disk
Sample rules
A few rules that use objects from this package:
non_car_unattached_managed_disks_encrypted
from typing import List, Dict
from cloudrail.knowledge.context.azure.azure_environment_context import AzureEnvironmentContext
from cloudrail.knowledge.rules.azure.azure_base_rule import AzureBaseRule
from cloudrail.knowledge.rules.base_rule import Issue
from cloudrail.knowledge.rules.rule_parameters.base_paramerter import ParameterType
class EnsureManagedDisksEncryptedRule(AzureBaseRule):
def get_id(self) -> str:
return 'non_car_unattached_managed_disks_encrypted'
def execute(self, env_context: AzureEnvironmentContext, parameters: Dict[ParameterType, any]) -> List[Issue]:
issues: List[Issue] = []
for managed_disk in env_context.managed_disks:
if not managed_disk.is_encrypted:
issues.append(
Issue(
f'The {managed_disk.get_type()} `{managed_disk.get_friendly_name()}` does not have encryption enabled',
managed_disk,
managed_disk))
return issues
def should_run_rule(self, environment_context: AzureEnvironmentContext) -> bool:
return bool(environment_context.managed_disks)
AzureManagedDisk (AzureResource)
Attributes:
| Name | Type | Description |
|---|---|---|
name |
str |
The Managed Disk name |
storage_account_type |
StorageAccountType |
The type of storage used for the Managed Disk |
create_option |
ManagedDiskCreateOption |
The method used to create the Managed Disk |
disk_encryption_set_id |
Optional[str] |
The ID of the Disk Encryption Set which is being used to encrypt the Managed Disk if any |
disk_encryption_enabled |
bool |
Indication if the Managed Disk is encrypted using platform key. |
custom_invalidation(self)
inherited
A list of manual reasons why this resource should be invalidated
exclude_from_invalidation(self)
inherited
A list of attributes that should be excluded from the invalidation process
ManagedDiskCreateOption (Enum)
An enumeration.
StorageAccountType (Enum)
An enumeration.