Skip to content

[Asset Inventory][Azure] Fix Azure service names (cloud.service.name) #3466

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Aug 25, 2025
Merged

[Asset Inventory][Azure] Fix Azure service names (cloud.service.name) #3466

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
3b2f60a
update test cases
kubasobon Jul 24, 2025
01f444d
update Azure service names
kubasobon Jul 24, 2025
414660e
apply review remarks
kubasobon Aug 5, 2025
2613097
Merge branch 'main' into azure-svc-name
kubasobon Aug 5, 2025
a484326
rename FlexibleMySQLDBAssetType
kubasobon Aug 25, 2025
dc3d84e
rename MySQLDBAssetType
kubasobon Aug 25, 2025
13b960e
gofmt
kubasobon Aug 25, 2025
c243289
Merge branch 'main' into azure-svc-name
kubasobon Aug 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion internal/inventory/azurefetcher/fetcher_account.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ func (f *accountFetcher) fetch(ctx context.Context, resourceName string, functio
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: item.TenantId,
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithLabelsFromAny(item.Tags),
inventory.WithOrganization(inventory.Organization{
Expand Down
4 changes: 2 additions & 2 deletions internal/inventory/azurefetcher/fetcher_account_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ func TestAccountFetcher_Fetch_Tenants(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "<tenant UUID>",
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithOrganization(inventory.Organization{
ID: "<tenant UUID>",
Expand Down Expand Up @@ -82,7 +82,7 @@ func TestAccountFetcher_Fetch_Subscriptions(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "<sub UUID>",
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithOrganization(inventory.Organization{
ID: "<sub UUID>",
Expand Down
14 changes: 4 additions & 10 deletions internal/inventory/azurefetcher/fetcher_activedirectory.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ func (f *activedirectoryFetcher) fetchServicePrincipals(ctx context.Context, ass
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: tenantId,
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithTags(item.GetTags()),
)
Expand All @@ -108,7 +108,7 @@ func (f *activedirectoryFetcher) fetchDirectoryRoles(ctx context.Context, assetC
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: f.tenantID,
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithUser(inventory.User{
ID: pointers.Deref(item.GetId()),
Expand All @@ -128,11 +128,6 @@ func (f *activedirectoryFetcher) fetchGroups(ctx context.Context, assetChan chan
}

for _, item := range items {
// TODO(kuba): How to test this without being able to test Groups?
// var labels map[string]string
// for _, l := range item.GetAssignedLabels() {
// fmt.Println(l)
// }
assetChan <- inventory.NewAssetEvent(
inventory.AssetClassificationAzureEntraGroup,
pointers.Deref(item.GetId()),
Expand All @@ -143,13 +138,12 @@ func (f *activedirectoryFetcher) fetchGroups(ctx context.Context, assetChan chan
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: f.tenantID,
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithGroup(inventory.Group{
ID: pointers.Deref(item.GetId()),
Name: pointers.Deref(item.GetDisplayName()),
}),
// inventory.WithLabels(labels),
)
}
}
Expand All @@ -174,7 +168,7 @@ func (f *activedirectoryFetcher) fetchUsers(ctx context.Context, assetChan chan<
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: f.tenantID,
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithUser(inventory.User{
ID: pointers.Deref(item.GetId()),
Expand Down
8 changes: 4 additions & 4 deletions internal/inventory/azurefetcher/fetcher_activedirectory_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ func TestActiveDirectoryFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: appOwnerOrganizationId.String(),
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
),
inventory.NewAssetEvent(
Expand All @@ -97,7 +97,7 @@ func TestActiveDirectoryFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "id",
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithUser(inventory.User{
ID: "id",
Expand All @@ -112,7 +112,7 @@ func TestActiveDirectoryFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "id",
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithGroup(inventory.Group{
ID: "id",
Expand All @@ -127,7 +127,7 @@ func TestActiveDirectoryFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "id",
ServiceName: "Azure",
ServiceName: "Azure Entra",
}),
inventory.WithUser(inventory.User{
ID: "id",
Expand Down
31 changes: 16 additions & 15 deletions internal/inventory/azurefetcher/fetcher_resource_graph.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,29 +50,30 @@ func newResourceGraphFetcher(logger *clog.Logger, tenantID string, provider reso
func (f *resourceGraphFetcher) Fetch(ctx context.Context, assetChan chan<- inventory.AssetEvent) {
resourcesToFetch := []struct {
name string
serviceName string
azureGroup string
azureType string
classification inventory.AssetClassification
}{
{"App Services", azurelib.AssetGroupResources, azurelib.WebsitesAssetType, inventory.AssetClassificationAzureAppService},
{"Container Registries", azurelib.AssetGroupResources, azurelib.ContainerRegistryAssetType, inventory.AssetClassificationAzureContainerRegistry},
{"Cosmos DB Accounts", azurelib.AssetGroupResources, azurelib.DocumentDBDatabaseAccountAssetType, inventory.AssetClassificationAzureCosmosDBAccount},
{"Cosmos DB SQL Databases", azurelib.AssetGroupResources, azurelib.CosmosDBForSQLDatabaseAssetType, inventory.AssetClassificationAzureCosmosDBSQLDatabase},
{"Disks", azurelib.AssetGroupResources, azurelib.DiskAssetType, inventory.AssetClassificationAzureDisk},
{"Elastic Pools", azurelib.AssetGroupResources, azurelib.ElasticPoolAssetType, inventory.AssetClassificationAzureElasticPool},
{"MySQL Flexible Servers", azurelib.AssetGroupResources, azurelib.FlexibleMySQLDBAssetType, inventory.AssetClassificationAzureSQLServer},
{"Resource Groups", azurelib.AssetGroupResourceContainers, azurelib.ResouceGroupAssetType, inventory.AssetClassificationAzureResourceGroup},
{"SQL Databases", azurelib.AssetGroupResources, azurelib.MySQLDatabaseAssetType, inventory.AssetClassificationAzureSQLDatabase},
{"Snapshots", azurelib.AssetGroupResources, azurelib.SnapshotAssetType, inventory.AssetClassificationAzureSnapshot},
{"Storage Accounts", azurelib.AssetGroupResources, azurelib.StorageAccountAssetType, inventory.AssetClassificationAzureStorageAccount},
{"Virtual Machines", azurelib.AssetGroupResources, azurelib.VirtualMachineAssetType, inventory.AssetClassificationAzureVirtualMachine},
{"App Services", "Azure App Services", azurelib.AssetGroupResources, azurelib.WebsitesAssetType, inventory.AssetClassificationAzureAppService},
{"Container Registries", "Azure Container Registries", azurelib.AssetGroupResources, azurelib.ContainerRegistryAssetType, inventory.AssetClassificationAzureContainerRegistry},
{"Cosmos DB Accounts", "Azure Cosmos DB", azurelib.AssetGroupResources, azurelib.DocumentDBDatabaseAccountAssetType, inventory.AssetClassificationAzureCosmosDBAccount},
{"Cosmos DB SQL Databases", "Azure Cosmos DB", azurelib.AssetGroupResources, azurelib.CosmosDBForSQLDatabaseAssetType, inventory.AssetClassificationAzureCosmosDBSQLDatabase},
{"Disks", "Azure Storage", azurelib.AssetGroupResources, azurelib.DiskAssetType, inventory.AssetClassificationAzureDisk},
{"Elastic Pools", "Azure SQL Elastic Pools", azurelib.AssetGroupResources, azurelib.ElasticPoolAssetType, inventory.AssetClassificationAzureElasticPool},
{"MySQL Flexible Servers", "Azure SQL Servers", azurelib.AssetGroupResources, azurelib.FlexibleMySQLDBAssetType, inventory.AssetClassificationAzureSQLServer},
Copy link
Member

@romulets romulets Aug 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is FlexibleMySQLDBAssetType a SQL Server? As far as I know is just another offering of MySQL and I would classify as Azure SQL Databases, not as SQL Server. I could be wrong of course 🤓

Copy link
Member

@romulets romulets Aug 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think SQL Servers are azurelib.SQLServersAssetType ones. We are not fetching them it seems?

Copy link
Member Author

@kubasobon kubasobon Aug 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

Our docs specify we need to fetch two kinds of resources:

Category Old Type Current Type
Database Azure SQL Database Azure SQL Database
Database Azure SQL Server Azure SQL Server

But the Azure offering contains:

  • Azure Database for PostgreSQL flexible servers
  • SQL virtual machines
  • Azure Arc (and within it)
    • SQL Server instances
    • SQL managed instances
    • PostgreSQL servers
    • MySQL servers
  • SQL Server stretch databases
  • Azure SQL Database Hyperscale
  • Azure Database for MySQL flexible servers
  • SQL Managed instances (different to those in Azure Arc)

...and more, but I've omitted ones that did not fit SQL Database or SQL Server description. Some of those are PaaS, some IaaS, some managed by Azure, some by the user. I don't have enough information to make an educated guess as to which ones we should be querying. @romulets How do you feel about merging this and bringing the database question to product?

Copy link
Member

@romulets romulets Aug 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with your decision @kubasobon

My point was

We are saying:

  • azurelib.FlexibleMySQLDBAssetType -> Azure SQL Servers
  • azurelib.MySQLDatabaseAssetType -> Azure SQL Databases

I thought we had to keep those consistent. But I also don't fully understand the Azure distribution. So I trust your call!

{"Resource Groups", "Azure Management", azurelib.AssetGroupResourceContainers, azurelib.ResouceGroupAssetType, inventory.AssetClassificationAzureResourceGroup},
{"SQL Databases", "Azure SQL Databases", azurelib.AssetGroupResources, azurelib.MySQLDatabaseAssetType, inventory.AssetClassificationAzureSQLDatabase},
{"Snapshots", "Azure Storage", azurelib.AssetGroupResources, azurelib.SnapshotAssetType, inventory.AssetClassificationAzureSnapshot},
{"Storage Accounts", "Azure Storage", azurelib.AssetGroupResources, azurelib.StorageAccountAssetType, inventory.AssetClassificationAzureStorageAccount},
{"Virtual Machines", "Azure Virtual Machines", azurelib.AssetGroupResources, azurelib.VirtualMachineAssetType, inventory.AssetClassificationAzureVirtualMachine},
}
for _, r := range resourcesToFetch {
f.fetch(ctx, r.name, r.azureGroup, r.azureType, r.classification, assetChan)
f.fetch(ctx, r.name, r.serviceName, r.azureGroup, r.azureType, r.classification, assetChan)
}
}

func (f *resourceGraphFetcher) fetch(ctx context.Context, resourceName, resourceGroup, resourceType string, classification inventory.AssetClassification, assetChan chan<- inventory.AssetEvent) {
func (f *resourceGraphFetcher) fetch(ctx context.Context, resourceName, serviceName, resourceGroup, resourceType string, classification inventory.AssetClassification, assetChan chan<- inventory.AssetEvent) {
f.logger.Infof("Fetching %s", resourceName)
defer f.logger.Infof("Fetching %s - Finished", resourceName)

Expand All @@ -93,7 +94,7 @@ func (f *resourceGraphFetcher) fetch(ctx context.Context, resourceName, resource
Region: item.Location,
AccountID: item.TenantId,
ProjectID: item.SubscriptionId,
ServiceName: "Azure",
ServiceName: serviceName,
}),
inventory.WithLabelsFromAny(item.Tags),
)
Expand Down
6 changes: 3 additions & 3 deletions internal/inventory/azurefetcher/fetcher_resource_graph_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ func TestResourceGraphFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "<tenant id>",
ServiceName: "Azure",
ServiceName: "Azure App Services",
}),
),
inventory.NewAssetEvent(
Expand All @@ -80,7 +80,7 @@ func TestResourceGraphFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "<tenant id>",
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -91,7 +91,7 @@ func TestResourceGraphFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: "<tenant id>",
ServiceName: "Azure",
ServiceName: "Azure Virtual Machines",
MachineType: "xlarge",
InstanceID: "/vm",
}),
Expand Down
2 changes: 1 addition & 1 deletion internal/inventory/azurefetcher/fetcher_storage.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ func (f *storageFetcher) fetch(ctx context.Context, storageAccounts []azurelib.A
inventory.WithCloud(inventory.Cloud{
Provider: inventory.AzureCloudProvider,
AccountID: pickName(item.TenantId, f.tenantID),
ServiceName: "Azure",
ServiceName: "Azure Storage",
ProjectID: item.SubscriptionId,
}),
inventory.WithLabelsFromAny(item.Tags),
Expand Down
16 changes: 8 additions & 8 deletions internal/inventory/azurefetcher/fetcher_storage_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -97,7 +97,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -108,7 +108,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -119,7 +119,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -130,7 +130,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -141,7 +141,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -152,7 +152,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
inventory.NewAssetEvent(
Expand All @@ -163,7 +163,7 @@ func TestStorageFetcher_Fetch(t *testing.T) {
inventory.WithCloud(inventory.Cloud{
AccountID: "<tenant id>",
Provider: inventory.AzureCloudProvider,
ServiceName: "Azure",
ServiceName: "Azure Storage",
}),
),
}
Expand Down