inspec 2.1.0 → 2.1.10

data/docs/resources/aws_vpcs.md.erb

@@ -1,48 +1,48 @@
----
-title: About the aws_vpcs Resource
-platform: aws
----
-
-# aws\_vpcs
-
-Use the `aws_vpcs` InSpec audit resource to test properties of some or all AWS Virtual Private Clouds (VPCs).
-
-A VPC is a networking construct that provides an isolated environment. A VPC is contained in a geographic region, but spans availability zones in that region. A VPC may have multiple subnets, internet gateways, and other networking resources. Computing resources--such as EC2 instances--reside on subnets within the VPC.
-
-Each VPC is uniquely identified by its VPC ID. In addition, each VPC has a non-unique CIDR IP Address range (such as 10.0.0.0/16) which it manages.
-
-Every AWS account has at least one VPC, the "default" VPC, in every region.
-
-<br>
-
-## Syntax
-
-An `aws_vpcs` resource block uses an optional filter to select a group of VPCs and then tests that group.
-
-    # The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
-    describe aws_vpcs do
-      it { should exist }
-    end
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-As this is the initial release of `aws_vpcs`, its limited functionality precludes examples.
-
-<br>
-
-## Matchers
-
-This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### exists
-
-The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
-
-    # You will always have at least one VPC
-    describe aws_vpcs
-      it { should exist }
-    end
+---
+title: About the aws_vpcs Resource
+platform: aws
+---
+
+# aws\_vpcs
+
+Use the `aws_vpcs` InSpec audit resource to test properties of some or all AWS Virtual Private Clouds (VPCs).
+
+A VPC is a networking construct that provides an isolated environment. A VPC is contained in a geographic region, but spans availability zones in that region. A VPC may have multiple subnets, internet gateways, and other networking resources. Computing resources--such as EC2 instances--reside on subnets within the VPC.
+
+Each VPC is uniquely identified by its VPC ID. In addition, each VPC has a non-unique CIDR IP Address range (such as 10.0.0.0/16) which it manages.
+
+Every AWS account has at least one VPC, the "default" VPC, in every region.
+
+<br>
+
+## Syntax
+
+An `aws_vpcs` resource block uses an optional filter to select a group of VPCs and then tests that group.
+
+    # The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+    describe aws_vpcs do
+      it { should exist }
+    end
+
+<br>
+
+## Examples
+
+The following examples show how to use this InSpec audit resource.
+
+As this is the initial release of `aws_vpcs`, its limited functionality precludes examples.
+
+<br>
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+
+    # You will always have at least one VPC
+    describe aws_vpcs
+      it { should exist }
+    end

data/docs/resources/azure_generic_resource.md.erb

@@ -1,171 +1,171 @@
----
-title: About the azure_generic_resource Resource
----
-
-# azure\_generic\_resource
-
-Use the `azure_generic_resource` InSpec audit resource to test any valid Azure Resource. This is very useful if you need to test something that we do not yet have a specific Inspec resource for.
-
-## Syntax
-
-    describe azure_generic_resource(group_name: 'MyResourceGroup', name: 'MyResource') do
-      its('property') { should eq 'value' }
-    end
-
-where
-
-* `MyResourceGroup` is the name of the resource group that contains the Azure Resource to be validated
-* `MyResource` is the name of the resource that needs to be checked
-* `property` This generic resource dynamically creates the properties on the fly based on the type of resource that has been targetted.
-* `value` is the expected output from the chosen property
-
-<br>
-
-## Parameters
-
-* `group_name`, `name`, `apiversion`, `type`
-
-<br>
-
-## Parameter Examples
-
-The options that can be passed to the resource are as follows.
-
-### group_name (required)
-
-Use this parameter to define the Azure Resource Group to be tested.
-
-    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure') do
-        ...
-    end
-
-### name
-
-Use this parameter to define the name of the Azure resource to test.
-
-    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM') do
-        ...
-    end
-
-### apiversion
-
-The API Version to use when querying the resource. Defaults to the latest version for the resource.
-
-    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM', apiversion: '2.0') do
-        ...
-    end
-
-### type
-
-Use this parameter to define the type of resources to test.
-
-    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM', apiversion: '2.0', type: 'Microsoft.Compute/virtualMachines') do
-        ...
-    end
-
-These options can also be set using the environment variables:
-
-* `AZURE_RESOURCE_GROUP_NAME`
-* `AZURE_RESOURCE_NAME`
-* `AZURE_RESOURCE_TYPE`
-* `AZURE_RESOURCE_API_VERSION`
-
-When the options have been set as well as the environment variables, the environment variables take priority.
-
-<br>
-
-## Parameter Example
-
-    describe azure_generic_resource(group_name: 'Inspec-Azure', name: 'Linux-Internal-VM', apiversion: '2.0') do
-      its('location') { should eq 'westeurope' }
-    end
-
-<br>
-
-## Properties
-
-The properties that can be tested are entirely dependent on the Azure Resource that is under scrutiny. That means the properties vary. The best way to see what is available please use the [Azure Resources Portal](https://resources.azure.com) to select the resource you are interested in and see what can be tested.
-
-This resource allows you to test _any_ valid Azure Resource. The trade off for this is that the language to check each item is not as natural as it would be for a native Inspec resource.
-
-<br>
-
-## Property Examples
-
-The following examples show how to use some of the InSpec audit properties:
-
-### Tests the virtual machine's location
-
-    its('location') { should cmp 'westeurope' }
-
-### Tests for the presence of a specified address prefix
-
-    its('properties.addressSpace.addressPrefixes') { should include '10.1.1.0/24' }
-
-### Tests that virtual machine was created from the correct disk
-
-    its('properties.creationData.createOption') { should eq 'FromImage' }
-
-### Tests that the image is Ubuntu
-
-    its('properties.creationData.imageReference.id') { should match 'Canonical' }
-    its('properties.creationData.imageReference.id') { should match 'UbuntuServer' }
-    its('properties.creationData.imageReference.id') { should match '16.04.0-LTS' }
-
-### Tests the disk size
-
-    its('properties.diskSizeGB') { should be > 25 }
-
-### Tests the disk state
-
-    its('properties.diskState') { should cmp 'Attached' }
-
-### Tests that there are no custom DNS settings
-
-    its('properties.dnsSettings.dnsServers.count') { should eq 0 }
-    its('properties.dnsSettings.appliedDnsServers.count') { should eq 0 }
-
-### Tests that the NIC is connected to the correct machine
-
-    its('properties.virtualMachine.id') { should match 'Linux-External-VM' }
-
-### Tests that the blob and file services are enabled
-
-    its('properties.encryption.services.blob.enabled') { should be true }
-    its('properties.encryption.services.file.enabled') { should be true }
-    its('properties.encryption.keySource') { should cmp 'Microsoft.Storage' }
-
-### Test the hardware profile
-
-    its('properties.hardwareProfile.vmSize') { should cmp 'Standard_DS2_v2' }
-
-### Test the network interfaces
-
-    its('properties.networkProfile.networkInterfaces.count') { should eq 1 }
-
-### Test the authentication and OS type
-
-    its('properties.osProfile.computerName') { should eq 'linux-external-1' }
-    its('properties.osProfile.adminUsername') { should eq 'azure' }
-    its('properties.osProfile.linuxConfiguration.disablePasswordAuthentication') { should be true }
-
-### Test that the tags are properly set
-
-    it { should have_tags }
-    its('tag_count') { should be 1 }
-    its('tags') { should include 'Description' }
-    its('Description_tag') { should match 'Externally facing' }
-
-<br>
-
-## Matchers
-
-This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-<br>
-
-## References
-
-Please see the integration tests for in depth examples of how this resource can be used.
-
-[Inspec Integration Tests for Azure Generic Resources](https://github.com/chef/inspec/tree/master/test/azure/verify/controls)
+---
+title: About the azure_generic_resource Resource
+---
+
+# azure\_generic\_resource
+
+Use the `azure_generic_resource` InSpec audit resource to test any valid Azure Resource. This is very useful if you need to test something that we do not yet have a specific Inspec resource for.
+
+## Syntax
+
+    describe azure_generic_resource(group_name: 'MyResourceGroup', name: 'MyResource') do
+      its('property') { should eq 'value' }
+    end
+
+where
+
+* `MyResourceGroup` is the name of the resource group that contains the Azure Resource to be validated
+* `MyResource` is the name of the resource that needs to be checked
+* `property` This generic resource dynamically creates the properties on the fly based on the type of resource that has been targeted.
+* `value` is the expected output from the chosen property
+
+<br>
+
+## Parameters
+
+* `group_name`, `name`, `apiversion`, `type`
+
+<br>
+
+## Parameter Examples
+
+The options that can be passed to the resource are as follows.
+
+### group_name (required)
+
+Use this parameter to define the Azure Resource Group to be tested.
+
+    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure') do
+        ...
+    end
+
+### name
+
+Use this parameter to define the name of the Azure resource to test.
+
+    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM') do
+        ...
+    end
+
+### apiversion
+
+The API Version to use when querying the resource. Defaults to the latest version for the resource.
+
+    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM', apiversion: '2.0') do
+        ...
+    end
+
+### type
+
+Use this parameter to define the type of resources to test.
+
+    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM', apiversion: '2.0', type: 'Microsoft.Compute/virtualMachines') do
+        ...
+    end
+
+These options can also be set using the environment variables:
+
+* `AZURE_RESOURCE_GROUP_NAME`
+* `AZURE_RESOURCE_NAME`
+* `AZURE_RESOURCE_TYPE`
+* `AZURE_RESOURCE_API_VERSION`
+
+When the options have been set as well as the environment variables, the environment variables take priority.
+
+<br>
+
+## Parameter Example
+
+    describe azure_generic_resource(group_name: 'Inspec-Azure', name: 'Linux-Internal-VM', apiversion: '2.0') do
+      its('location') { should eq 'westeurope' }
+    end
+
+<br>
+
+## Properties
+
+The properties that can be tested are entirely dependent on the Azure Resource that is under scrutiny. That means the properties vary. The best way to see what is available please use the [Azure Resources Portal](https://resources.azure.com) to select the resource you are interested in and see what can be tested.
+
+This resource allows you to test _any_ valid Azure Resource. The trade off for this is that the language to check each item is not as natural as it would be for a native Inspec resource.
+
+<br>
+
+## Property Examples
+
+The following examples show how to use some of the InSpec audit properties:
+
+### Tests the virtual machine's location
+
+    its('location') { should cmp 'westeurope' }
+
+### Tests for the presence of a specified address prefix
+
+    its('properties.addressSpace.addressPrefixes') { should include '10.1.1.0/24' }
+
+### Tests that virtual machine was created from the correct disk
+
+    its('properties.creationData.createOption') { should eq 'FromImage' }
+
+### Tests that the image is Ubuntu
+
+    its('properties.creationData.imageReference.id') { should match 'Canonical' }
+    its('properties.creationData.imageReference.id') { should match 'UbuntuServer' }
+    its('properties.creationData.imageReference.id') { should match '16.04.0-LTS' }
+
+### Tests the disk size
+
+    its('properties.diskSizeGB') { should be > 25 }
+
+### Tests the disk state
+
+    its('properties.diskState') { should cmp 'Attached' }
+
+### Tests that there are no custom DNS settings
+
+    its('properties.dnsSettings.dnsServers.count') { should eq 0 }
+    its('properties.dnsSettings.appliedDnsServers.count') { should eq 0 }
+
+### Tests that the NIC is connected to the correct machine
+
+    its('properties.virtualMachine.id') { should match 'Linux-External-VM' }
+
+### Tests that the blob and file services are enabled
+
+    its('properties.encryption.services.blob.enabled') { should be true }
+    its('properties.encryption.services.file.enabled') { should be true }
+    its('properties.encryption.keySource') { should cmp 'Microsoft.Storage' }
+
+### Test the hardware profile
+
+    its('properties.hardwareProfile.vmSize') { should cmp 'Standard_DS2_v2' }
+
+### Test the network interfaces
+
+    its('properties.networkProfile.networkInterfaces.count') { should eq 1 }
+
+### Test the authentication and OS type
+
+    its('properties.osProfile.computerName') { should eq 'linux-external-1' }
+    its('properties.osProfile.adminUsername') { should eq 'azure' }
+    its('properties.osProfile.linuxConfiguration.disablePasswordAuthentication') { should be true }
+
+### Test that the tags are properly set
+
+    it { should have_tags }
+    its('tag_count') { should be 1 }
+    its('tags') { should include 'Description' }
+    its('Description_tag') { should match 'Externally facing' }
+
+<br>
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+<br>
+
+## References
+
+Please see the integration tests for in depth examples of how this resource can be used.
+
+[Inspec Integration Tests for Azure Generic Resources](https://github.com/chef/inspec/tree/master/test/azure/verify/controls)

data/docs/resources/azure_resource_group.md.erb

@@ -1,284 +1,284 @@
----
-title: About the azure_resource_group_resource_counts Resource
-platform: azure
----
-
-# azure\_resource\_group\_resource\_counts
-
-Use the `azure_resource_group_resource_counts` InSpec audit resource to check the number of Azure resources in a resource group.
-
-## Syntax
-
-The name of the resource group is specified as a parameter on the resource:
-
-    describe azure_resource_group(name: 'MyResourceGroup') do
-      its('property') { should eq 'value' }
-    end
-
-where
-
-* `MyResourceGroup` is the name of the resource group being interrogated
-* `property` is one a resource property
-* `value` is the expected output from the matcher
-
-## Examples
-
-The following examples show how to use this InSpec audit resource:
-
-### Ensure the Resource Group has the correct number of resources
-
-    describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
-      its('total') { should eq 7}
-    end
-
-### Ensure that the Resource Group contains the correct resources
-
-    describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
-      its('total') { should eq 7 }
-      its('vm_count') { should eq 2 }
-      its('nic_count') { should eq 2 }
-      its('public_ip_count') { should eq 1 }
-      its('sa_count') { should eq 1 }
-      its('vnet_count') { should eq 1 }
-    end
-
-<br>
-
-## Parameters
-
-* `group_name`, `name`
-
-## Parameter Examples
-
-The options that can be passed to the resource are as follows.
-
-### group_name (required)
-
-Use this parameter to define the Azure Resource Group to be tested.
-
-    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure') do
-        ...
-    end
-
-### name
-
-Use this parameter to define the name of the Azure resource to test.
-
-    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM') do
-        ...
-    end
-
-If both `group_name` and `name` is set then `name` takes priority
-
-These options can also be set using the environment variables:
-
-* `AZURE_RESOURCE_GROUP_NAME`
-* `AZURE_RESOURCE_NAME`
-
-When the options have been set as well as the environment variables, the environment variables take priority.
-
-<br>
-
-## Parameter Example
-
-    describe azure_generic_resource(group_name: 'Inspec-Azure', name: 'Linux-Internal-VM') do
-      its('location') { should eq 'westeurope' }
-    end
-
-<br>
-
-## Properties
-
-* `name`, `location` ,`id`, `provisioning_state`, `subscription_id`, `total`, `nic_count`, `vm_count`, `extension_count`, `vnet_count`, `sa_count`, `public_ip_count`,`managed_disk_image_count`, `managed_disk_count`, `tag_count`
-
-<br>
-
-## Property Examples
-
-This InSpec audit resource has the following properties:
-
-### name
-
-Tests the name of the resource group.
-
-    its('name') { should cmp 'Inspec-Azure' }
-
-### location
-
-Tests where in Azure the resource group is located.
-
-    its('location') { should cmp 'westeurope' }
-
-### id
-
-Tests the full qualified ID of the resource group.
-
-This takes the format: `/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP_NAME>`.
-
-    its('id') { should cmp 'FQDN' }
-
-### provisioning_state
-
-Tests thehe provisioning state of the resource group.
-
-    its('provisioning_state') { should cmp 'Succeeded' }
-
-### total
-
-Tests the total number of resources in the resource group.
-
-    its('total') { should eq 13 }
-
-### nic_count
-
-Tests the number of network interface cards in the resource group.
-
-    it { should have_nics }
-    its('nic_count') { should eq 3 }
-
-### vm_count
-
-Tests the number of virtual machines in the resource group.
-
-    its('vm_count') { should eq 5 }
-
-### vnet_count
-
-Tests the number of virtual networks in the resource group.
-
-    its('vnet_count') { should eq 5 }
-
-### sa_count
-
-Tests the number of storage accounts in the resource group.
-
-    its('sa_count') { should eq 5 }
-
-### public\_ip\_count
-
-Tests the number of Public IP Addresses in the resource group.
-
-    its('public_ip_count') { should eq 5 }
-
-### managed\_disk\_image\_count
-
-Tests the number of managed disk images that are in the resource group.
-
-Managed disks are created from disk images and then attached to the machines. Generally, the images are created from a base image or a custom image (e.g., Packer)
-
-    its('managed_disk_image_count') { should eq 5 }
-
-### managed\_disk\_count
-
-Tests the number of managed disks in the resource group.
-
-If a resource group contains one virtual machine with an OS disk and 2 data disks that are all Managed Disks, then the count would be 3.
-
-    its('managed_disk_count') { should eq 3 }
-
-<br>
-
-## Matchers
-
-This resource has a number of special matchers that provide a simple way to test if a specific Azure Resource type exists in the resource group.
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### have_nics
-
-Use this matcher to test if network interfaces exist.
-
-    it { should have_ncis }
-
-### have_vms
-
-Use this matcher to test that virtual machines exist.
-
-    it { should have_vms }
-
-### have_extensions
-
-Use this matcher to test for virtual machine extensions.
-
-    it { should have_extensions }
-
-### have_nsgs
-
-Use this matcher to test that network security groups exist.
-
-    it { should have_nsgs }
-
-### have_vnets
-
-Use this matcher to test that virtual networks exist.
-
-    it { should have_vnets }
-
-### have\_managed\_disks
-
-Use this matcher to test that managed disks exist.
-
-    it { should have_managed_disks }
-
-### have\_managed\_disk\_images
-
-Use this matcher to test that managed disk images exist.
-
-    it { should have_managed_disk_images }
-
-### have_sas
-
-Use this matcher to test that storage accounts exist.
-
-    it { should have_sas }
-
-### have\_public\_ips
-
-Use this matcher to test that public ips exist.
-
-    it { should have_public_ips }
-
-## Tags
-
-It is possible to test the tags that have been assigned to the resource. There are some properties for checking that a resource has tags, that it has the correct number of tags, and that the correct tags are assigned.
-
-### have\_tags
-
-This is a simple test to see if the machine has tags assigned to it or not.
-
-    it { should have_tags }
-
-### tag\_count
-
-Returns the number of tags that are assigned to the resource
-
-    its ('tag_count') { should eq 2 }
-
-### tags
-
-It is possible to check if a specific tag has been set on the resource.
-
-    its('tags') { should include 'owner' }
-
-### xxx\_tag
-
-To get the value of the tag, some properties are created from the tags themselves.
-
-For example, if the following tag is set on a resource:
-
-* owner: JG Jinglehimerschmidt
-
-Then a property is available called `Owner_tag`.
-
-    its('owner_tag') { should cmp 'JG Jinglehimerschmidt' }
-
-Note: The tag name is case sensitive which makes the test case sensitive. E.g. `owner_tag` does not equal `Owner_tag`.
-
-<br>
-
-## References
-
-For more information on Azure Ruby SDK resources, see:
-
-* [Azure Ruby SDK - Resources](https://github.com/Azure/azure-sdk-for-ruby/tree/master/management/azure_mgmt_resources)
-* [Resource Group](https://github.com/chef/inspec/blob/fc990346f2438690f0ac36a9f6606e61574a79b8/test/azure/verify/controls/resource_group.rb)
+---
+title: About the azure_resource_group_resource_counts Resource
+platform: azure
+---
+
+# azure\_resource\_group\_resource\_counts
+
+Use the `azure_resource_group_resource_counts` InSpec audit resource to check the number of Azure resources in a resource group.
+
+## Syntax
+
+The name of the resource group is specified as a parameter on the resource:
+
+    describe azure_resource_group(name: 'MyResourceGroup') do
+      its('property') { should eq 'value' }
+    end
+
+where
+
+* `MyResourceGroup` is the name of the resource group being interrogated
+* `property` is one a resource property
+* `value` is the expected output from the matcher
+
+## Examples
+
+The following examples show how to use this InSpec audit resource:
+
+### Ensure the Resource Group has the correct number of resources
+
+    describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
+      its('total') { should eq 7}
+    end
+
+### Ensure that the Resource Group contains the correct resources
+
+    describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
+      its('total') { should eq 7 }
+      its('vm_count') { should eq 2 }
+      its('nic_count') { should eq 2 }
+      its('public_ip_count') { should eq 1 }
+      its('sa_count') { should eq 1 }
+      its('vnet_count') { should eq 1 }
+    end
+
+<br>
+
+## Parameters
+
+* `group_name`, `name`
+
+## Parameter Examples
+
+The options that can be passed to the resource are as follows.
+
+### group_name (required)
+
+Use this parameter to define the Azure Resource Group to be tested.
+
+    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure') do
+        ...
+    end
+
+### name
+
+Use this parameter to define the name of the Azure resource to test.
+
+    describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM') do
+        ...
+    end
+
+If both `group_name` and `name` is set then `name` takes priority
+
+These options can also be set using the environment variables:
+
+* `AZURE_RESOURCE_GROUP_NAME`
+* `AZURE_RESOURCE_NAME`
+
+When the options have been set as well as the environment variables, the environment variables take priority.
+
+<br>
+
+## Parameter Example
+
+    describe azure_generic_resource(group_name: 'Inspec-Azure', name: 'Linux-Internal-VM') do
+      its('location') { should eq 'westeurope' }
+    end
+
+<br>
+
+## Properties
+
+* `name`, `location` ,`id`, `provisioning_state`, `subscription_id`, `total`, `nic_count`, `vm_count`, `extension_count`, `vnet_count`, `sa_count`, `public_ip_count`,`managed_disk_image_count`, `managed_disk_count`, `tag_count`
+
+<br>
+
+## Property Examples
+
+This InSpec audit resource has the following properties:
+
+### name
+
+Tests the name of the resource group.
+
+    its('name') { should cmp 'Inspec-Azure' }
+
+### location
+
+Tests where in Azure the resource group is located.
+
+    its('location') { should cmp 'westeurope' }
+
+### id
+
+Tests the full qualified ID of the resource group.
+
+This takes the format: `/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP_NAME>`.
+
+    its('id') { should cmp 'FQDN' }
+
+### provisioning_state
+
+Tests the provisioning state of the resource group.
+
+    its('provisioning_state') { should cmp 'Succeeded' }
+
+### total
+
+Tests the total number of resources in the resource group.
+
+    its('total') { should eq 13 }
+
+### nic_count
+
+Tests the number of network interface cards in the resource group.
+
+    it { should have_nics }
+    its('nic_count') { should eq 3 }
+
+### vm_count
+
+Tests the number of virtual machines in the resource group.
+
+    its('vm_count') { should eq 5 }
+
+### vnet_count
+
+Tests the number of virtual networks in the resource group.
+
+    its('vnet_count') { should eq 5 }
+
+### sa_count
+
+Tests the number of storage accounts in the resource group.
+
+    its('sa_count') { should eq 5 }
+
+### public\_ip\_count
+
+Tests the number of Public IP Addresses in the resource group.
+
+    its('public_ip_count') { should eq 5 }
+
+### managed\_disk\_image\_count
+
+Tests the number of managed disk images that are in the resource group.
+
+Managed disks are created from disk images and then attached to the machines. Generally, the images are created from a base image or a custom image (e.g., Packer)
+
+    its('managed_disk_image_count') { should eq 5 }
+
+### managed\_disk\_count
+
+Tests the number of managed disks in the resource group.
+
+If a resource group contains one virtual machine with an OS disk and 2 data disks that are all Managed Disks, then the count would be 3.
+
+    its('managed_disk_count') { should eq 3 }
+
+<br>
+
+## Matchers
+
+This resource has a number of special matchers that provide a simple way to test if a specific Azure Resource type exists in the resource group.
+
+For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### have_nics
+
+Use this matcher to test if network interfaces exist.
+
+    it { should have_nics }
+
+### have_vms
+
+Use this matcher to test that virtual machines exist.
+
+    it { should have_vms }
+
+### have_extensions
+
+Use this matcher to test for virtual machine extensions.
+
+    it { should have_extensions }
+
+### have_nsgs
+
+Use this matcher to test that network security groups exist.
+
+    it { should have_nsgs }
+
+### have_vnets
+
+Use this matcher to test that virtual networks exist.
+
+    it { should have_vnets }
+
+### have\_managed\_disks
+
+Use this matcher to test that managed disks exist.
+
+    it { should have_managed_disks }
+
+### have\_managed\_disk\_images
+
+Use this matcher to test that managed disk images exist.
+
+    it { should have_managed_disk_images }
+
+### have_sas
+
+Use this matcher to test that storage accounts exist.
+
+    it { should have_sas }
+
+### have\_public\_ips
+
+Use this matcher to test that public ips exist.
+
+    it { should have_public_ips }
+
+## Tags
+
+It is possible to test the tags that have been assigned to the resource. There are some properties for checking that a resource has tags, that it has the correct number of tags, and that the correct tags are assigned.
+
+### have\_tags
+
+This is a simple test to see if the machine has tags assigned to it or not.
+
+    it { should have_tags }
+
+### tag\_count
+
+Returns the number of tags that are assigned to the resource
+
+    its ('tag_count') { should eq 2 }
+
+### tags
+
+It is possible to check if a specific tag has been set on the resource.
+
+    its('tags') { should include 'owner' }
+
+### xxx\_tag
+
+To get the value of the tag, some properties are created from the tags themselves.
+
+For example, if the following tag is set on a resource:
+
+* owner: JG Jinglehimerschmidt
+
+Then a property is available called `Owner_tag`.
+
+    its('owner_tag') { should cmp 'JG Jinglehimerschmidt' }
+
+Note: The tag name is case sensitive which makes the test case sensitive. E.g. `owner_tag` does not equal `Owner_tag`.
+
+<br>
+
+## References
+
+For more information on Azure Ruby SDK resources, see:
+
+* [Azure Ruby SDK - Resources](https://github.com/Azure/azure-sdk-for-ruby/tree/master/management/azure_mgmt_resources)
+* [Resource Group](https://github.com/chef/inspec/blob/fc990346f2438690f0ac36a9f6606e61574a79b8/test/azure/verify/controls/resource_group.rb)