_network_security_group_default_security_rules; +DROP TABLE IF EXISTS azure_network_security_groups; + +-- Resource: network.virtual_networks +DROP TABLE IF EXISTS azure_network_virtual_network_subnets; +DROP TABLE IF EXISTS azure_network_virtual_network_peerings; +DROP TABLE IF EXISTS azure_network_virtual_networks; + +-- Resource: network.watchers +DROP TABLE IF EXISTS azure_network_watchers; + +-- Resource: postgresql.servers +DROP TABLE IF EXISTS azure_postgresql_server_private_endpoint_connections; +DROP TABLE IF EXISTS azure_postgresql_server_configurations; +DROP TABLE IF EXISTS azure_postgresql_server_firewall_rules; +DROP TABLE IF EXISTS azure_postgresql_servers; + +-- Resource: resources.groups +DROP TABLE IF EXISTS azure_resources_groups; + +-- Resource: resources.policy_assignments +DROP TABLE IF EXISTS azure_resources_policy_assignments; + +-- Resource: security.auto_provisioning_settings +DROP TABLE IF EXISTS azure_security_auto_provisioning_settings; + +-- Resource: security.contacts +DROP TABLE IF EXISTS azure_security_contacts; + +-- Resource: security.pricings +DROP TABLE IF EXISTS azure_security_pricings; + +-- Resource: security.settings +DROP TABLE IF EXISTS azure_security_settings; + +-- Resource: sql.servers +DROP TABLE IF EXISTS azure_sql_database_db_blob_auditing_policies; +DROP TABLE IF EXISTS azure_sql_database_db_threat_detection_policies; +DROP TABLE IF EXISTS azure_sql_database_db_vulnerability_assessments; +DROP TABLE IF EXISTS azure_sql_databases; +DROP TABLE IF EXISTS azure_sql_server_encryption_protectors; +DROP TABLE IF EXISTS azure_sql_server_private_endpoint_connections; +DROP TABLE IF EXISTS azure_sql_server_firewall_rules; +DROP TABLE IF EXISTS azure_sql_server_admins; +DROP TABLE IF EXISTS azure_sql_server_db_blob_auditing_policies; +DROP TABLE IF EXISTS azure_sql_server_devops_audit_settings; +DROP TABLE IF EXISTS azure_sql_server_vulnerability_assessments; +DROP TABLE IF EXISTS azure_sql_servers; + +-- Resource: storage.accounts +DROP TABLE IF EXISTS azure_storage_account_network_rule_set_virtual_network_rules; +DROP TABLE IF EXISTS azure_storage_account_network_rule_set_ip_rules; +DROP TABLE IF EXISTS azure_storage_account_private_endpoint_connections; +DROP TABLE IF EXISTS azure_storage_containers; +DROP TABLE IF EXISTS azure_storage_blob_service_cors_rules; +DROP TABLE IF EXISTS azure_storage_blob_services; +DROP TABLE IF EXISTS azure_storage_accounts; + +-- Resource: subscription.subscriptions +DROP TABLE IF EXISTS azure_subscription_subscriptions; + +-- Resource: web.apps +DROP TABLE IF EXISTS azure_web_app_host_name_ssl_states; +DROP TABLE IF EXISTS azure_web_app_publishing_profiles; +DROP TABLE IF EXISTS azure_web_app_auth_settings; +DROP TABLE IF EXISTS azure_web_apps; diff --git a/resources/provider/migrations/postgres/4_v0.4.0.up.sql b/resources/provider/migrations/postgres/4_v0.4.0.up.sql new file mode 100644 index 00000000..9c965438 --- /dev/null +++ b/resources/provider/migrations/postgres/4_v0.4.0.up.sql @@ -0,0 +1,1776 @@ +-- Autogenerated by migration tool on 2022-01-20 11:53:40 + +-- Resource: authorization.role_assignments +CREATE TABLE IF NOT EXISTS "azure_authorization_role_assignments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "scope" text, + "role_definition_id" text, + "principal_id" text, + CONSTRAINT azure_authorization_role_assignments_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: authorization.role_definitions +CREATE TABLE IF NOT EXISTS "azure_authorization_role_definitions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "role_name" text, + "description" text, + "role_type" text, + "assignable_scopes" text[], + CONSTRAINT azure_authorization_role_definitions_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_authorization_role_definition_permissions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "role_definition_cq_id" uuid, + "actions" text[], + "not_actions" text[], + CONSTRAINT azure_authorization_role_definition_permissions_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (role_definition_cq_id) REFERENCES azure_authorization_role_definitions(cq_id) ON DELETE CASCADE +); + +-- Resource: compute.disks +CREATE TABLE IF NOT EXISTS "azure_compute_disks" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "managed_by" text, + "managed_by_extended" text[], + "sku_name" text, + "sku_tier" text, + "zones" text[], + "time_created" timestamp without time zone, + "os_type" text, + "hyperv_generation" text, + "creation_data_create_option" text, + "creation_data_storage_account_id" text, + "creation_data_image_reference_id" text, + "creation_data_image_reference_lun" integer, + "creation_data_gallery_image_reference_id" text, + "creation_data_gallery_image_reference_lun" integer, + "creation_data_source_uri" text, + "creation_data_source_resource_id" text, + "creation_data_source_unique_id" text, + "creation_data_upload_size_bytes" bigint, + "disk_size_gb" integer, + "disk_size_bytes" bigint, + "unique_id" text, + "encryption_settings_collection_enabled" boolean, + "encryption_settings_collection_encryption_settings_version" text, + "provisioning_state" text, + "disk_iops_read_write" bigint, + "disk_mbps_read_write" bigint, + "disk_iops_read_only" bigint, + "disk_mbps_read_only" bigint, + "disk_state" text, + "encryption_disk_encryption_set_id" text, + "encryption_type" text, + "max_shares" integer, + "share_info" text[], + "network_access_policy" text, + "disk_access_id" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_compute_disks_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_compute_disk_encryption_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "disk_cq_id" uuid, + "disk_encryption_key_source_vault_id" text, + "disk_encryption_key_secret_url" text, + "key_encryption_key_source_vault_id" text, + "key_encryption_key_key_url" text, + CONSTRAINT azure_compute_disk_encryption_settings_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (disk_cq_id) REFERENCES azure_compute_disks(cq_id) ON DELETE CASCADE +); + +-- Resource: compute.virtual_machines +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machines" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "plan_name" text, + "plan_publisher" text, + "plan_product" text, + "plan_promotion_code" text, + "hardware_profile_vm_size" text, + "storage_profile" jsonb, + "additional_capabilities_ultra_ssd_enabled" boolean, + "computer_name" text, + "admin_username" text, + "admin_password" text, + "custom_data" text, + "windows_configuration_provision_vm_agent" boolean, + "windows_configuration_enable_automatic_updates" boolean, + "windows_configuration_time_zone" text, + "windows_configuration_additional_unattend_content" jsonb, + "windows_configuration_patch_settings_patch_mode" text, + "windows_configuration_patch_settings_enable_hotpatching" boolean, + "linux_configuration_disable_password_authentication" boolean, + "linux_configuration_ssh_public_keys" jsonb, + "linux_configuration_provision_vm_agent" boolean, + "linux_configuration_patch_settings_patch_mode" text, + "allow_extension_operations" boolean, + "require_guest_provision_signal" boolean, + "network_profile_network_interfaces" jsonb, + "security_profile_uefi_settings_secure_boot_enabled" boolean, + "security_profile_uefi_settings_v_tpm_enabled" boolean, + "security_profile_encryption_at_host" boolean, + "security_profile_security_type" text, + "diagnostics_profile_boot_diagnostics_enabled" boolean, + "diagnostics_profile_boot_diagnostics_storage_uri" text, + "availability_set_id" text, + "virtual_machine_scale_set_id" text, + "proximity_placement_group_id" text, + "priority" text, + "eviction_policy" text, + "billing_profile_max_price" float, + "host_id" text, + "host_group_id" text, + "provisioning_state" text, + "instance_view" jsonb, + "license_type" text, + "vm_id" text, + "extensions_time_budget" text, + "platform_fault_domain" integer, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + "identity_user_assigned_identities" jsonb, + "zones" text[], + "extended_location_name" text, + "extended_location_type" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_compute_virtual_machines_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_win_config_rm_listeners" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "protocol" text, + "certificate_url" text, + CONSTRAINT azure_compute_virtual_machine_win_config_rm_listeners_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (virtual_machine_cq_id) REFERENCES azure_compute_virtual_machines(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_secrets" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "source_vault_id" text, + CONSTRAINT azure_compute_virtual_machine_secrets_pk PRIMARY KEY(virtual_machine_cq_id,source_vault_id), + UNIQUE(cq_id), + FOREIGN KEY (virtual_machine_cq_id) REFERENCES azure_compute_virtual_machines(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_secret_vault_certificates" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_machine_secret_cq_id" uuid, + "certificate_url" text, + "certificate_store" text, + CONSTRAINT azure_compute_virtual_machine_secret_vault_certificates_pk PRIMARY KEY(virtual_machine_secret_cq_id,certificate_url), + UNIQUE(cq_id), + FOREIGN KEY (virtual_machine_secret_cq_id) REFERENCES azure_compute_virtual_machine_secrets(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_resources" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "virtual_machine_extension_properties" jsonb, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_compute_virtual_machine_resources_pk PRIMARY KEY(virtual_machine_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (virtual_machine_cq_id) REFERENCES azure_compute_virtual_machines(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_network_interfaces" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "network_interface_reference_properties_primary" boolean, + "id" text, + CONSTRAINT azure_compute_virtual_machine_network_interfaces_pk PRIMARY KEY(virtual_machine_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (virtual_machine_cq_id) REFERENCES azure_compute_virtual_machines(cq_id) ON DELETE CASCADE +); + +-- Resource: container.managed_clusters +CREATE TABLE IF NOT EXISTS "azure_container_managed_clusters" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "provisioning_state" text, + "power_state_code" text, + "max_agent_pools" integer, + "kubernetes_version" text, + "dns_prefix" text, + "fqdn_subdomain" text, + "fqdn" text, + "private_fqdn" text, + "azure_portal_fqdn" text, + "linux_profile_admin_username" text, + "windows_profile_admin_username" text, + "windows_profile_admin_password" text, + "windows_profile_license_type" text, + "windows_profile_enable_csi_proxy" boolean, + "service_principal_profile_client_id" text, + "service_principal_profile_secret" text, + "addon_profiles" jsonb, + "pod_identity_profile_enabled" boolean, + "pod_identity_profile_allow_network_plugin_kubenet" boolean, + "node_resource_group" text, + "enable_rbac" boolean, + "network_profile_network_plugin" text, + "network_profile_network_policy" text, + "network_profile_network_mode" text, + "network_profile_pod_cidr" text, + "network_profile_service_cidr" text, + "network_profile_dns_service_ip" text, + "network_profile_docker_bridge_cidr" text, + "network_profile_outbound_type" text, + "network_profile_load_balancer_sku" text, + "network_profile_load_balancer_managed_outbound_ips_count" integer, + "network_profile_load_balancer_outbound_ip_prefixes" text[], + "network_profile_load_balancer_outbound_ips" text[], + "network_profile_load_balancer_effective_outbound_ips" text[], + "network_profile_load_balancer_allocated_outbound_ports" integer, + "network_profile_load_balancer_idle_timeout" integer, + "aad_profile_managed" boolean, + "aad_profile_enable_azure_rbac" boolean, + "aad_profile_admin_group_object_ids" text[], + "aad_profile_client_app_id" text, + "aad_profile_server_app_id" text, + "aad_profile_server_app_secret" text, + "aad_profile_tenant_id" text, + "auto_upgrade_profile_upgrade_channel" text, + "auto_scaler_profile_expander" text, + "api_server_access_profile_authorized_ip_ranges" text[], + "api_server_access_profile_enable_private_cluster" boolean, + "api_server_access_profile_private_dns_zone" text, + "disk_encryption_set_id" text, + "identity_profile" jsonb, + "disable_local_accounts" boolean, + "http_proxy_config_http_proxy" text, + "http_proxy_config_https_proxy" text, + "http_proxy_config_no_proxy" text[], + "http_proxy_config_trusted_ca" text, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + "identity_user_assigned_identities" jsonb, + "sku_name" text, + "sku_tier" text, + "extended_location_name" text, + "extended_location_type" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_container_managed_clusters_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_pip_user_assigned_id_exceptions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "managed_cluster_cq_id" uuid, + "name" text, + "namespace" text, + "pod_labels" jsonb, + CONSTRAINT azure_container_managed_cluster_pip_user_assigned_id_excepti_pk PRIMARY KEY(managed_cluster_cq_id,name), + UNIQUE(cq_id), + FOREIGN KEY (managed_cluster_cq_id) REFERENCES azure_container_managed_clusters(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_private_link_resources" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "managed_cluster_cq_id" uuid, + "id" text, + "name" text, + "type" text, + "group_id" text, + "required_members" text[], + "private_link_service_id" text, + CONSTRAINT azure_container_managed_cluster_private_link_resources_pk PRIMARY KEY(managed_cluster_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (managed_cluster_cq_id) REFERENCES azure_container_managed_clusters(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_agent_pool_profiles" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "managed_cluster_cq_id" uuid, + "name" text, + "count" integer, + "vm_size" text, + "os_disk_size_gb" integer, + "os_disk_type" text, + "kubelet_disk_type" text, + "vnet_subnet_id" text, + "pod_subnet_id" text, + "max_pods" integer, + "os_type" text, + "os_sku" text, + "max_count" integer, + "min_count" integer, + "enable_auto_scaling" boolean, + "type" text, + "mode" text, + "orchestrator_version" text, + "node_image_version" text, + "upgrade_settings_max_surge" text, + "provisioning_state" text, + "power_state_code" text, + "availability_zones" text[], + "enable_node_public_ip" boolean, + "node_public_ip_prefix_id" text, + "scale_set_priority" text, + "scale_set_eviction_policy" text, + "spot_max_price" float, + "tags" jsonb, + "node_labels" jsonb, + "node_taints" text[], + "proximity_placement_group_id" text, + "kubelet_config_cpu_manager_policy" text, + "kubelet_config_cpu_cfs_quota" boolean, + "kubelet_config_cpu_cfs_quota_period" text, + "kubelet_config_image_gc_high_threshold" integer, + "kubelet_config_image_gc_low_threshold" integer, + "kubelet_config_topology_manager_policy" text, + "kubelet_config_allowed_unsafe_sysctls" text[], + "kubelet_config_fail_swap_on" boolean, + "kubelet_config_container_log_max_size_mb" integer, + "kubelet_config_container_log_max_files" integer, + "kubelet_config_pod_max_pids" integer, + "linux_os_config" jsonb, + "enable_encryption_at_host" boolean, + "enable_fips" boolean, + "gpu_instance_profile" text, + CONSTRAINT azure_container_managed_cluster_agent_pool_profiles_pk PRIMARY KEY(managed_cluster_cq_id,name), + UNIQUE(cq_id), + FOREIGN KEY (managed_cluster_cq_id) REFERENCES azure_container_managed_clusters(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_pip_user_assigned_identities" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "managed_cluster_cq_id" uuid, + "name" text, + "namespace" text, + "binding_selector" text, + "identity_resource_id" text, + "identity_client_id" text, + "identity_object_id" text, + "provisioning_state" text, + CONSTRAINT azure_container_managed_cluster_pip_user_assigned_identities_pk PRIMARY KEY(managed_cluster_cq_id,name), + UNIQUE(cq_id), + FOREIGN KEY (managed_cluster_cq_id) REFERENCES azure_container_managed_clusters(cq_id) ON DELETE CASCADE +); + +-- Resource: keyvault.vaults +CREATE TABLE IF NOT EXISTS "azure_keyvault_vaults" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + "tenant_id" uuid, + "sku_family" text, + "sku_name" text, + "vault_uri" text, + "enabled_for_deployment" boolean, + "enabled_for_disk_encryption" boolean, + "enabled_for_template_deployment" boolean, + "enable_soft_delete" boolean, + "soft_delete_retention_in_days" integer, + "enable_rbac_authorization" boolean, + "create_mode" text, + "enable_purge_protection" boolean, + "network_acls_bypass" text, + "network_acls_default_action" text, + "network_acls_ip_rules" text[], + "network_acls_virtual_network_rules" text[], + CONSTRAINT azure_keyvault_vaults_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_access_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "vault_cq_id" uuid, + "tenant_id" uuid, + "object_id" text, + "application_id" uuid, + "permissions_keys" text[], + "permissions_secrets" text[], + "permissions_certificates" text[], + "permissions_storage" text[], + CONSTRAINT azure_keyvault_vault_access_policies_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (vault_cq_id) REFERENCES azure_keyvault_vaults(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "vault_cq_id" uuid, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_action_required" text, + "provisioning_state" text, + CONSTRAINT azure_keyvault_vault_private_endpoint_connections_pk PRIMARY KEY(vault_cq_id,private_endpoint_id), + UNIQUE(cq_id), + FOREIGN KEY (vault_cq_id) REFERENCES azure_keyvault_vaults(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_keys" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "vault_cq_id" uuid, + "kid" text, + "recoverable_days" integer, + "recovery_level" text, + "enabled" boolean, + "not_before" timestamp without time zone, + "expires" timestamp without time zone, + "created" timestamp without time zone, + "updated" timestamp without time zone, + "tags" jsonb, + "managed" boolean, + CONSTRAINT azure_keyvault_vault_keys_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (vault_cq_id) REFERENCES azure_keyvault_vaults(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_secrets" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "vault_cq_id" uuid, + "id" text, + "recoverable_days" integer, + "recovery_level" text, + "enabled" boolean, + "not_before" timestamp without time zone, + "expires" timestamp without time zone, + "created" timestamp without time zone, + "updated" timestamp without time zone, + "tags" jsonb, + "content_type" text, + "managed" boolean, + CONSTRAINT azure_keyvault_vault_secrets_pk PRIMARY KEY(vault_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (vault_cq_id) REFERENCES azure_keyvault_vaults(cq_id) ON DELETE CASCADE +); + +-- Resource: monitor.activity_log_alerts +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_log_alerts" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "scopes" text[], + "enabled" boolean, + "description" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_monitor_activity_log_alerts_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_log_alert_conditions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "activity_log_alert_cq_id" uuid, + "activity_log_alert_id" text, + "field" text, + "equals" text, + CONSTRAINT azure_monitor_activity_log_alert_conditions_pk PRIMARY KEY(activity_log_alert_cq_id,field), + UNIQUE(cq_id), + FOREIGN KEY (activity_log_alert_cq_id) REFERENCES azure_monitor_activity_log_alerts(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_log_alert_action_groups" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "activity_log_alert_cq_id" uuid, + "activity_log_alert_id" text, + "action_group_id" text, + "webhook_properties" jsonb, + CONSTRAINT azure_monitor_activity_log_alert_action_groups_pk PRIMARY KEY(activity_log_alert_cq_id,action_group_id), + UNIQUE(cq_id), + FOREIGN KEY (activity_log_alert_cq_id) REFERENCES azure_monitor_activity_log_alerts(cq_id) ON DELETE CASCADE +); + +-- Resource: monitor.activity_logs +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_logs" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "authorization_action" text, + "authorization_role" text, + "authorization_scope" text, + "claims" jsonb, + "caller" text, + "description" text, + "id" text, + "event_data_id" text, + "correlation_id" text, + "event_name_value" text, + "event_name_localized_value" text, + "category_value" text, + "category_localized_value" text, + "http_request_client_request_id" text, + "http_request_client_ip_address" text, + "http_request_method" text, + "http_request_uri" text, + "level" text, + "resource_group_name" text, + "resource_provider_name_value" text, + "resource_provider_name_localized_value" text, + "resource_id" text, + "resource_type_value" text, + "resource_type_localized_value" text, + "operation_id" text, + "operation_name_value" text, + "operation_name_localized_value" text, + "properties" jsonb, + "status_value" text, + "status_localized_value" text, + "sub_status_value" text, + "sub_status_localized_value" text, + "event_timestamp_time" timestamp without time zone, + "submission_timestamp_time" timestamp without time zone, + "subscription_id" text, + "tenant_id" text, + CONSTRAINT azure_monitor_activity_logs_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: monitor.diagnostic_settings +CREATE TABLE IF NOT EXISTS "azure_monitor_diagnostic_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "storage_account_id" text, + "service_bus_rule_id" text, + "event_hub_authorization_rule_id" text, + "event_hub_name" text, + "workspace_id" text, + "log_analytics_destination_type" text, + "id" text, + "name" text, + "type" text, + "resource_uri" text, + CONSTRAINT azure_monitor_diagnostic_settings_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_monitor_diagnostic_setting_metrics" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "diagnostic_setting_cq_id" uuid, + "diagnostic_setting_id" text, + "time_grain" text, + "category" text, + "enabled" boolean, + "retention_policy_enabled" boolean, + "retention_policy_days" integer, + CONSTRAINT azure_monitor_diagnostic_setting_metrics_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (diagnostic_setting_cq_id) REFERENCES azure_monitor_diagnostic_settings(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_monitor_diagnostic_setting_logs" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "diagnostic_setting_cq_id" uuid, + "diagnostic_setting_id" text, + "category" text, + "enabled" boolean, + "retention_policy_enabled" boolean, + "retention_policy_days" integer, + CONSTRAINT azure_monitor_diagnostic_setting_logs_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (diagnostic_setting_cq_id) REFERENCES azure_monitor_diagnostic_settings(cq_id) ON DELETE CASCADE +); + +-- Resource: monitor.log_profiles +CREATE TABLE IF NOT EXISTS "azure_monitor_log_profiles" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "storage_account_id" text, + "service_bus_rule_id" text, + "locations" text[], + "categories" text[], + "retention_policy_enabled" boolean, + "retention_policy_days" integer, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_monitor_log_profiles_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: mysql.servers +CREATE TABLE IF NOT EXISTS "azure_mysql_servers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "identity_principal_id" uuid, + "identity_type" text, + "identity_tenant_id" uuid, + "sku_name" text, + "sku_tier" text, + "sku_capacity" integer, + "sku_size" text, + "sku_family" text, + "administrator_login" text, + "version" text, + "ssl_enforcement" text, + "minimal_tls_version" text, + "byok_enforcement" text, + "infrastructure_encryption" text, + "user_visible_state" text, + "fully_qualified_domain_name" text, + "earliest_restore_date_time" timestamp without time zone, + "storage_profile_backup_retention_days" integer, + "storage_profile_geo_redundant_backup" text, + "storage_profile_storage_mb" integer, + "storage_profile_storage_autogrow" text, + "replication_role" text, + "master_server_id" text, + "replica_capacity" integer, + "public_network_access" text, + "tags" jsonb, + "location" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_mysql_servers_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_mysql_server_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "id" text, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_actions_required" text, + "provisioning_state" text, + CONSTRAINT azure_mysql_server_private_endpoint_connections_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_mysql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_mysql_server_configurations" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "value" text, + "description" text, + "default_value" text, + "data_type" text, + "allowed_values" text, + "source" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_mysql_server_configurations_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_mysql_servers(cq_id) ON DELETE CASCADE +); + +-- Resource: network.public_ip_addresses +CREATE TABLE IF NOT EXISTS "azure_network_public_ip_addresses" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "extended_location_name" text, + "extended_location_type" text, + "sku_name" text, + "sku_tier" text, + "public_ip_allocation_method" text, + "public_ip_address_version" text, + "ip_configuration" jsonb, + "dns_settings_domain_name_label" text, + "dns_settings_fqdn" text, + "dns_settings_reverse_fqdn" text, + "ddos_settings_ddos_custom_policy_id" text, + "ddos_settings_protection_coverage" text, + "ddos_settings_protected_ip" boolean, + "ip_tags" jsonb, + "ip_address" inet, + "public_ip_prefix_id" text, + "idle_timeout_in_minutes" integer, + "resource_guid" text, + "provisioning_state" text, + "service_public_ip_address" jsonb, + "nat_gateway" jsonb, + "migration_phase" text, + "linked_public_ip_address" jsonb, + "etag" text, + "zones" text[], + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_public_ip_addresses_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: network.security_groups +CREATE TABLE IF NOT EXISTS "azure_network_security_groups" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "resource_guid" text, + "provisioning_state" text, + "etag" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_security_groups_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_network_security_group_security_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "security_group_cq_id" uuid, + "description" text, + "protocol" text, + "source_port_range" text, + "destination_port_range" text, + "source_address_prefix" text, + "source_address_prefixes" text[], + "destination_address_prefix" text, + "destination_address_prefixes" text[], + "source_port_ranges" text[], + "destination_port_ranges" text[], + "access" text, + "priority" integer, + "direction" text, + "provisioning_state" text, + "name" text, + "etag" text, + "type" text, + "id" text, + CONSTRAINT azure_network_security_group_security_rules_pk PRIMARY KEY(security_group_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (security_group_cq_id) REFERENCES azure_network_security_groups(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_network_security_group_flow_logs" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "security_group_cq_id" uuid, + "target_resource_id" text, + "target_resource_guid" text, + "storage_id" text, + "enabled" boolean, + "retention_policy_days" integer, + "retention_policy_enabled" boolean, + "format_type" text, + "format_version" integer, + "flow_analytics_configuration_enabled" boolean, + "flow_analytics_configuration_workspace_id" text, + "flow_analytics_configuration_workspace_region" text, + "flow_analytics_configuration_workspace_resource_id" text, + "flow_analytics_configuration_traffic_analytics_interval" integer, + "provisioning_state" text, + "etag" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_security_group_flow_logs_pk PRIMARY KEY(security_group_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (security_group_cq_id) REFERENCES azure_network_security_groups(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_network_security_group_default_security_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "security_group_cq_id" uuid, + "description" text, + "protocol" text, + "source_port_range" text, + "destination_port_range" text, + "source_address_prefix" text, + "source_address_prefixes" text[], + "destination_address_prefix" text, + "destination_address_prefixes" text[], + "source_port_ranges" text[], + "destination_port_ranges" text[], + "access" text, + "priority" integer, + "direction" text, + "provisioning_state" text, + "name" text, + "etag" text, + "type" text, + "id" text, + CONSTRAINT azure_network_security_group_default_security_rules_pk PRIMARY KEY(security_group_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (security_group_cq_id) REFERENCES azure_network_security_groups(cq_id) ON DELETE CASCADE +); + +-- Resource: network.virtual_networks +CREATE TABLE IF NOT EXISTS "azure_network_virtual_networks" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "extended_location_name" text, + "extended_location_type" text, + "address_space_address_prefixes" text[], + "dhcp_options_dns_servers" inet[], + "resource_guid" text, + "provisioning_state" text, + "enable_ddos_protection" boolean, + "enable_vm_protection" boolean, + "ddos_protection_plan_id" text, + "bgp_communities_virtual_network_community" text, + "bgp_communities_regional_community" text, + "ip_allocations" text[], + "etag" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_virtual_networks_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_network_virtual_network_subnets" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_network_cq_id" uuid, + "address_prefix" text, + "address_prefixes" text[], + "security_group_properties_format_resource_guid" text, + "security_group_properties_format_provisioning_state" text, + "network_security_group_etag" text, + "network_security_group_id" text, + "network_security_group_name" text, + "network_security_group_type" text, + "network_security_group_location" text, + "network_security_group_tags" jsonb, + "route_table_disable_bgp_route_propagation" boolean, + "route_table_provisioning_state" text, + "route_table_resource_guid" text, + "route_table_etag" text, + "route_table_id" text, + "route_table_name" text, + "route_table_type" text, + "route_table_location" text, + "route_table_tags" jsonb, + "nat_gateway_id" text, + "purpose" text, + "provisioning_state" text, + "private_endpoint_network_policies" text, + "private_link_service_network_policies" text, + "name" text, + "etag" text, + "id" text, + CONSTRAINT azure_network_virtual_network_subnets_pk PRIMARY KEY(virtual_network_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (virtual_network_cq_id) REFERENCES azure_network_virtual_networks(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_network_virtual_network_peerings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "virtual_network_cq_id" uuid, + "allow_virtual_network_access" boolean, + "allow_forwarded_traffic" boolean, + "allow_gateway_transit" boolean, + "use_remote_gateways" boolean, + "remote_virtual_network_id" text, + "remote_address_space_address_prefixes" text[], + "remote_bgp_communities_virtual_network_community" text, + "remote_bgp_communities_regional_community" text, + "peering_state" text, + "provisioning_state" text, + "name" text, + "etag" text, + "id" text, + CONSTRAINT azure_network_virtual_network_peerings_pk PRIMARY KEY(virtual_network_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (virtual_network_cq_id) REFERENCES azure_network_virtual_networks(cq_id) ON DELETE CASCADE +); + +-- Resource: network.watchers +CREATE TABLE IF NOT EXISTS "azure_network_watchers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "etag" text, + "provisioning_state" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_watchers_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id) +); + +-- Resource: postgresql.servers +CREATE TABLE IF NOT EXISTS "azure_postgresql_servers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "identity_principal_id" uuid, + "identity_type" text, + "identity_tenant_id" uuid, + "sku_name" text, + "sku_tier" text, + "sku_capacity" integer, + "sku_size" text, + "sku_family" text, + "administrator_login" text, + "version" text, + "ssl_enforcement" text, + "minimal_tls_version" text, + "byok_enforcement" text, + "infrastructure_encryption" text, + "user_visible_state" text, + "fully_qualified_domain_name" text, + "earliest_restore_date_time" timestamp without time zone, + "storage_profile_backup_retention_days" integer, + "storage_profile_geo_redundant_backup" text, + "storage_profile_storage_mb" integer, + "storage_profile_storage_autogrow" text, + "replication_role" text, + "master_server_id" text, + "replica_capacity" integer, + "public_network_access" text, + "tags" jsonb, + "location" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_postgresql_servers_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_postgresql_server_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "id" text, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_actions_required" text, + "provisioning_state" text, + CONSTRAINT azure_postgresql_server_private_endpoint_connections_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_postgresql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_postgresql_server_configurations" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "value" text, + "description" text, + "default_value" text, + "data_type" text, + "allowed_values" text, + "source" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_postgresql_server_configurations_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_postgresql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_postgresql_server_firewall_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "start_ip_address" text, + "end_ip_address" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_postgresql_server_firewall_rules_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_postgresql_servers(cq_id) ON DELETE CASCADE +); + +-- Resource: resources.groups +CREATE TABLE IF NOT EXISTS "azure_resources_groups" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "properties_provisioning_state" text, + "location" text, + "managed_by" text, + "tags" jsonb, + CONSTRAINT azure_resources_groups_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: resources.policy_assignments +CREATE TABLE IF NOT EXISTS "azure_resources_policy_assignments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "display_name" text, + "policy_definition_id" text, + "scope" text, + "not_scopes" text[], + "parameters" jsonb, + "description" text, + "metadata" jsonb, + "enforcement_mode" text, + "id" text, + "type" text, + "name" text, + "sku_name" text, + "sku_tier" text, + "location" text, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + CONSTRAINT azure_resources_policy_assignments_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: security.auto_provisioning_settings +CREATE TABLE IF NOT EXISTS "azure_security_auto_provisioning_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "auto_provision" text, + "id" text, + "name" text, + "resource_type" text, + CONSTRAINT azure_security_auto_provisioning_settings_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: security.contacts +CREATE TABLE IF NOT EXISTS "azure_security_contacts" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "email" text, + "phone" text, + "alert_notifications" text, + "alerts_to_admins" text, + "id" text, + "name" text, + "resource_type" text, + CONSTRAINT azure_security_contacts_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: security.pricings +CREATE TABLE IF NOT EXISTS "azure_security_pricings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "pricing_properties_tier" text, + "pricing_properties_free_trial_remaining_time" text, + "id" text, + "name" text, + "resource_type" text, + CONSTRAINT azure_security_pricings_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: security.settings +CREATE TABLE IF NOT EXISTS "azure_security_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "kind" text, + "id" text, + "name" text, + "resource_type" text, + "enabled" boolean, + CONSTRAINT azure_security_settings_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); + +-- Resource: sql.servers +CREATE TABLE IF NOT EXISTS "azure_sql_servers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "identity_principal_id" uuid, + "identity_type" text, + "identity_tenant_id" uuid, + "kind" text, + "administrator_login" text, + "administrator_login_password" text, + "version" text, + "state" text, + "fully_qualified_domain_name" text, + "minimal_tls_version" text, + "public_network_access" text, + "location" text, + "tags" jsonb, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_servers_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_sql_databases" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "sku_name" text, + "sku_tier" text, + "sku_size" text, + "sku_family" text, + "sku_capacity" integer, + "kind" text, + "managed_by" text, + "create_mode" text, + "collation" text, + "max_size_bytes" bigint, + "sample_name" text, + "elastic_pool_id" text, + "source_database_id" text, + "status" text, + "database_id" uuid, + "creation_date_time" timestamp without time zone, + "current_service_objective_name" text, + "requested_service_objective_name" text, + "default_secondary_location" text, + "failover_group_id" text, + "restore_point_in_time" timestamp without time zone, + "source_database_deletion_date_time" timestamp without time zone, + "recovery_services_recovery_point_id" text, + "long_term_retention_backup_resource_id" text, + "recoverable_database_id" text, + "restorable_dropped_database_id" text, + "catalog_collation" text, + "zone_redundant" boolean, + "license_type" text, + "max_log_size_bytes" bigint, + "earliest_restore_date_time" timestamp without time zone, + "read_scale" text, + "high_availability_replica_count" integer, + "secondary_type" text, + "current_sku_name" text, + "current_sku_tier" text, + "current_sku_size" text, + "current_sku_family" text, + "current_sku_capacity" integer, + "auto_pause_delay" integer, + "storage_account_type" text, + "min_capacity" float, + "paused_date_time" timestamp without time zone, + "resumed_date_time" timestamp without time zone, + "maintenance_configuration_id" text, + "location" text, + "tags" jsonb, + "id" text, + "name" text, + "type" text, + "transparent_data_encryption" jsonb, + CONSTRAINT azure_sql_databases_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_database_db_blob_auditing_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "database_cq_id" uuid, + "kind" text, + "state" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "retention_days" integer, + "audit_actions_and_groups" text[], + "storage_account_subscription_id" uuid, + "is_storage_secondary_key_in_use" boolean, + "is_azure_monitor_target_enabled" boolean, + "queue_delay_ms" integer, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_database_db_blob_auditing_policies_pk PRIMARY KEY(database_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (database_cq_id) REFERENCES azure_sql_databases(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_database_db_threat_detection_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "database_cq_id" uuid, + "location" text, + "kind" text, + "state" text, + "disabled_alerts" text, + "email_addresses" text, + "email_account_admins" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "retention_days" integer, + "use_server_default" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_database_db_threat_detection_policies_pk PRIMARY KEY(database_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (database_cq_id) REFERENCES azure_sql_databases(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_database_db_vulnerability_assessments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "database_cq_id" uuid, + "storage_container_path" text, + "storage_container_sas_key" text, + "storage_account_access_key" text, + "recurring_scans_is_enabled" boolean, + "recurring_scans_email_subscription_admins" boolean, + "recurring_scans_emails" text[], + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_database_db_vulnerability_assessments_pk PRIMARY KEY(database_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (database_cq_id) REFERENCES azure_sql_databases(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_encryption_protectors" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "kind" text, + "location" text, + "subregion" text, + "server_key_name" text, + "server_key_type" text, + "uri" text, + "thumbprint" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_encryption_protectors_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "id" text, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_actions_required" text, + "provisioning_state" text, + CONSTRAINT azure_sql_server_private_endpoint_connections_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_firewall_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "kind" text, + "location" text, + "start_ip_address" text, + "end_ip_address" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_firewall_rules_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_admins" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "administrator_type" text, + "login" text, + "sid" uuid, + "tenant_id" uuid, + "azure_ad_only_authentication" boolean, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_admins_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_db_blob_auditing_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "state" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "retention_days" integer, + "audit_actions_and_groups" text[], + "storage_account_subscription_id" uuid, + "is_storage_secondary_key_in_use" boolean, + "is_azure_monitor_target_enabled" boolean, + "queue_delay_ms" integer, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_db_blob_auditing_policies_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_devops_audit_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "created_by" text, + "created_by_type" text, + "created_at_time" timestamp without time zone, + "last_modified_by" text, + "last_modified_by_type" text, + "last_modified_at_time" timestamp without time zone, + "is_azure_monitor_target_enabled" boolean, + "state" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "storage_account_subscription_id" uuid, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_devops_audit_settings_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_sql_server_vulnerability_assessments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "server_cq_id" uuid, + "storage_container_path" text, + "storage_container_sas_key" text, + "storage_account_access_key" text, + "recurring_scans_is_enabled" boolean, + "recurring_scans_email_subscription_admins" boolean, + "recurring_scans_emails" text[], + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_vulnerability_assessments_pk PRIMARY KEY(server_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (server_cq_id) REFERENCES azure_sql_servers(cq_id) ON DELETE CASCADE +); + +-- Resource: storage.accounts +CREATE TABLE IF NOT EXISTS "azure_storage_accounts" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "sku_name" text, + "sku_tier" text, + "kind" text, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + "provisioning_state" text, + "primary_endpoints_blob" text, + "primary_endpoints_queue" text, + "primary_endpoints_table" text, + "primary_endpoints_file" text, + "primary_endpoints_web" text, + "primary_endpoints_dfs" text, + "primary_endpoints_microsoft_endpoints_blob" text, + "primary_endpoints_microsoft_endpoints_queue" text, + "primary_endpoints_microsoft_endpoints_table" text, + "primary_endpoints_microsoft_endpoints_file" text, + "primary_endpoints_microsoft_endpoints_web" text, + "primary_endpoints_microsoft_endpoints_dfs" text, + "primary_endpoints_internet_endpoints_blob" text, + "primary_endpoints_internet_endpoints_file" text, + "primary_endpoints_internet_endpoints_web" text, + "primary_endpoints_internet_endpoints_dfs" text, + "primary_location" text, + "status_of_primary" text, + "last_geo_failover_time" timestamp without time zone, + "secondary_location" text, + "status_of_secondary" text, + "creation_time" timestamp without time zone, + "custom_domain_name" text, + "custom_domain_use_sub_domain_name" boolean, + "secondary_endpoints_blob" text, + "secondary_endpoints_queue" text, + "secondary_endpoints_table" text, + "secondary_endpoints_file" text, + "secondary_endpoints_web" text, + "secondary_endpoints_dfs" text, + "secondary_endpoints_microsoft_endpoints_blob" text, + "secondary_endpoints_microsoft_endpoints_queue" text, + "secondary_endpoints_microsoft_endpoints_table" text, + "secondary_endpoints_microsoft_endpoints_file" text, + "secondary_endpoints_microsoft_endpoints_web" text, + "secondary_endpoints_microsoft_endpoints_dfs" text, + "secondary_endpoints_internet_endpoints_blob" text, + "secondary_endpoints_internet_endpoints_file" text, + "secondary_endpoints_internet_endpoints_web" text, + "secondary_endpoints_internet_endpoints_dfs" text, + "encryption_services_blob_enabled" boolean, + "encryption_services_blob_last_enabled_time" timestamp without time zone, + "encryption_services_blob_key_type" text, + "encryption_services_file_enabled" boolean, + "encryption_services_file_last_enabled_time" timestamp without time zone, + "encryption_services_file_key_type" text, + "encryption_services_table_enabled" boolean, + "encryption_services_table_last_enabled_time" timestamp without time zone, + "encryption_services_table_key_type" text, + "encryption_services_queue_enabled" boolean, + "encryption_services_queue_last_enabled_time" timestamp without time zone, + "encryption_services_queue_key_type" text, + "encryption_key_source" text, + "encryption_require_infrastructure_encryption" boolean, + "encryption_key_vault_properties_key_name" text, + "encryption_key_vault_properties_key_version" text, + "encryption_key_vault_properties_key_vault_uri" text, + "encryption_key_current_versioned_key_identifier" text, + "encryption_key_last_key_rotation_timestamp_time" timestamp without time zone, + "access_tier" text, + "files_identity_auth_directory_service_options" text, + "files_identity_auth_ad_properties_domain_name" text, + "files_identity_auth_ad_properties_net_bios_domain_name" text, + "files_identity_auth_ad_properties_forest_name" text, + "files_identity_auth_ad_properties_domain_guid" text, + "files_identity_auth_ad_properties_net_bios_domain_sid" text, + "files_identity_auth_ad_properties_azure_storage_sid" text, + "enable_https_traffic_only" boolean, + "network_rule_set_bypass" text, + "network_rule_set_default_action" text, + "is_hns_enabled" boolean, + "geo_replication_stats_status" text, + "geo_replication_stats_last_sync_time" timestamp without time zone, + "geo_replication_stats_can_failover" boolean, + "failover_in_progress" boolean, + "large_file_shares_state" text, + "routing_preference_routing_choice" text, + "routing_preference_publish_microsoft_endpoints" boolean, + "routing_preference_publish_internet_endpoints" boolean, + "blob_restore_status" text, + "blob_restore_status_failure_reason" text, + "blob_restore_status_restore_id" text, + "blob_restore_status_parameters_time_to_restore_time" timestamp without time zone, + "blob_restore_status_parameters_blob_ranges" jsonb, + "allow_blob_public_access" boolean, + "minimum_tls_version" text, + "tags" jsonb, + "location" text, + "id" text, + "name" text, + "type" text, + "blob_logging_settings" jsonb, + "queue_logging_settings" jsonb, + CONSTRAINT azure_storage_accounts_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_storage_account_network_rule_set_virtual_network_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "account_cq_id" uuid, + "virtual_network_resource_id" text, + "action" text, + "state" text, + CONSTRAINT azure_storage_account_network_rule_set_virtual_network_rules_pk PRIMARY KEY(account_cq_id,virtual_network_resource_id), + UNIQUE(cq_id), + FOREIGN KEY (account_cq_id) REFERENCES azure_storage_accounts(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_storage_account_network_rule_set_ip_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "account_cq_id" uuid, + "ip_address_or_range" text, + "action" text, + CONSTRAINT azure_storage_account_network_rule_set_ip_rules_pk PRIMARY KEY(account_cq_id,ip_address_or_range), + UNIQUE(cq_id), + FOREIGN KEY (account_cq_id) REFERENCES azure_storage_accounts(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_storage_account_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "account_cq_id" uuid, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_action_required" text, + "provisioning_state" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_storage_account_private_endpoint_connections_pk PRIMARY KEY(account_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (account_cq_id) REFERENCES azure_storage_accounts(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_storage_containers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "account_id" text, + "account_cq_id" uuid, + "version" text, + "deleted" boolean, + "deleted_time" timestamp without time zone, + "remaining_retention_days" integer, + "default_encryption_scope" text, + "deny_encryption_scope_override" boolean, + "public_access" text, + "last_modified_time" timestamp without time zone, + "lease_status" text, + "lease_state" text, + "lease_duration" text, + "metadata" jsonb, + "immutability_policy" jsonb, + "legal_hold" jsonb, + "has_legal_hold" boolean, + "has_immutability_policy" boolean, + "etag" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_storage_containers_pk PRIMARY KEY(account_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (account_cq_id) REFERENCES azure_storage_accounts(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_storage_blob_services" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "account_cq_id" uuid, + "default_service_version" text, + "delete_retention_policy_enabled" boolean, + "delete_retention_policy_days" integer, + "is_versioning_enabled" boolean, + "automatic_snapshot_policy_enabled" boolean, + "change_feed_enabled" boolean, + "change_feed_retention_in_days" integer, + "restore_policy_enabled" boolean, + "restore_policy_days" integer, + "restore_policy_last_enabled_time" timestamp without time zone, + "restore_policy_min_restore_time" timestamp without time zone, + "container_delete_retention_policy_enabled" boolean, + "container_delete_retention_policy_days" integer, + "last_access_time_tracking_policy_enable" boolean, + "last_access_time_tracking_policy_name" text, + "last_access_time_tracking_policy_tracking_granularity_in_days" integer, + "last_access_time_tracking_policy_blob_type" text[], + "sku_name" text, + "sku_tier" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_storage_blob_services_pk PRIMARY KEY(account_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (account_cq_id) REFERENCES azure_storage_accounts(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_storage_blob_service_cors_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "blob_service_cq_id" uuid, + "blob_service_id" text, + "allowed_origins" text[], + "allowed_methods" text[], + "max_age_in_seconds" integer, + "exposed_headers" text[], + "allowed_headers" text[], + CONSTRAINT azure_storage_blob_service_cors_rules_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (blob_service_cq_id) REFERENCES azure_storage_blob_services(cq_id) ON DELETE CASCADE +); + +-- Resource: subscription.subscriptions +CREATE TABLE IF NOT EXISTS "azure_subscription_subscriptions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "id" text, + "subscription_id" text, + "display_name" text, + "state" text, + "location_placement_id" text, + "quota_id" text, + "spending_limit" text, + "authorization_source" text, + CONSTRAINT azure_subscription_subscriptions_pk PRIMARY KEY(id), + UNIQUE(cq_id) +); + +-- Resource: web.apps +CREATE TABLE IF NOT EXISTS "azure_web_apps" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "subscription_id" text, + "state" text, + "host_names" text[], + "repository_site_name" text, + "usage_state" text, + "enabled" boolean, + "enabled_host_names" text[], + "availability_state" text, + "server_farm_id" text, + "reserved" boolean, + "is_xenon" boolean, + "hyper_v" boolean, + "last_modified_time_utc_time" timestamp without time zone, + "site_config" jsonb, + "traffic_manager_host_names" text[], + "scm_site_also_stopped" boolean, + "target_swap_slot" text, + "hosting_environment_profile_id" text, + "hosting_environment_profile_name" text, + "hosting_environment_profile_type" text, + "client_affinity_enabled" boolean, + "client_cert_enabled" boolean, + "client_cert_mode" text, + "client_cert_exclusion_paths" text, + "host_names_disabled" boolean, + "custom_domain_verification_id" text, + "outbound_ip_addresses" text, + "possible_outbound_ip_addresses" text, + "container_size" integer, + "daily_memory_time_quota" integer, + "suspended_till_time" timestamp without time zone, + "max_number_of_workers" integer, + "cloning_info_correlation_id" uuid, + "cloning_info_overwrite" boolean, + "cloning_info_clone_custom_host_names" boolean, + "cloning_info_clone_source_control" boolean, + "cloning_info_source_web_app_id" text, + "cloning_info_source_web_app_location" text, + "cloning_info_hosting_environment" text, + "cloning_info_app_settings_overrides" jsonb, + "cloning_info_configure_load_balancing" boolean, + "cloning_info_traffic_manager_profile_id" text, + "cloning_info_traffic_manager_profile_name" text, + "resource_group" text, + "is_default_container" boolean, + "default_host_name" text, + "slot_swap_status_timestamp_utc_time" timestamp without time zone, + "slot_swap_status_source_slot_name" text, + "slot_swap_status_destination_slot_name" text, + "key_vault_reference_identity" text, + "https_only" boolean, + "redundancy_mode" text, + "in_progress_operation_id" uuid, + "storage_account_required" boolean, + "identity_type" text, + "identity_tenant_id" text, + "identity_principal_id" text, + "identity_user_assigned_identities" jsonb, + "id" text, + "name" text, + "kind" text, + "location" text, + "type" text, + "tags" jsonb, + CONSTRAINT azure_web_apps_pk PRIMARY KEY(subscription_id,id), + UNIQUE(cq_id) +); +CREATE TABLE IF NOT EXISTS "azure_web_app_host_name_ssl_states" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "app_cq_id" uuid, + "name" text, + "ssl_state" text, + "virtual_ip" text, + "thumbprint" text, + "to_update" boolean, + "host_type" text, + CONSTRAINT azure_web_app_host_name_ssl_states_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (app_cq_id) REFERENCES azure_web_apps(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_web_app_publishing_profiles" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "app_cq_id" uuid, + "publish_url" text, + "user_name" text, + "user_pwd" text, + CONSTRAINT azure_web_app_publishing_profiles_pk PRIMARY KEY(cq_id), + UNIQUE(cq_id), + FOREIGN KEY (app_cq_id) REFERENCES azure_web_apps(cq_id) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS "azure_web_app_auth_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "app_cq_id" uuid, + "app_id" text, + "enabled" boolean, + "runtime_version" text, + "config_version" text, + "unauthenticated_client_action" text, + "token_store_enabled" boolean, + "allowed_external_redirect_urls" text[], + "default_provider" text, + "token_refresh_extension_hours" float, + "client_id" text, + "client_secret" text, + "client_secret_setting_name" text, + "client_secret_certificate_thumbprint" text, + "issuer" text, + "validate_issuer" boolean, + "allowed_audiences" text[], + "additional_login_params" text[], + "aad_claims_authorization" text, + "google_client_id" text, + "google_client_secret" text, + "google_client_secret_setting_name" text, + "google_oauth_scopes" text[], + "facebook_app_id" text, + "facebook_app_secret" text, + "facebook_app_secret_setting_name" text, + "facebook_oauth_scopes" text[], + "git_hub_client_id" text, + "git_hub_client_secret" text, + "git_hub_client_secret_setting_name" text, + "git_hub_oauth_scopes" text[], + "twitter_consumer_key" text, + "twitter_consumer_secret" text, + "twitter_consumer_secret_setting_name" text, + "microsoft_account_client_id" text, + "microsoft_account_client_secret" text, + "microsoft_account_client_secret_setting_name" text, + "microsoft_account_oauth_scopes" text[], + "is_auth_from_file" text, + "auth_file_path" text, + "id" text, + "name" text, + "kind" text, + "type" text, + CONSTRAINT azure_web_app_auth_settings_pk PRIMARY KEY(app_cq_id,id), + UNIQUE(cq_id), + FOREIGN KEY (app_cq_id) REFERENCES azure_web_apps(cq_id) ON DELETE CASCADE +); diff --git a/resources/provider/migrations/timescale/4_v0.4.0.down.sql b/resources/provider/migrations/timescale/4_v0.4.0.down.sql new file mode 100644 index 00000000..6b6269f3 --- /dev/null +++ b/resources/provider/migrations/timescale/4_v0.4.0.down.sql @@ -0,0 +1,128 @@ +-- Autogenerated by migration tool on 2022-01-20 11:53:40 + +-- Resource: authorization.role_assignments +DROP TABLE IF EXISTS azure_authorization_role_assignments; + +-- Resource: authorization.role_definitions +DROP TABLE IF EXISTS azure_authorization_role_definition_permissions; +DROP TABLE IF EXISTS azure_authorization_role_definitions; + +-- Resource: compute.disks +DROP TABLE IF EXISTS azure_compute_disk_encryption_settings; +DROP TABLE IF EXISTS azure_compute_disks; + +-- Resource: compute.virtual_machines +DROP TABLE IF EXISTS azure_compute_virtual_machine_win_config_rm_listeners; +DROP TABLE IF EXISTS azure_compute_virtual_machine_secret_vault_certificates; +DROP TABLE IF EXISTS azure_compute_virtual_machine_secrets; +DROP TABLE IF EXISTS azure_compute_virtual_machine_resources; +DROP TABLE IF EXISTS azure_compute_virtual_machine_network_interfaces; +DROP TABLE IF EXISTS azure_compute_virtual_machines; + +-- Resource: container.managed_clusters +DROP TABLE IF EXISTS azure_container_managed_cluster_pip_user_assigned_id_exceptions; +DROP TABLE IF EXISTS azure_container_managed_cluster_private_link_resources; +DROP TABLE IF EXISTS azure_container_managed_cluster_agent_pool_profiles; +DROP TABLE IF EXISTS azure_container_managed_cluster_pip_user_assigned_identities; +DROP TABLE IF EXISTS azure_container_managed_clusters; + +-- Resource: keyvault.vaults +DROP TABLE IF EXISTS azure_keyvault_vault_access_policies; +DROP TABLE IF EXISTS azure_keyvault_vault_private_endpoint_connections; +DROP TABLE IF EXISTS azure_keyvault_vault_keys; +DROP TABLE IF EXISTS azure_keyvault_vault_secrets; +DROP TABLE IF EXISTS azure_keyvault_vaults; + +-- Resource: monitor.activity_log_alerts +DROP TABLE IF EXISTS azure_monitor_activity_log_alert_conditions; +DROP TABLE IF EXISTS azure_monitor_activity_log_alert_action_groups; +DROP TABLE IF EXISTS azure_monitor_activity_log_alerts; + +-- Resource: monitor.activity_logs +DROP TABLE IF EXISTS azure_monitor_activity_logs; + +-- Resource: monitor.diagnostic_settings +DROP TABLE IF EXISTS azure_monitor_diagnostic_setting_metrics; +DROP TABLE IF EXISTS azure_monitor_diagnostic_setting_logs; +DROP TABLE IF EXISTS azure_monitor_diagnostic_settings; + +-- Resource: monitor.log_profiles +DROP TABLE IF EXISTS azure_monitor_log_profiles; + +-- Resource: mysql.servers +DROP TABLE IF EXISTS azure_mysql_server_private_endpoint_connections; +DROP TABLE IF EXISTS azure_mysql_server_configurations; +DROP TABLE IF EXISTS azure_mysql_servers; + +-- Resource: network.public_ip_addresses +DROP TABLE IF EXISTS azure_network_public_ip_addresses; + +-- Resource: network.security_groups +DROP TABLE IF EXISTS azure_network_security_group_security_rules; +DROP TABLE IF EXISTS azure_network_security_group_flow_logs; +DROP TABLE IF EXISTS azure_network_security_group_default_security_rules; +DROP TABLE IF EXISTS azure_network_security_groups; + +-- Resource: network.virtual_networks +DROP TABLE IF EXISTS azure_network_virtual_network_subnets; +DROP TABLE IF EXISTS azure_network_virtual_network_peerings; +DROP TABLE IF EXISTS azure_network_virtual_networks; + +-- Resource: network.watchers +DROP TABLE IF EXISTS azure_network_watchers; + +-- Resource: postgresql.servers +DROP TABLE IF EXISTS azure_postgresql_server_private_endpoint_connections; +DROP TABLE IF EXISTS azure_postgresql_server_configurations; +DROP TABLE IF EXISTS azure_postgresql_server_firewall_rules; +DROP TABLE IF EXISTS azure_postgresql_servers; + +-- Resource: resources.groups +DROP TABLE IF EXISTS azure_resources_groups; + +-- Resource: resources.policy_assignments +DROP TABLE IF EXISTS azure_resources_policy_assignments; + +-- Resource: security.auto_provisioning_settings +DROP TABLE IF EXISTS azure_security_auto_provisioning_settings; + +-- Resource: security.contacts +DROP TABLE IF EXISTS azure_security_contacts; + +-- Resource: security.pricings +DROP TABLE IF EXISTS azure_security_pricings; + +-- Resource: security.settings +DROP TABLE IF EXISTS azure_security_settings; + +-- Resource: sql.servers +DROP TABLE IF EXISTS azure_sql_database_db_blob_auditing_policies; +DROP TABLE IF EXISTS azure_sql_database_db_threat_detection_policies; +DROP TABLE IF EXISTS azure_sql_database_db_vulnerability_assessments; +DROP TABLE IF EXISTS azure_sql_databases; +DROP TABLE IF EXISTS azure_sql_server_encryption_protectors; +DROP TABLE IF EXISTS azure_sql_server_private_endpoint_connections; +DROP TABLE IF EXISTS azure_sql_server_firewall_rules; +DROP TABLE IF EXISTS azure_sql_server_admins; +DROP TABLE IF EXISTS azure_sql_server_db_blob_auditing_policies; +DROP TABLE IF EXISTS azure_sql_server_devops_audit_settings; +DROP TABLE IF EXISTS azure_sql_server_vulnerability_assessments; +DROP TABLE IF EXISTS azure_sql_servers; + +-- Resource: storage.accounts +DROP TABLE IF EXISTS azure_storage_account_network_rule_set_virtual_network_rules; +DROP TABLE IF EXISTS azure_storage_account_network_rule_set_ip_rules; +DROP TABLE IF EXISTS azure_storage_account_private_endpoint_connections; +DROP TABLE IF EXISTS azure_storage_containers; +DROP TABLE IF EXISTS azure_storage_blob_service_cors_rules; +DROP TABLE IF EXISTS azure_storage_blob_services; +DROP TABLE IF EXISTS azure_storage_accounts; + +-- Resource: subscription.subscriptions +DROP TABLE IF EXISTS azure_subscription_subscriptions; + +-- Resource: web.apps +DROP TABLE IF EXISTS azure_web_app_host_name_ssl_states; +DROP TABLE IF EXISTS azure_web_app_publishing_profiles; +DROP TABLE IF EXISTS azure_web_app_auth_settings; +DROP TABLE IF EXISTS azure_web_apps; diff --git a/resources/provider/migrations/timescale/4_v0.4.0.up.sql b/resources/provider/migrations/timescale/4_v0.4.0.up.sql new file mode 100644 index 00000000..3adf9d44 --- /dev/null +++ b/resources/provider/migrations/timescale/4_v0.4.0.up.sql @@ -0,0 +1,1926 @@ +-- Autogenerated by migration tool on 2022-01-20 11:53:40 + +-- Resource: authorization.role_assignments +CREATE TABLE IF NOT EXISTS "azure_authorization_role_assignments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "scope" text, + "role_definition_id" text, + "principal_id" text, + CONSTRAINT azure_authorization_role_assignments_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_authorization_role_assignments'); + +-- Resource: authorization.role_definitions +CREATE TABLE IF NOT EXISTS "azure_authorization_role_definitions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "role_name" text, + "description" text, + "role_type" text, + "assignable_scopes" text[], + CONSTRAINT azure_authorization_role_definitions_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_authorization_role_definitions'); +CREATE TABLE IF NOT EXISTS "azure_authorization_role_definition_permissions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "role_definition_cq_id" uuid, + "actions" text[], + "not_actions" text[], + CONSTRAINT azure_authorization_role_definition_permissions_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_authorization_role_definition_permissions (cq_fetch_date, role_definition_cq_id); +SELECT setup_tsdb_child('azure_authorization_role_definition_permissions', 'role_definition_cq_id', 'azure_authorization_role_definitions', 'cq_id'); + +-- Resource: compute.disks +CREATE TABLE IF NOT EXISTS "azure_compute_disks" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "managed_by" text, + "managed_by_extended" text[], + "sku_name" text, + "sku_tier" text, + "zones" text[], + "time_created" timestamp without time zone, + "os_type" text, + "hyperv_generation" text, + "creation_data_create_option" text, + "creation_data_storage_account_id" text, + "creation_data_image_reference_id" text, + "creation_data_image_reference_lun" integer, + "creation_data_gallery_image_reference_id" text, + "creation_data_gallery_image_reference_lun" integer, + "creation_data_source_uri" text, + "creation_data_source_resource_id" text, + "creation_data_source_unique_id" text, + "creation_data_upload_size_bytes" bigint, + "disk_size_gb" integer, + "disk_size_bytes" bigint, + "unique_id" text, + "encryption_settings_collection_enabled" boolean, + "encryption_settings_collection_encryption_settings_version" text, + "provisioning_state" text, + "disk_iops_read_write" bigint, + "disk_mbps_read_write" bigint, + "disk_iops_read_only" bigint, + "disk_mbps_read_only" bigint, + "disk_state" text, + "encryption_disk_encryption_set_id" text, + "encryption_type" text, + "max_shares" integer, + "share_info" text[], + "network_access_policy" text, + "disk_access_id" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_compute_disks_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_compute_disks'); +CREATE TABLE IF NOT EXISTS "azure_compute_disk_encryption_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "disk_cq_id" uuid, + "disk_encryption_key_source_vault_id" text, + "disk_encryption_key_secret_url" text, + "key_encryption_key_source_vault_id" text, + "key_encryption_key_key_url" text, + CONSTRAINT azure_compute_disk_encryption_settings_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_compute_disk_encryption_settings (cq_fetch_date, disk_cq_id); +SELECT setup_tsdb_child('azure_compute_disk_encryption_settings', 'disk_cq_id', 'azure_compute_disks', 'cq_id'); + +-- Resource: compute.virtual_machines +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machines" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "plan_name" text, + "plan_publisher" text, + "plan_product" text, + "plan_promotion_code" text, + "hardware_profile_vm_size" text, + "storage_profile" jsonb, + "additional_capabilities_ultra_ssd_enabled" boolean, + "computer_name" text, + "admin_username" text, + "admin_password" text, + "custom_data" text, + "windows_configuration_provision_vm_agent" boolean, + "windows_configuration_enable_automatic_updates" boolean, + "windows_configuration_time_zone" text, + "windows_configuration_additional_unattend_content" jsonb, + "windows_configuration_patch_settings_patch_mode" text, + "windows_configuration_patch_settings_enable_hotpatching" boolean, + "linux_configuration_disable_password_authentication" boolean, + "linux_configuration_ssh_public_keys" jsonb, + "linux_configuration_provision_vm_agent" boolean, + "linux_configuration_patch_settings_patch_mode" text, + "allow_extension_operations" boolean, + "require_guest_provision_signal" boolean, + "network_profile_network_interfaces" jsonb, + "security_profile_uefi_settings_secure_boot_enabled" boolean, + "security_profile_uefi_settings_v_tpm_enabled" boolean, + "security_profile_encryption_at_host" boolean, + "security_profile_security_type" text, + "diagnostics_profile_boot_diagnostics_enabled" boolean, + "diagnostics_profile_boot_diagnostics_storage_uri" text, + "availability_set_id" text, + "virtual_machine_scale_set_id" text, + "proximity_placement_group_id" text, + "priority" text, + "eviction_policy" text, + "billing_profile_max_price" float, + "host_id" text, + "host_group_id" text, + "provisioning_state" text, + "instance_view" jsonb, + "license_type" text, + "vm_id" text, + "extensions_time_budget" text, + "platform_fault_domain" integer, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + "identity_user_assigned_identities" jsonb, + "zones" text[], + "extended_location_name" text, + "extended_location_type" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_compute_virtual_machines_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_compute_virtual_machines'); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_win_config_rm_listeners" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "protocol" text, + "certificate_url" text, + CONSTRAINT azure_compute_virtual_machine_win_config_rm_listeners_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_compute_virtual_machine_win_config_rm_listeners (cq_fetch_date, virtual_machine_cq_id); +SELECT setup_tsdb_child('azure_compute_virtual_machine_win_config_rm_listeners', 'virtual_machine_cq_id', 'azure_compute_virtual_machines', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_secrets" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "source_vault_id" text, + CONSTRAINT azure_compute_virtual_machine_secrets_pk PRIMARY KEY(cq_fetch_date,virtual_machine_cq_id,source_vault_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_compute_virtual_machine_secrets (cq_fetch_date, virtual_machine_cq_id); +SELECT setup_tsdb_child('azure_compute_virtual_machine_secrets', 'virtual_machine_cq_id', 'azure_compute_virtual_machines', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_secret_vault_certificates" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_machine_secret_cq_id" uuid, + "certificate_url" text, + "certificate_store" text, + CONSTRAINT azure_compute_virtual_machine_secret_vault_certificates_pk PRIMARY KEY(cq_fetch_date,virtual_machine_secret_cq_id,certificate_url), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_compute_virtual_machine_secret_vault_certificates (cq_fetch_date, virtual_machine_secret_cq_id); +SELECT setup_tsdb_child('azure_compute_virtual_machine_secret_vault_certificates', 'virtual_machine_secret_cq_id', 'azure_compute_virtual_machine_secrets', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_resources" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "virtual_machine_extension_properties" jsonb, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_compute_virtual_machine_resources_pk PRIMARY KEY(cq_fetch_date,virtual_machine_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_compute_virtual_machine_resources (cq_fetch_date, virtual_machine_cq_id); +SELECT setup_tsdb_child('azure_compute_virtual_machine_resources', 'virtual_machine_cq_id', 'azure_compute_virtual_machines', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_compute_virtual_machine_network_interfaces" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_machine_cq_id" uuid, + "virtual_machine_id" text, + "network_interface_reference_properties_primary" boolean, + "id" text, + CONSTRAINT azure_compute_virtual_machine_network_interfaces_pk PRIMARY KEY(cq_fetch_date,virtual_machine_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_compute_virtual_machine_network_interfaces (cq_fetch_date, virtual_machine_cq_id); +SELECT setup_tsdb_child('azure_compute_virtual_machine_network_interfaces', 'virtual_machine_cq_id', 'azure_compute_virtual_machines', 'cq_id'); + +-- Resource: container.managed_clusters +CREATE TABLE IF NOT EXISTS "azure_container_managed_clusters" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "provisioning_state" text, + "power_state_code" text, + "max_agent_pools" integer, + "kubernetes_version" text, + "dns_prefix" text, + "fqdn_subdomain" text, + "fqdn" text, + "private_fqdn" text, + "azure_portal_fqdn" text, + "linux_profile_admin_username" text, + "windows_profile_admin_username" text, + "windows_profile_admin_password" text, + "windows_profile_license_type" text, + "windows_profile_enable_csi_proxy" boolean, + "service_principal_profile_client_id" text, + "service_principal_profile_secret" text, + "addon_profiles" jsonb, + "pod_identity_profile_enabled" boolean, + "pod_identity_profile_allow_network_plugin_kubenet" boolean, + "node_resource_group" text, + "enable_rbac" boolean, + "network_profile_network_plugin" text, + "network_profile_network_policy" text, + "network_profile_network_mode" text, + "network_profile_pod_cidr" text, + "network_profile_service_cidr" text, + "network_profile_dns_service_ip" text, + "network_profile_docker_bridge_cidr" text, + "network_profile_outbound_type" text, + "network_profile_load_balancer_sku" text, + "network_profile_load_balancer_managed_outbound_ips_count" integer, + "network_profile_load_balancer_outbound_ip_prefixes" text[], + "network_profile_load_balancer_outbound_ips" text[], + "network_profile_load_balancer_effective_outbound_ips" text[], + "network_profile_load_balancer_allocated_outbound_ports" integer, + "network_profile_load_balancer_idle_timeout" integer, + "aad_profile_managed" boolean, + "aad_profile_enable_azure_rbac" boolean, + "aad_profile_admin_group_object_ids" text[], + "aad_profile_client_app_id" text, + "aad_profile_server_app_id" text, + "aad_profile_server_app_secret" text, + "aad_profile_tenant_id" text, + "auto_upgrade_profile_upgrade_channel" text, + "auto_scaler_profile_expander" text, + "api_server_access_profile_authorized_ip_ranges" text[], + "api_server_access_profile_enable_private_cluster" boolean, + "api_server_access_profile_private_dns_zone" text, + "disk_encryption_set_id" text, + "identity_profile" jsonb, + "disable_local_accounts" boolean, + "http_proxy_config_http_proxy" text, + "http_proxy_config_https_proxy" text, + "http_proxy_config_no_proxy" text[], + "http_proxy_config_trusted_ca" text, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + "identity_user_assigned_identities" jsonb, + "sku_name" text, + "sku_tier" text, + "extended_location_name" text, + "extended_location_type" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_container_managed_clusters_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_container_managed_clusters'); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_pip_user_assigned_id_exceptions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "managed_cluster_cq_id" uuid, + "name" text, + "namespace" text, + "pod_labels" jsonb, + CONSTRAINT azure_container_managed_cluster_pip_user_assigned_id_excepti_pk PRIMARY KEY(cq_fetch_date,managed_cluster_cq_id,name), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_container_managed_cluster_pip_user_assigned_id_exceptions (cq_fetch_date, managed_cluster_cq_id); +SELECT setup_tsdb_child('azure_container_managed_cluster_pip_user_assigned_id_exceptions', 'managed_cluster_cq_id', 'azure_container_managed_clusters', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_private_link_resources" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "managed_cluster_cq_id" uuid, + "id" text, + "name" text, + "type" text, + "group_id" text, + "required_members" text[], + "private_link_service_id" text, + CONSTRAINT azure_container_managed_cluster_private_link_resources_pk PRIMARY KEY(cq_fetch_date,managed_cluster_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_container_managed_cluster_private_link_resources (cq_fetch_date, managed_cluster_cq_id); +SELECT setup_tsdb_child('azure_container_managed_cluster_private_link_resources', 'managed_cluster_cq_id', 'azure_container_managed_clusters', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_agent_pool_profiles" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "managed_cluster_cq_id" uuid, + "name" text, + "count" integer, + "vm_size" text, + "os_disk_size_gb" integer, + "os_disk_type" text, + "kubelet_disk_type" text, + "vnet_subnet_id" text, + "pod_subnet_id" text, + "max_pods" integer, + "os_type" text, + "os_sku" text, + "max_count" integer, + "min_count" integer, + "enable_auto_scaling" boolean, + "type" text, + "mode" text, + "orchestrator_version" text, + "node_image_version" text, + "upgrade_settings_max_surge" text, + "provisioning_state" text, + "power_state_code" text, + "availability_zones" text[], + "enable_node_public_ip" boolean, + "node_public_ip_prefix_id" text, + "scale_set_priority" text, + "scale_set_eviction_policy" text, + "spot_max_price" float, + "tags" jsonb, + "node_labels" jsonb, + "node_taints" text[], + "proximity_placement_group_id" text, + "kubelet_config_cpu_manager_policy" text, + "kubelet_config_cpu_cfs_quota" boolean, + "kubelet_config_cpu_cfs_quota_period" text, + "kubelet_config_image_gc_high_threshold" integer, + "kubelet_config_image_gc_low_threshold" integer, + "kubelet_config_topology_manager_policy" text, + "kubelet_config_allowed_unsafe_sysctls" text[], + "kubelet_config_fail_swap_on" boolean, + "kubelet_config_container_log_max_size_mb" integer, + "kubelet_config_container_log_max_files" integer, + "kubelet_config_pod_max_pids" integer, + "linux_os_config" jsonb, + "enable_encryption_at_host" boolean, + "enable_fips" boolean, + "gpu_instance_profile" text, + CONSTRAINT azure_container_managed_cluster_agent_pool_profiles_pk PRIMARY KEY(cq_fetch_date,managed_cluster_cq_id,name), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_container_managed_cluster_agent_pool_profiles (cq_fetch_date, managed_cluster_cq_id); +SELECT setup_tsdb_child('azure_container_managed_cluster_agent_pool_profiles', 'managed_cluster_cq_id', 'azure_container_managed_clusters', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_container_managed_cluster_pip_user_assigned_identities" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "managed_cluster_cq_id" uuid, + "name" text, + "namespace" text, + "binding_selector" text, + "identity_resource_id" text, + "identity_client_id" text, + "identity_object_id" text, + "provisioning_state" text, + CONSTRAINT azure_container_managed_cluster_pip_user_assigned_identities_pk PRIMARY KEY(cq_fetch_date,managed_cluster_cq_id,name), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_container_managed_cluster_pip_user_assigned_identities (cq_fetch_date, managed_cluster_cq_id); +SELECT setup_tsdb_child('azure_container_managed_cluster_pip_user_assigned_identities', 'managed_cluster_cq_id', 'azure_container_managed_clusters', 'cq_id'); + +-- Resource: keyvault.vaults +CREATE TABLE IF NOT EXISTS "azure_keyvault_vaults" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + "tenant_id" uuid, + "sku_family" text, + "sku_name" text, + "vault_uri" text, + "enabled_for_deployment" boolean, + "enabled_for_disk_encryption" boolean, + "enabled_for_template_deployment" boolean, + "enable_soft_delete" boolean, + "soft_delete_retention_in_days" integer, + "enable_rbac_authorization" boolean, + "create_mode" text, + "enable_purge_protection" boolean, + "network_acls_bypass" text, + "network_acls_default_action" text, + "network_acls_ip_rules" text[], + "network_acls_virtual_network_rules" text[], + CONSTRAINT azure_keyvault_vaults_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_keyvault_vaults'); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_access_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "vault_cq_id" uuid, + "tenant_id" uuid, + "object_id" text, + "application_id" uuid, + "permissions_keys" text[], + "permissions_secrets" text[], + "permissions_certificates" text[], + "permissions_storage" text[], + CONSTRAINT azure_keyvault_vault_access_policies_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_keyvault_vault_access_policies (cq_fetch_date, vault_cq_id); +SELECT setup_tsdb_child('azure_keyvault_vault_access_policies', 'vault_cq_id', 'azure_keyvault_vaults', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "vault_cq_id" uuid, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_action_required" text, + "provisioning_state" text, + CONSTRAINT azure_keyvault_vault_private_endpoint_connections_pk PRIMARY KEY(cq_fetch_date,vault_cq_id,private_endpoint_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_keyvault_vault_private_endpoint_connections (cq_fetch_date, vault_cq_id); +SELECT setup_tsdb_child('azure_keyvault_vault_private_endpoint_connections', 'vault_cq_id', 'azure_keyvault_vaults', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_keys" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "vault_cq_id" uuid, + "kid" text, + "recoverable_days" integer, + "recovery_level" text, + "enabled" boolean, + "not_before" timestamp without time zone, + "expires" timestamp without time zone, + "created" timestamp without time zone, + "updated" timestamp without time zone, + "tags" jsonb, + "managed" boolean, + CONSTRAINT azure_keyvault_vault_keys_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_keyvault_vault_keys (cq_fetch_date, vault_cq_id); +SELECT setup_tsdb_child('azure_keyvault_vault_keys', 'vault_cq_id', 'azure_keyvault_vaults', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_keyvault_vault_secrets" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "vault_cq_id" uuid, + "id" text, + "recoverable_days" integer, + "recovery_level" text, + "enabled" boolean, + "not_before" timestamp without time zone, + "expires" timestamp without time zone, + "created" timestamp without time zone, + "updated" timestamp without time zone, + "tags" jsonb, + "content_type" text, + "managed" boolean, + CONSTRAINT azure_keyvault_vault_secrets_pk PRIMARY KEY(cq_fetch_date,vault_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_keyvault_vault_secrets (cq_fetch_date, vault_cq_id); +SELECT setup_tsdb_child('azure_keyvault_vault_secrets', 'vault_cq_id', 'azure_keyvault_vaults', 'cq_id'); + +-- Resource: monitor.activity_log_alerts +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_log_alerts" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "scopes" text[], + "enabled" boolean, + "description" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_monitor_activity_log_alerts_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_monitor_activity_log_alerts'); +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_log_alert_conditions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "activity_log_alert_cq_id" uuid, + "activity_log_alert_id" text, + "field" text, + "equals" text, + CONSTRAINT azure_monitor_activity_log_alert_conditions_pk PRIMARY KEY(cq_fetch_date,activity_log_alert_cq_id,field), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_monitor_activity_log_alert_conditions (cq_fetch_date, activity_log_alert_cq_id); +SELECT setup_tsdb_child('azure_monitor_activity_log_alert_conditions', 'activity_log_alert_cq_id', 'azure_monitor_activity_log_alerts', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_log_alert_action_groups" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "activity_log_alert_cq_id" uuid, + "activity_log_alert_id" text, + "action_group_id" text, + "webhook_properties" jsonb, + CONSTRAINT azure_monitor_activity_log_alert_action_groups_pk PRIMARY KEY(cq_fetch_date,activity_log_alert_cq_id,action_group_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_monitor_activity_log_alert_action_groups (cq_fetch_date, activity_log_alert_cq_id); +SELECT setup_tsdb_child('azure_monitor_activity_log_alert_action_groups', 'activity_log_alert_cq_id', 'azure_monitor_activity_log_alerts', 'cq_id'); + +-- Resource: monitor.activity_logs +CREATE TABLE IF NOT EXISTS "azure_monitor_activity_logs" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "authorization_action" text, + "authorization_role" text, + "authorization_scope" text, + "claims" jsonb, + "caller" text, + "description" text, + "id" text, + "event_data_id" text, + "correlation_id" text, + "event_name_value" text, + "event_name_localized_value" text, + "category_value" text, + "category_localized_value" text, + "http_request_client_request_id" text, + "http_request_client_ip_address" text, + "http_request_method" text, + "http_request_uri" text, + "level" text, + "resource_group_name" text, + "resource_provider_name_value" text, + "resource_provider_name_localized_value" text, + "resource_id" text, + "resource_type_value" text, + "resource_type_localized_value" text, + "operation_id" text, + "operation_name_value" text, + "operation_name_localized_value" text, + "properties" jsonb, + "status_value" text, + "status_localized_value" text, + "sub_status_value" text, + "sub_status_localized_value" text, + "event_timestamp_time" timestamp without time zone, + "submission_timestamp_time" timestamp without time zone, + "subscription_id" text, + "tenant_id" text, + CONSTRAINT azure_monitor_activity_logs_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_monitor_activity_logs'); + +-- Resource: monitor.diagnostic_settings +CREATE TABLE IF NOT EXISTS "azure_monitor_diagnostic_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "storage_account_id" text, + "service_bus_rule_id" text, + "event_hub_authorization_rule_id" text, + "event_hub_name" text, + "workspace_id" text, + "log_analytics_destination_type" text, + "id" text, + "name" text, + "type" text, + "resource_uri" text, + CONSTRAINT azure_monitor_diagnostic_settings_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_monitor_diagnostic_settings'); +CREATE TABLE IF NOT EXISTS "azure_monitor_diagnostic_setting_metrics" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "diagnostic_setting_cq_id" uuid, + "diagnostic_setting_id" text, + "time_grain" text, + "category" text, + "enabled" boolean, + "retention_policy_enabled" boolean, + "retention_policy_days" integer, + CONSTRAINT azure_monitor_diagnostic_setting_metrics_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_monitor_diagnostic_setting_metrics (cq_fetch_date, diagnostic_setting_cq_id); +SELECT setup_tsdb_child('azure_monitor_diagnostic_setting_metrics', 'diagnostic_setting_cq_id', 'azure_monitor_diagnostic_settings', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_monitor_diagnostic_setting_logs" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "diagnostic_setting_cq_id" uuid, + "diagnostic_setting_id" text, + "category" text, + "enabled" boolean, + "retention_policy_enabled" boolean, + "retention_policy_days" integer, + CONSTRAINT azure_monitor_diagnostic_setting_logs_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_monitor_diagnostic_setting_logs (cq_fetch_date, diagnostic_setting_cq_id); +SELECT setup_tsdb_child('azure_monitor_diagnostic_setting_logs', 'diagnostic_setting_cq_id', 'azure_monitor_diagnostic_settings', 'cq_id'); + +-- Resource: monitor.log_profiles +CREATE TABLE IF NOT EXISTS "azure_monitor_log_profiles" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "storage_account_id" text, + "service_bus_rule_id" text, + "locations" text[], + "categories" text[], + "retention_policy_enabled" boolean, + "retention_policy_days" integer, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_monitor_log_profiles_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_monitor_log_profiles'); + +-- Resource: mysql.servers +CREATE TABLE IF NOT EXISTS "azure_mysql_servers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "identity_principal_id" uuid, + "identity_type" text, + "identity_tenant_id" uuid, + "sku_name" text, + "sku_tier" text, + "sku_capacity" integer, + "sku_size" text, + "sku_family" text, + "administrator_login" text, + "version" text, + "ssl_enforcement" text, + "minimal_tls_version" text, + "byok_enforcement" text, + "infrastructure_encryption" text, + "user_visible_state" text, + "fully_qualified_domain_name" text, + "earliest_restore_date_time" timestamp without time zone, + "storage_profile_backup_retention_days" integer, + "storage_profile_geo_redundant_backup" text, + "storage_profile_storage_mb" integer, + "storage_profile_storage_autogrow" text, + "replication_role" text, + "master_server_id" text, + "replica_capacity" integer, + "public_network_access" text, + "tags" jsonb, + "location" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_mysql_servers_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_mysql_servers'); +CREATE TABLE IF NOT EXISTS "azure_mysql_server_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "id" text, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_actions_required" text, + "provisioning_state" text, + CONSTRAINT azure_mysql_server_private_endpoint_connections_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_mysql_server_private_endpoint_connections (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_mysql_server_private_endpoint_connections', 'server_cq_id', 'azure_mysql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_mysql_server_configurations" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "value" text, + "description" text, + "default_value" text, + "data_type" text, + "allowed_values" text, + "source" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_mysql_server_configurations_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_mysql_server_configurations (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_mysql_server_configurations', 'server_cq_id', 'azure_mysql_servers', 'cq_id'); + +-- Resource: network.public_ip_addresses +CREATE TABLE IF NOT EXISTS "azure_network_public_ip_addresses" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "extended_location_name" text, + "extended_location_type" text, + "sku_name" text, + "sku_tier" text, + "public_ip_allocation_method" text, + "public_ip_address_version" text, + "ip_configuration" jsonb, + "dns_settings_domain_name_label" text, + "dns_settings_fqdn" text, + "dns_settings_reverse_fqdn" text, + "ddos_settings_ddos_custom_policy_id" text, + "ddos_settings_protection_coverage" text, + "ddos_settings_protected_ip" boolean, + "ip_tags" jsonb, + "ip_address" inet, + "public_ip_prefix_id" text, + "idle_timeout_in_minutes" integer, + "resource_guid" text, + "provisioning_state" text, + "service_public_ip_address" jsonb, + "nat_gateway" jsonb, + "migration_phase" text, + "linked_public_ip_address" jsonb, + "etag" text, + "zones" text[], + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_public_ip_addresses_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_network_public_ip_addresses'); + +-- Resource: network.security_groups +CREATE TABLE IF NOT EXISTS "azure_network_security_groups" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "resource_guid" text, + "provisioning_state" text, + "etag" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_security_groups_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_network_security_groups'); +CREATE TABLE IF NOT EXISTS "azure_network_security_group_security_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "security_group_cq_id" uuid, + "description" text, + "protocol" text, + "source_port_range" text, + "destination_port_range" text, + "source_address_prefix" text, + "source_address_prefixes" text[], + "destination_address_prefix" text, + "destination_address_prefixes" text[], + "source_port_ranges" text[], + "destination_port_ranges" text[], + "access" text, + "priority" integer, + "direction" text, + "provisioning_state" text, + "name" text, + "etag" text, + "type" text, + "id" text, + CONSTRAINT azure_network_security_group_security_rules_pk PRIMARY KEY(cq_fetch_date,security_group_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_network_security_group_security_rules (cq_fetch_date, security_group_cq_id); +SELECT setup_tsdb_child('azure_network_security_group_security_rules', 'security_group_cq_id', 'azure_network_security_groups', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_network_security_group_flow_logs" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "security_group_cq_id" uuid, + "target_resource_id" text, + "target_resource_guid" text, + "storage_id" text, + "enabled" boolean, + "retention_policy_days" integer, + "retention_policy_enabled" boolean, + "format_type" text, + "format_version" integer, + "flow_analytics_configuration_enabled" boolean, + "flow_analytics_configuration_workspace_id" text, + "flow_analytics_configuration_workspace_region" text, + "flow_analytics_configuration_workspace_resource_id" text, + "flow_analytics_configuration_traffic_analytics_interval" integer, + "provisioning_state" text, + "etag" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_security_group_flow_logs_pk PRIMARY KEY(cq_fetch_date,security_group_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_network_security_group_flow_logs (cq_fetch_date, security_group_cq_id); +SELECT setup_tsdb_child('azure_network_security_group_flow_logs', 'security_group_cq_id', 'azure_network_security_groups', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_network_security_group_default_security_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "security_group_cq_id" uuid, + "description" text, + "protocol" text, + "source_port_range" text, + "destination_port_range" text, + "source_address_prefix" text, + "source_address_prefixes" text[], + "destination_address_prefix" text, + "destination_address_prefixes" text[], + "source_port_ranges" text[], + "destination_port_ranges" text[], + "access" text, + "priority" integer, + "direction" text, + "provisioning_state" text, + "name" text, + "etag" text, + "type" text, + "id" text, + CONSTRAINT azure_network_security_group_default_security_rules_pk PRIMARY KEY(cq_fetch_date,security_group_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_network_security_group_default_security_rules (cq_fetch_date, security_group_cq_id); +SELECT setup_tsdb_child('azure_network_security_group_default_security_rules', 'security_group_cq_id', 'azure_network_security_groups', 'cq_id'); + +-- Resource: network.virtual_networks +CREATE TABLE IF NOT EXISTS "azure_network_virtual_networks" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "extended_location_name" text, + "extended_location_type" text, + "address_space_address_prefixes" text[], + "dhcp_options_dns_servers" inet[], + "resource_guid" text, + "provisioning_state" text, + "enable_ddos_protection" boolean, + "enable_vm_protection" boolean, + "ddos_protection_plan_id" text, + "bgp_communities_virtual_network_community" text, + "bgp_communities_regional_community" text, + "ip_allocations" text[], + "etag" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_virtual_networks_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_network_virtual_networks'); +CREATE TABLE IF NOT EXISTS "azure_network_virtual_network_subnets" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_network_cq_id" uuid, + "address_prefix" text, + "address_prefixes" text[], + "security_group_properties_format_resource_guid" text, + "security_group_properties_format_provisioning_state" text, + "network_security_group_etag" text, + "network_security_group_id" text, + "network_security_group_name" text, + "network_security_group_type" text, + "network_security_group_location" text, + "network_security_group_tags" jsonb, + "route_table_disable_bgp_route_propagation" boolean, + "route_table_provisioning_state" text, + "route_table_resource_guid" text, + "route_table_etag" text, + "route_table_id" text, + "route_table_name" text, + "route_table_type" text, + "route_table_location" text, + "route_table_tags" jsonb, + "nat_gateway_id" text, + "purpose" text, + "provisioning_state" text, + "private_endpoint_network_policies" text, + "private_link_service_network_policies" text, + "name" text, + "etag" text, + "id" text, + CONSTRAINT azure_network_virtual_network_subnets_pk PRIMARY KEY(cq_fetch_date,virtual_network_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_network_virtual_network_subnets (cq_fetch_date, virtual_network_cq_id); +SELECT setup_tsdb_child('azure_network_virtual_network_subnets', 'virtual_network_cq_id', 'azure_network_virtual_networks', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_network_virtual_network_peerings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "virtual_network_cq_id" uuid, + "allow_virtual_network_access" boolean, + "allow_forwarded_traffic" boolean, + "allow_gateway_transit" boolean, + "use_remote_gateways" boolean, + "remote_virtual_network_id" text, + "remote_address_space_address_prefixes" text[], + "remote_bgp_communities_virtual_network_community" text, + "remote_bgp_communities_regional_community" text, + "peering_state" text, + "provisioning_state" text, + "name" text, + "etag" text, + "id" text, + CONSTRAINT azure_network_virtual_network_peerings_pk PRIMARY KEY(cq_fetch_date,virtual_network_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_network_virtual_network_peerings (cq_fetch_date, virtual_network_cq_id); +SELECT setup_tsdb_child('azure_network_virtual_network_peerings', 'virtual_network_cq_id', 'azure_network_virtual_networks', 'cq_id'); + +-- Resource: network.watchers +CREATE TABLE IF NOT EXISTS "azure_network_watchers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "etag" text, + "provisioning_state" text, + "id" text, + "name" text, + "type" text, + "location" text, + "tags" jsonb, + CONSTRAINT azure_network_watchers_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_network_watchers'); + +-- Resource: postgresql.servers +CREATE TABLE IF NOT EXISTS "azure_postgresql_servers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "identity_principal_id" uuid, + "identity_type" text, + "identity_tenant_id" uuid, + "sku_name" text, + "sku_tier" text, + "sku_capacity" integer, + "sku_size" text, + "sku_family" text, + "administrator_login" text, + "version" text, + "ssl_enforcement" text, + "minimal_tls_version" text, + "byok_enforcement" text, + "infrastructure_encryption" text, + "user_visible_state" text, + "fully_qualified_domain_name" text, + "earliest_restore_date_time" timestamp without time zone, + "storage_profile_backup_retention_days" integer, + "storage_profile_geo_redundant_backup" text, + "storage_profile_storage_mb" integer, + "storage_profile_storage_autogrow" text, + "replication_role" text, + "master_server_id" text, + "replica_capacity" integer, + "public_network_access" text, + "tags" jsonb, + "location" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_postgresql_servers_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_postgresql_servers'); +CREATE TABLE IF NOT EXISTS "azure_postgresql_server_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "id" text, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_actions_required" text, + "provisioning_state" text, + CONSTRAINT azure_postgresql_server_private_endpoint_connections_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_postgresql_server_private_endpoint_connections (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_postgresql_server_private_endpoint_connections', 'server_cq_id', 'azure_postgresql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_postgresql_server_configurations" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "value" text, + "description" text, + "default_value" text, + "data_type" text, + "allowed_values" text, + "source" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_postgresql_server_configurations_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_postgresql_server_configurations (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_postgresql_server_configurations', 'server_cq_id', 'azure_postgresql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_postgresql_server_firewall_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "start_ip_address" text, + "end_ip_address" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_postgresql_server_firewall_rules_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_postgresql_server_firewall_rules (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_postgresql_server_firewall_rules', 'server_cq_id', 'azure_postgresql_servers', 'cq_id'); + +-- Resource: resources.groups +CREATE TABLE IF NOT EXISTS "azure_resources_groups" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "id" text, + "name" text, + "type" text, + "properties_provisioning_state" text, + "location" text, + "managed_by" text, + "tags" jsonb, + CONSTRAINT azure_resources_groups_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_resources_groups'); + +-- Resource: resources.policy_assignments +CREATE TABLE IF NOT EXISTS "azure_resources_policy_assignments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "display_name" text, + "policy_definition_id" text, + "scope" text, + "not_scopes" text[], + "parameters" jsonb, + "description" text, + "metadata" jsonb, + "enforcement_mode" text, + "id" text, + "type" text, + "name" text, + "sku_name" text, + "sku_tier" text, + "location" text, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + CONSTRAINT azure_resources_policy_assignments_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_resources_policy_assignments'); + +-- Resource: security.auto_provisioning_settings +CREATE TABLE IF NOT EXISTS "azure_security_auto_provisioning_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "auto_provision" text, + "id" text, + "name" text, + "resource_type" text, + CONSTRAINT azure_security_auto_provisioning_settings_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_security_auto_provisioning_settings'); + +-- Resource: security.contacts +CREATE TABLE IF NOT EXISTS "azure_security_contacts" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "email" text, + "phone" text, + "alert_notifications" text, + "alerts_to_admins" text, + "id" text, + "name" text, + "resource_type" text, + CONSTRAINT azure_security_contacts_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_security_contacts'); + +-- Resource: security.pricings +CREATE TABLE IF NOT EXISTS "azure_security_pricings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "pricing_properties_tier" text, + "pricing_properties_free_trial_remaining_time" text, + "id" text, + "name" text, + "resource_type" text, + CONSTRAINT azure_security_pricings_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_security_pricings'); + +-- Resource: security.settings +CREATE TABLE IF NOT EXISTS "azure_security_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "kind" text, + "id" text, + "name" text, + "resource_type" text, + "enabled" boolean, + CONSTRAINT azure_security_settings_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_security_settings'); + +-- Resource: sql.servers +CREATE TABLE IF NOT EXISTS "azure_sql_servers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "identity_principal_id" uuid, + "identity_type" text, + "identity_tenant_id" uuid, + "kind" text, + "administrator_login" text, + "administrator_login_password" text, + "version" text, + "state" text, + "fully_qualified_domain_name" text, + "minimal_tls_version" text, + "public_network_access" text, + "location" text, + "tags" jsonb, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_servers_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_sql_servers'); +CREATE TABLE IF NOT EXISTS "azure_sql_databases" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "sku_name" text, + "sku_tier" text, + "sku_size" text, + "sku_family" text, + "sku_capacity" integer, + "kind" text, + "managed_by" text, + "create_mode" text, + "collation" text, + "max_size_bytes" bigint, + "sample_name" text, + "elastic_pool_id" text, + "source_database_id" text, + "status" text, + "database_id" uuid, + "creation_date_time" timestamp without time zone, + "current_service_objective_name" text, + "requested_service_objective_name" text, + "default_secondary_location" text, + "failover_group_id" text, + "restore_point_in_time" timestamp without time zone, + "source_database_deletion_date_time" timestamp without time zone, + "recovery_services_recovery_point_id" text, + "long_term_retention_backup_resource_id" text, + "recoverable_database_id" text, + "restorable_dropped_database_id" text, + "catalog_collation" text, + "zone_redundant" boolean, + "license_type" text, + "max_log_size_bytes" bigint, + "earliest_restore_date_time" timestamp without time zone, + "read_scale" text, + "high_availability_replica_count" integer, + "secondary_type" text, + "current_sku_name" text, + "current_sku_tier" text, + "current_sku_size" text, + "current_sku_family" text, + "current_sku_capacity" integer, + "auto_pause_delay" integer, + "storage_account_type" text, + "min_capacity" float, + "paused_date_time" timestamp without time zone, + "resumed_date_time" timestamp without time zone, + "maintenance_configuration_id" text, + "location" text, + "tags" jsonb, + "id" text, + "name" text, + "type" text, + "transparent_data_encryption" jsonb, + CONSTRAINT azure_sql_databases_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_databases (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_databases', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_database_db_blob_auditing_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "database_cq_id" uuid, + "kind" text, + "state" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "retention_days" integer, + "audit_actions_and_groups" text[], + "storage_account_subscription_id" uuid, + "is_storage_secondary_key_in_use" boolean, + "is_azure_monitor_target_enabled" boolean, + "queue_delay_ms" integer, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_database_db_blob_auditing_policies_pk PRIMARY KEY(cq_fetch_date,database_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_database_db_blob_auditing_policies (cq_fetch_date, database_cq_id); +SELECT setup_tsdb_child('azure_sql_database_db_blob_auditing_policies', 'database_cq_id', 'azure_sql_databases', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_database_db_threat_detection_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "database_cq_id" uuid, + "location" text, + "kind" text, + "state" text, + "disabled_alerts" text, + "email_addresses" text, + "email_account_admins" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "retention_days" integer, + "use_server_default" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_database_db_threat_detection_policies_pk PRIMARY KEY(cq_fetch_date,database_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_database_db_threat_detection_policies (cq_fetch_date, database_cq_id); +SELECT setup_tsdb_child('azure_sql_database_db_threat_detection_policies', 'database_cq_id', 'azure_sql_databases', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_database_db_vulnerability_assessments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "database_cq_id" uuid, + "storage_container_path" text, + "storage_container_sas_key" text, + "storage_account_access_key" text, + "recurring_scans_is_enabled" boolean, + "recurring_scans_email_subscription_admins" boolean, + "recurring_scans_emails" text[], + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_database_db_vulnerability_assessments_pk PRIMARY KEY(cq_fetch_date,database_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_database_db_vulnerability_assessments (cq_fetch_date, database_cq_id); +SELECT setup_tsdb_child('azure_sql_database_db_vulnerability_assessments', 'database_cq_id', 'azure_sql_databases', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_encryption_protectors" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "kind" text, + "location" text, + "subregion" text, + "server_key_name" text, + "server_key_type" text, + "uri" text, + "thumbprint" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_encryption_protectors_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_encryption_protectors (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_encryption_protectors', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "id" text, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_actions_required" text, + "provisioning_state" text, + CONSTRAINT azure_sql_server_private_endpoint_connections_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_private_endpoint_connections (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_private_endpoint_connections', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_firewall_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "kind" text, + "location" text, + "start_ip_address" text, + "end_ip_address" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_firewall_rules_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_firewall_rules (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_firewall_rules', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_admins" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "administrator_type" text, + "login" text, + "sid" uuid, + "tenant_id" uuid, + "azure_ad_only_authentication" boolean, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_admins_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_admins (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_admins', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_db_blob_auditing_policies" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "state" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "retention_days" integer, + "audit_actions_and_groups" text[], + "storage_account_subscription_id" uuid, + "is_storage_secondary_key_in_use" boolean, + "is_azure_monitor_target_enabled" boolean, + "queue_delay_ms" integer, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_db_blob_auditing_policies_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_db_blob_auditing_policies (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_db_blob_auditing_policies', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_devops_audit_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "created_by" text, + "created_by_type" text, + "created_at_time" timestamp without time zone, + "last_modified_by" text, + "last_modified_by_type" text, + "last_modified_at_time" timestamp without time zone, + "is_azure_monitor_target_enabled" boolean, + "state" text, + "storage_endpoint" text, + "storage_account_access_key" text, + "storage_account_subscription_id" uuid, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_devops_audit_settings_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_devops_audit_settings (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_devops_audit_settings', 'server_cq_id', 'azure_sql_servers', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_sql_server_vulnerability_assessments" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "server_cq_id" uuid, + "storage_container_path" text, + "storage_container_sas_key" text, + "storage_account_access_key" text, + "recurring_scans_is_enabled" boolean, + "recurring_scans_email_subscription_admins" boolean, + "recurring_scans_emails" text[], + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_sql_server_vulnerability_assessments_pk PRIMARY KEY(cq_fetch_date,server_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_sql_server_vulnerability_assessments (cq_fetch_date, server_cq_id); +SELECT setup_tsdb_child('azure_sql_server_vulnerability_assessments', 'server_cq_id', 'azure_sql_servers', 'cq_id'); + +-- Resource: storage.accounts +CREATE TABLE IF NOT EXISTS "azure_storage_accounts" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "sku_name" text, + "sku_tier" text, + "kind" text, + "identity_principal_id" text, + "identity_tenant_id" text, + "identity_type" text, + "provisioning_state" text, + "primary_endpoints_blob" text, + "primary_endpoints_queue" text, + "primary_endpoints_table" text, + "primary_endpoints_file" text, + "primary_endpoints_web" text, + "primary_endpoints_dfs" text, + "primary_endpoints_microsoft_endpoints_blob" text, + "primary_endpoints_microsoft_endpoints_queue" text, + "primary_endpoints_microsoft_endpoints_table" text, + "primary_endpoints_microsoft_endpoints_file" text, + "primary_endpoints_microsoft_endpoints_web" text, + "primary_endpoints_microsoft_endpoints_dfs" text, + "primary_endpoints_internet_endpoints_blob" text, + "primary_endpoints_internet_endpoints_file" text, + "primary_endpoints_internet_endpoints_web" text, + "primary_endpoints_internet_endpoints_dfs" text, + "primary_location" text, + "status_of_primary" text, + "last_geo_failover_time" timestamp without time zone, + "secondary_location" text, + "status_of_secondary" text, + "creation_time" timestamp without time zone, + "custom_domain_name" text, + "custom_domain_use_sub_domain_name" boolean, + "secondary_endpoints_blob" text, + "secondary_endpoints_queue" text, + "secondary_endpoints_table" text, + "secondary_endpoints_file" text, + "secondary_endpoints_web" text, + "secondary_endpoints_dfs" text, + "secondary_endpoints_microsoft_endpoints_blob" text, + "secondary_endpoints_microsoft_endpoints_queue" text, + "secondary_endpoints_microsoft_endpoints_table" text, + "secondary_endpoints_microsoft_endpoints_file" text, + "secondary_endpoints_microsoft_endpoints_web" text, + "secondary_endpoints_microsoft_endpoints_dfs" text, + "secondary_endpoints_internet_endpoints_blob" text, + "secondary_endpoints_internet_endpoints_file" text, + "secondary_endpoints_internet_endpoints_web" text, + "secondary_endpoints_internet_endpoints_dfs" text, + "encryption_services_blob_enabled" boolean, + "encryption_services_blob_last_enabled_time" timestamp without time zone, + "encryption_services_blob_key_type" text, + "encryption_services_file_enabled" boolean, + "encryption_services_file_last_enabled_time" timestamp without time zone, + "encryption_services_file_key_type" text, + "encryption_services_table_enabled" boolean, + "encryption_services_table_last_enabled_time" timestamp without time zone, + "encryption_services_table_key_type" text, + "encryption_services_queue_enabled" boolean, + "encryption_services_queue_last_enabled_time" timestamp without time zone, + "encryption_services_queue_key_type" text, + "encryption_key_source" text, + "encryption_require_infrastructure_encryption" boolean, + "encryption_key_vault_properties_key_name" text, + "encryption_key_vault_properties_key_version" text, + "encryption_key_vault_properties_key_vault_uri" text, + "encryption_key_current_versioned_key_identifier" text, + "encryption_key_last_key_rotation_timestamp_time" timestamp without time zone, + "access_tier" text, + "files_identity_auth_directory_service_options" text, + "files_identity_auth_ad_properties_domain_name" text, + "files_identity_auth_ad_properties_net_bios_domain_name" text, + "files_identity_auth_ad_properties_forest_name" text, + "files_identity_auth_ad_properties_domain_guid" text, + "files_identity_auth_ad_properties_net_bios_domain_sid" text, + "files_identity_auth_ad_properties_azure_storage_sid" text, + "enable_https_traffic_only" boolean, + "network_rule_set_bypass" text, + "network_rule_set_default_action" text, + "is_hns_enabled" boolean, + "geo_replication_stats_status" text, + "geo_replication_stats_last_sync_time" timestamp without time zone, + "geo_replication_stats_can_failover" boolean, + "failover_in_progress" boolean, + "large_file_shares_state" text, + "routing_preference_routing_choice" text, + "routing_preference_publish_microsoft_endpoints" boolean, + "routing_preference_publish_internet_endpoints" boolean, + "blob_restore_status" text, + "blob_restore_status_failure_reason" text, + "blob_restore_status_restore_id" text, + "blob_restore_status_parameters_time_to_restore_time" timestamp without time zone, + "blob_restore_status_parameters_blob_ranges" jsonb, + "allow_blob_public_access" boolean, + "minimum_tls_version" text, + "tags" jsonb, + "location" text, + "id" text, + "name" text, + "type" text, + "blob_logging_settings" jsonb, + "queue_logging_settings" jsonb, + CONSTRAINT azure_storage_accounts_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_storage_accounts'); +CREATE TABLE IF NOT EXISTS "azure_storage_account_network_rule_set_virtual_network_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "account_cq_id" uuid, + "virtual_network_resource_id" text, + "action" text, + "state" text, + CONSTRAINT azure_storage_account_network_rule_set_virtual_network_rules_pk PRIMARY KEY(cq_fetch_date,account_cq_id,virtual_network_resource_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_storage_account_network_rule_set_virtual_network_rules (cq_fetch_date, account_cq_id); +SELECT setup_tsdb_child('azure_storage_account_network_rule_set_virtual_network_rules', 'account_cq_id', 'azure_storage_accounts', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_storage_account_network_rule_set_ip_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "account_cq_id" uuid, + "ip_address_or_range" text, + "action" text, + CONSTRAINT azure_storage_account_network_rule_set_ip_rules_pk PRIMARY KEY(cq_fetch_date,account_cq_id,ip_address_or_range), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_storage_account_network_rule_set_ip_rules (cq_fetch_date, account_cq_id); +SELECT setup_tsdb_child('azure_storage_account_network_rule_set_ip_rules', 'account_cq_id', 'azure_storage_accounts', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_storage_account_private_endpoint_connections" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "account_cq_id" uuid, + "private_endpoint_id" text, + "private_link_service_connection_state_status" text, + "private_link_service_connection_state_description" text, + "private_link_service_connection_state_action_required" text, + "provisioning_state" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_storage_account_private_endpoint_connections_pk PRIMARY KEY(cq_fetch_date,account_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_storage_account_private_endpoint_connections (cq_fetch_date, account_cq_id); +SELECT setup_tsdb_child('azure_storage_account_private_endpoint_connections', 'account_cq_id', 'azure_storage_accounts', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_storage_containers" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "account_id" text, + "account_cq_id" uuid, + "version" text, + "deleted" boolean, + "deleted_time" timestamp without time zone, + "remaining_retention_days" integer, + "default_encryption_scope" text, + "deny_encryption_scope_override" boolean, + "public_access" text, + "last_modified_time" timestamp without time zone, + "lease_status" text, + "lease_state" text, + "lease_duration" text, + "metadata" jsonb, + "immutability_policy" jsonb, + "legal_hold" jsonb, + "has_legal_hold" boolean, + "has_immutability_policy" boolean, + "etag" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_storage_containers_pk PRIMARY KEY(cq_fetch_date,account_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_storage_containers (cq_fetch_date, account_cq_id); +SELECT setup_tsdb_child('azure_storage_containers', 'account_cq_id', 'azure_storage_accounts', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_storage_blob_services" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "account_cq_id" uuid, + "default_service_version" text, + "delete_retention_policy_enabled" boolean, + "delete_retention_policy_days" integer, + "is_versioning_enabled" boolean, + "automatic_snapshot_policy_enabled" boolean, + "change_feed_enabled" boolean, + "change_feed_retention_in_days" integer, + "restore_policy_enabled" boolean, + "restore_policy_days" integer, + "restore_policy_last_enabled_time" timestamp without time zone, + "restore_policy_min_restore_time" timestamp without time zone, + "container_delete_retention_policy_enabled" boolean, + "container_delete_retention_policy_days" integer, + "last_access_time_tracking_policy_enable" boolean, + "last_access_time_tracking_policy_name" text, + "last_access_time_tracking_policy_tracking_granularity_in_days" integer, + "last_access_time_tracking_policy_blob_type" text[], + "sku_name" text, + "sku_tier" text, + "id" text, + "name" text, + "type" text, + CONSTRAINT azure_storage_blob_services_pk PRIMARY KEY(cq_fetch_date,account_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_storage_blob_services (cq_fetch_date, account_cq_id); +SELECT setup_tsdb_child('azure_storage_blob_services', 'account_cq_id', 'azure_storage_accounts', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_storage_blob_service_cors_rules" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "blob_service_cq_id" uuid, + "blob_service_id" text, + "allowed_origins" text[], + "allowed_methods" text[], + "max_age_in_seconds" integer, + "exposed_headers" text[], + "allowed_headers" text[], + CONSTRAINT azure_storage_blob_service_cors_rules_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_storage_blob_service_cors_rules (cq_fetch_date, blob_service_cq_id); +SELECT setup_tsdb_child('azure_storage_blob_service_cors_rules', 'blob_service_cq_id', 'azure_storage_blob_services', 'cq_id'); + +-- Resource: subscription.subscriptions +CREATE TABLE IF NOT EXISTS "azure_subscription_subscriptions" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "id" text, + "subscription_id" text, + "display_name" text, + "state" text, + "location_placement_id" text, + "quota_id" text, + "spending_limit" text, + "authorization_source" text, + CONSTRAINT azure_subscription_subscriptions_pk PRIMARY KEY(cq_fetch_date,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_subscription_subscriptions'); + +-- Resource: web.apps +CREATE TABLE IF NOT EXISTS "azure_web_apps" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "subscription_id" text, + "state" text, + "host_names" text[], + "repository_site_name" text, + "usage_state" text, + "enabled" boolean, + "enabled_host_names" text[], + "availability_state" text, + "server_farm_id" text, + "reserved" boolean, + "is_xenon" boolean, + "hyper_v" boolean, + "last_modified_time_utc_time" timestamp without time zone, + "site_config" jsonb, + "traffic_manager_host_names" text[], + "scm_site_also_stopped" boolean, + "target_swap_slot" text, + "hosting_environment_profile_id" text, + "hosting_environment_profile_name" text, + "hosting_environment_profile_type" text, + "client_affinity_enabled" boolean, + "client_cert_enabled" boolean, + "client_cert_mode" text, + "client_cert_exclusion_paths" text, + "host_names_disabled" boolean, + "custom_domain_verification_id" text, + "outbound_ip_addresses" text, + "possible_outbound_ip_addresses" text, + "container_size" integer, + "daily_memory_time_quota" integer, + "suspended_till_time" timestamp without time zone, + "max_number_of_workers" integer, + "cloning_info_correlation_id" uuid, + "cloning_info_overwrite" boolean, + "cloning_info_clone_custom_host_names" boolean, + "cloning_info_clone_source_control" boolean, + "cloning_info_source_web_app_id" text, + "cloning_info_source_web_app_location" text, + "cloning_info_hosting_environment" text, + "cloning_info_app_settings_overrides" jsonb, + "cloning_info_configure_load_balancing" boolean, + "cloning_info_traffic_manager_profile_id" text, + "cloning_info_traffic_manager_profile_name" text, + "resource_group" text, + "is_default_container" boolean, + "default_host_name" text, + "slot_swap_status_timestamp_utc_time" timestamp without time zone, + "slot_swap_status_source_slot_name" text, + "slot_swap_status_destination_slot_name" text, + "key_vault_reference_identity" text, + "https_only" boolean, + "redundancy_mode" text, + "in_progress_operation_id" uuid, + "storage_account_required" boolean, + "identity_type" text, + "identity_tenant_id" text, + "identity_principal_id" text, + "identity_user_assigned_identities" jsonb, + "id" text, + "name" text, + "kind" text, + "location" text, + "type" text, + "tags" jsonb, + CONSTRAINT azure_web_apps_pk PRIMARY KEY(cq_fetch_date,subscription_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +SELECT setup_tsdb_parent('azure_web_apps'); +CREATE TABLE IF NOT EXISTS "azure_web_app_host_name_ssl_states" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "app_cq_id" uuid, + "name" text, + "ssl_state" text, + "virtual_ip" text, + "thumbprint" text, + "to_update" boolean, + "host_type" text, + CONSTRAINT azure_web_app_host_name_ssl_states_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_web_app_host_name_ssl_states (cq_fetch_date, app_cq_id); +SELECT setup_tsdb_child('azure_web_app_host_name_ssl_states', 'app_cq_id', 'azure_web_apps', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_web_app_publishing_profiles" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "app_cq_id" uuid, + "publish_url" text, + "user_name" text, + "user_pwd" text, + CONSTRAINT azure_web_app_publishing_profiles_pk PRIMARY KEY(cq_fetch_date,cq_id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_web_app_publishing_profiles (cq_fetch_date, app_cq_id); +SELECT setup_tsdb_child('azure_web_app_publishing_profiles', 'app_cq_id', 'azure_web_apps', 'cq_id'); +CREATE TABLE IF NOT EXISTS "azure_web_app_auth_settings" ( + "cq_id" uuid NOT NULL, + "cq_meta" jsonb, + "cq_fetch_date" timestamp without time zone NOT NULL, + "app_cq_id" uuid, + "app_id" text, + "enabled" boolean, + "runtime_version" text, + "config_version" text, + "unauthenticated_client_action" text, + "token_store_enabled" boolean, + "allowed_external_redirect_urls" text[], + "default_provider" text, + "token_refresh_extension_hours" float, + "client_id" text, + "client_secret" text, + "client_secret_setting_name" text, + "client_secret_certificate_thumbprint" text, + "issuer" text, + "validate_issuer" boolean, + "allowed_audiences" text[], + "additional_login_params" text[], + "aad_claims_authorization" text, + "google_client_id" text, + "google_client_secret" text, + "google_client_secret_setting_name" text, + "google_oauth_scopes" text[], + "facebook_app_id" text, + "facebook_app_secret" text, + "facebook_app_secret_setting_name" text, + "facebook_oauth_scopes" text[], + "git_hub_client_id" text, + "git_hub_client_secret" text, + "git_hub_client_secret_setting_name" text, + "git_hub_oauth_scopes" text[], + "twitter_consumer_key" text, + "twitter_consumer_secret" text, + "twitter_consumer_secret_setting_name" text, + "microsoft_account_client_id" text, + "microsoft_account_client_secret" text, + "microsoft_account_client_secret_setting_name" text, + "microsoft_account_oauth_scopes" text[], + "is_auth_from_file" text, + "auth_file_path" text, + "id" text, + "name" text, + "kind" text, + "type" text, + CONSTRAINT azure_web_app_auth_settings_pk PRIMARY KEY(cq_fetch_date,app_cq_id,id), + UNIQUE(cq_fetch_date,cq_id) +); +CREATE INDEX ON azure_web_app_auth_settings (cq_fetch_date, app_cq_id); +SELECT setup_tsdb_child('azure_web_app_auth_settings', 'app_cq_id', 'azure_web_apps', 'cq_id'); diff --git a/resources/provider/provider.go b/resources/provider/provider.go index 5261d8f6..f7965d76 100644 --- a/resources/provider/provider.go +++ b/resources/provider/provider.go @@ -23,7 +23,7 @@ import ( ) var ( - //go:embed migrations/*.sql + //go:embed migrations/*/*.sql azureMigrations embed.FS Version = "Development" ) diff --git a/resources/provider/provider_test.go b/resources/provider/provider_test.go new file mode 100644 index 00000000..b2f9e8e3 --- /dev/null +++ b/resources/provider/provider_test.go @@ -0,0 +1,12 @@ +package provider_test + +import ( + "testing" + + "github.com/cloudquery/cq-provider-azure/resources/provider" + "github.com/cloudquery/cq-provider-sdk/migration" +) + +func TestMigrations(t *testing.T) { + migration.RunMigrationsTest(t, provider.Provider(), nil) +} diff --git a/tools/migrations/main.go b/tools/migrations/main.go new file mode 100644 index 00000000..036e3f9f --- /dev/null +++ b/tools/migrations/main.go @@ -0,0 +1,17 @@ +package main + +import ( + "context" + "fmt" + "os" + + "github.com/cloudquery/cq-provider-azure/resources/provider" + "github.com/cloudquery/cq-provider-sdk/migration" +) + +func main() { + if err := migration.Run(context.Background(), provider.Provider(), ""); err != nil { + fmt.Fprintf(os.Stderr, "Error: %s\n", err.Error()) + os.Exit(1) + } +}