Add default_tenant_policy column in table azure_subscription close #956

[khushboo9024]

Integration test logs

Logs

Add passing integration test logs here

Example query results

Results

> select
  subscription_id,
  display_name,
  default_tenant_policy ->> 'id' as policy_id,
  default_tenant_policy -> 'properties' ->> 'blockSubscriptionsLeavingTenant' as block_leaving_tenant,
  default_tenant_policy -> 'properties' ->> 'blockSubscriptionsIntoTenant' as block_into_tenant,
  default_tenant_policy -> 'properties' -> 'exemptedPrincipals' as exempted_principals
from
  azure_subscription;
+--------------------------------------+-----------------+---------------------------------------------------+----------------------+-------------------+------------>
| subscription_id                      | display_name    | policy_id                                         | block_leaving_tenant | block_into_tenant | exempted_pr>
+--------------------------------------+-----------------+---------------------------------------------------+----------------------+-------------------+------------>
| xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | newwarriors AAA | providers/Microsoft.Subscription/policies/default | false                | false             | []         >
| xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | Parker AAA      | providers/Microsoft.Subscription/policies/default | false                | false             | []         >
+--------------------------------------+-----------------+---------------------------------------------------+----------------------+-------------------+------------

[Copilot]

Pull Request Overview

This PR adds support for querying Azure Subscription Tenant Policies by introducing a new table azure_subscription_tenant_policy. These policies control whether subscriptions can be moved into or out of an Azure tenant, helping organizations maintain subscription governance.

Key Changes:

• Adds a new Steampipe table for querying tenant-level subscription policies
• Implements API integration using direct HTTP requests to the Azure Management API
• Provides comprehensive documentation with example queries

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
azure/table_azure_subscription_tenant_policy.go	Implements the new table with API client, column definitions, and response structs
azure/plugin.go	Registers the new table in the plugin's table map
docs/tables/azure_subscription_tenant_policy.md	Provides documentation and SQL query examples for the new table

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Creating a new HTTP client for each request is inefficient. Consider reusing a shared HTTP client instance or using the session's existing HTTP client infrastructure to improve performance and connection pooling.

[Copilot]

The error message should include the response body to help diagnose API failures. Azure API errors typically return JSON with error details that would be valuable for troubleshooting. Consider reading and including the response body in the error message when the status code indicates failure.

Suggested change

	plugin.Logger(ctx).Error("azure_subscription_tenant_policy.listSubscriptionTenantPolicy", "status_code", resp.StatusCode)
	return nil, fmt.Errorf("API request failed with status code: %d", resp.StatusCode)
	body, readErr := io.ReadAll(resp.Body)
	if readErr != nil {
	plugin.Logger(ctx).Error("azure_subscription_tenant_policy.listSubscriptionTenantPolicy", "status_code", resp.StatusCode, "body_read_error", readErr)
	return nil, fmt.Errorf("API request failed with status code: %d (error reading response body: %v)", resp.StatusCode, readErr)
	}
	plugin.Logger(ctx).Error("azure_subscription_tenant_policy.listSubscriptionTenantPolicy", "status_code", resp.StatusCode, "response_body", string(body))
	return nil, fmt.Errorf("API request failed with status code: %d, response body: %s", resp.StatusCode, string(body))