awspec 0.69.1 → 0.70.0

data/lib/awspec/helper/finder.rb

@@ -28,6 +28,9 @@ require 'awspec/helper/finder/elastictranscoder'
 require 'awspec/helper/finder/cloudtrail'
 require 'awspec/helper/finder/waf'
 require 'awspec/helper/finder/acm'
+require 'awspec/helper/finder/cloudwatch_logs'
+
+require 'awspec/helper/finder/account_attributes'
 
 module Awspec::Helper
   module Finder
@@ -60,6 +63,8 @@ module Awspec::Helper
     include Awspec::Helper::Finder::Cloudtrail
     include Awspec::Helper::Finder::Waf
     include Awspec::Helper::Finder::Acm
+    include Awspec::Helper::Finder::AccountAttributes
+    include Awspec::Helper::Finder::CloudwatchLogs
 
     CLIENTS = {
       ec2_client: Aws::EC2::Client,
@@ -85,7 +90,9 @@ module Awspec::Helper
       elasticsearch_client: Aws::ElasticsearchService::Client,
       cloudtrail_client: Aws::CloudTrail::Client,
       waf_client: Aws::WAF::Client,
-      acm_client: Aws::ACM::Client
+      sts_client: Aws::STS::Client,
+      acm_client: Aws::ACM::Client,
+      cloudwatch_logs_client: Aws::CloudWatchLogs::Client
     }
 
     CLIENTS.each do |method_name, client|

data/lib/awspec/helper/finder/account_attributes.rb

@@ -0,0 +1,61 @@
+module Awspec::Helper
+  module Finder
+    module AccountAttributes
+      def find_ec2_account_attributes
+        attributes = {}
+        ec2_client.describe_account_attributes.account_attributes.each do |attr|
+          values = attr[:attribute_values].map do |v|
+            v[:attribute_value]
+          end
+          if attr[:attribute_name] == 'supported-platforms'
+            # supported-platforms
+            attributes[attr[:attribute_name].tr('-', '_').to_sym] = values
+          else
+            value = values.first
+            if value =~ /\A\d+\z/
+              attributes[attr[:attribute_name].tr('-', '_').to_sym] = value.to_i
+            else
+              attributes[attr[:attribute_name].tr('-', '_').to_sym] = value
+            end
+          end
+        end
+        attributes.to_struct
+      end
+
+      def find_rds_account_attributes
+        attributes = {}
+        rds_client.describe_account_attributes.account_quotas.each do |attr|
+          values = {
+            used: attr[:used],
+            max: attr[:max]
+          }
+          attributes[attr[:account_quota_name].to_sym] = values.to_struct
+        end
+        attributes.to_struct
+      end
+
+      def find_lambda_account_settings
+        attributes = {}
+        settings = lambda_client.get_account_settings
+        settings.account_limit.members.each do |key|
+          attributes[key] = { limit: settings.account_limit[key] }
+        end
+        settings.account_usage.members.each do |key|
+          if attributes.include?(key)
+            attributes[key][:usage] = settings.account_usage[key]
+          else
+            attributes[key] = { usage: settings.account_usage[key] }
+          end
+        end
+        attributes.to_struct
+      end
+
+      def find_ses_send_quota
+        ses_client.get_send_quota
+      rescue
+        # Aws::Errors::NoSuchEndpointError
+        nil
+      end
+    end
+  end
+end

data/lib/awspec/helper/finder/cloudwatch_logs.rb

@@ -0,0 +1,35 @@
+module Awspec::Helper
+  module Finder
+    module CloudwatchLogs
+      def find_cloudwatch_logs_group(id)
+        cloudwatch_logs_client.describe_log_groups({
+                                                     log_group_name_prefix: id
+                                                   }).log_groups.find do |log_group|
+          log_group.log_group_name == id
+        end
+      end
+
+      def find_cloudwatch_logs_stream_by_log_group_name(id)
+        cloudwatch_logs_client.describe_log_streams({ log_group_name: id }).log_streams.last
+      end
+
+      def find_cloudwatch_logs_metric_fileter_by_log_group_name(id, filter_name)
+        cloudwatch_logs_client.describe_metric_filters({
+                                                         log_group_name: id,
+                                                         filter_name_prefix: filter_name
+                                                       }).metric_filters.find do |filter|
+          filter.filter_name == filter_name
+        end
+      end
+
+      def find_cloudwatch_logs_subscription_fileter_by_log_group_name(id, filter_name)
+        cloudwatch_logs_client.describe_subscription_filters({
+                                                               log_group_name: id,
+                                                               filter_name_prefix: filter_name
+                                                             }).subscription_filters.find do |filter|
+          filter.filter_name == filter_name
+        end
+      end
+    end
+  end
+end

data/lib/awspec/helper/type.rb

@@ -2,6 +2,10 @@ module Awspec
   module Helper
     module Type
       require 'awspec/type/base'
+      require 'awspec/type/resource_base'
+      require 'awspec/type/account_attribute_base'
+      require 'awspec/type/account'
+      require 'awspec/type/account_attribute'
 
       TYPES = %w(
         alb ami autoscaling_group cloudtrail cloudwatch_alarm cloudwatch_event directconnect_virtual_interface
@@ -11,16 +15,43 @@ module Awspec
         network_acl network_interface rds rds_db_cluster_parameter_group rds_db_parameter_group route53_hosted_zone
         route_table s3_bucket security_group ses_identity subnet vpc cloudfront_distribution
         elastictranscoder_pipeline waf_web_acl customer_gateway vpn_gateway vpn_connection internet_gateway acm
+        cloudwatch_logs
+      )
+
+      ACCOUNT_ATTRIBUTES = %w(
+        ec2_account_attributes rds_account_attributes lambda_account_settings ses_send_quota
       )
 
       TYPES.each do |type|
         require "awspec/type/#{type}"
         define_method type do |*args|
+          unless Object.const_get("Awspec::Type::#{type.camelize}").superclass.to_s == 'Awspec::Type::ResourceBase'
+            raise "Awspec::Type::#{type.camelize} should extend Awspec::Type::ResourceBase"
+          end
           name = args.first
           eval "Awspec::Type::#{type.camelize}.new(name)"
         end
       end
 
+      ACCOUNT_ATTRIBUTES.each do |type|
+        require "awspec/type/#{type}"
+        define_method type do
+          unless Object.const_get("Awspec::Type::#{type.camelize}").superclass.to_s \
+                 == 'Awspec::Type::AccountAttributeBase'
+            raise "Awspec::Type::#{type.camelize} should extend Awspec::Type::AccountAttributeBase"
+          end
+          eval "Awspec::Type::#{type.camelize}.new"
+        end
+      end
+
+      def account
+        Awspec::Type::Account.new
+      end
+
+      def account_attribute(key)
+        Awspec::Type::AccountAttribute.new(key)
+      end
+
       def self.deprecate_resource_type(old_type, new_type)
         define_method(old_type) do |*args, &block|
           puts ''

data/lib/awspec/matcher.rb

@@ -47,3 +47,6 @@ require 'awspec/matcher/have_key_policy'
 
 # WafWebAcl
 require 'awspec/matcher/have_rule'
+
+# CloudWatch Logs
+require 'awspec/matcher/have_subscription_filter'

data/lib/awspec/matcher/have_subscription_filter.rb

@@ -0,0 +1,9 @@
+RSpec::Matchers.define :have_subscription_filter do |filter_name|
+  match do |log_group_name|
+    log_group_name.has_subscription_filter?(filter_name, @pattern)
+  end
+
+  chain :filter_pattern do |pattern|
+    @pattern = pattern
+  end
+end

data/lib/awspec/shared_context.rb

@@ -10,6 +10,14 @@ shared_context 'region', :region do
   end
 end
 
+shared_context 'account', :account do
+  before do |example|
+    sts_client = Aws::STS::Client.new
+    raise Awspec::InvalidAccountError unless sts_client.get_caller_identity.account == example.metadata[:account]
+    example.metadata[:described_class].account = example.metadata[:account]
+  end
+end
+
 shared_context 'cluster', :cluster do
   before do |example|
     example.metadata[:described_class].cluster = example.metadata[:cluster]

data/lib/awspec/stub/account.rb

@@ -0,0 +1,146 @@
+Aws.config[:ec2] = {
+  stub_responses: {
+    describe_account_attributes: {
+      account_attributes: [
+        {
+          attribute_name: 'supported-platforms',
+          attribute_values: [
+            {
+              attribute_value: 'EC2'
+            },
+            {
+              attribute_value: 'VPC'
+            }
+          ]
+        },
+        {
+          attribute_name: 'vpc-max-security-groups-per-interface',
+          attribute_values: [
+            {
+              attribute_value: '5'
+            }
+          ]
+        },
+        {
+          attribute_name: 'max-elastic-ips',
+          attribute_values: [
+            {
+              attribute_value: '5'
+            }
+          ]
+        },
+        {
+          attribute_name: 'max-instances',
+          attribute_values: [
+            {
+              attribute_value: '20'
+            }
+          ]
+        },
+        {
+          attribute_name: 'vpc-max-elastic-ips',
+          attribute_values: [
+            {
+              attribute_value: '5'
+            }
+          ]
+        },
+        {
+          attribute_name: 'default-vpc',
+          attribute_values: [
+            {
+              attribute_value: 'none'
+            }
+          ]
+        }
+      ]
+    }
+  }
+}
+Aws.config[:rds] = {
+  stub_responses: {
+    describe_account_attributes: {
+      account_quotas: [
+        {
+          account_quota_name: 'DBInstances', used: 0, max: 40
+        },
+        {
+          account_quota_name: 'ReservedDBInstances', used: 0, max: 40
+        },
+        {
+          account_quota_name: 'AllocatedStorage', used: 0, max: 100_000
+        },
+        {
+          account_quota_name: 'DBSecurityGroups', used: 0, max: 25
+        },
+        {
+          account_quota_name: 'AuthorizationsPerDBSecurityGroup', used: 0, max: 20
+        },
+        {
+          account_quota_name: 'DBParameterGroups', used: 1, max: 50
+        },
+        {
+          account_quota_name: 'ManualSnapshots', used: 0, max: 100
+        },
+        {
+          account_quota_name: 'EventSubscriptions', used: 0, max: 20
+        },
+        {
+          account_quota_name: 'DBSubnetGroups', used: 1, max: 50
+        },
+        {
+          account_quota_name: 'OptionGroups', used: 0, max: 20
+        },
+        {
+          account_quota_name: 'SubnetsPerDBSubnetGroup', used: 2, max: 20
+        },
+        {
+          account_quota_name: 'ReadReplicasPerMaster', used: 0, max: 5
+        },
+        {
+          account_quota_name: 'DBClusters', used: 0, max: 40
+        },
+        {
+          account_quota_name: 'DBClusterParameterGroups', used: 0, max: 50
+        },
+        {
+          account_quota_name: 'DBClusterRoles', used: 0, max: 5
+        }
+      ]
+    }
+  }
+}
+Aws.config[:lambda] = {
+  stub_responses: {
+    get_account_settings: {
+      account_limit: {
+        total_code_size: 80_530_636_800,
+        code_size_unzipped: 262_144_000,
+        code_size_zipped: 52_428_800,
+        concurrent_executions: 200
+      },
+      account_usage: {
+        total_code_size: 2_034_651_562,
+        function_count: 8
+      }
+    }
+  }
+}
+Aws.config[:ses] = {
+  stub_responses: {
+    get_send_quota: {
+      max_24_hour_send: 200.0,
+      max_send_rate: 1.0,
+      sent_last_24_hours: 1.0
+    }
+  }
+}
+Aws.config[:sts] = {
+  stub_responses: {
+    get_caller_identity: {
+      account: '123456789012',
+      arn: 'arn:aws:iam::123456789012:user/Alice',
+      user_id: 'AKIAI44QH8DHBEXAMPLE'
+    }
+  }
+}

data/lib/awspec/stub/cloudwatch_logs.rb

@@ -0,0 +1,34 @@
+Aws.config[:cloudwatchlogs] = {
+  stub_responses: {
+    describe_log_groups: {
+      log_groups: [
+        {
+          log_group_name: 'my-cloudwatch-logs-group',
+          retention_in_days: 365
+        }
+      ]
+    },
+    describe_log_streams: {
+      log_streams: [
+        {
+          log_stream_name: 'my-cloudwatch-logs-stream'
+        }
+      ]
+    },
+    describe_metric_filters: {
+      metric_filters: [
+        {
+          filter_name: 'my-cloudwatch-logs-metric-filter'
+        }
+      ]
+    },
+    describe_subscription_filters: {
+      subscription_filters: [
+        {
+          filter_name: 'my-cloudwatch-logs-subscription-filter',
+          filter_pattern: '[host, ident, authuser, date, request, status, bytes]'
+        }
+      ]
+    }
+  }
+}

data/lib/awspec/stub/ecs.rb

@@ -50,10 +50,10 @@ Aws.config[:ecs] = {
               integer_value: 0,
               long_value: 0,
               string_set_value: %w[
-                '2376',
-                '22',
-                '51678',
-                '2375'
+                2376
+                22
+                51678
+                2375
               ]
             }
           ],
@@ -79,11 +79,11 @@ Aws.config[:ecs] = {
               integer_value: 0,
               long_value: 0,
               string_set_value: %w[
-                '2376',
-                '22',
-                '80',
-                '51678',
-                '2375'
+                2376
+                22
+                80
+                51678
+                2375
               ]
             }
           ],

data/lib/awspec/stub/ecs_cluster.rb

@@ -51,10 +51,10 @@ Aws.config[:ecs] = {
               integer_value: 0,
               long_value: 0,
               string_set_value: %w[
-                '2376',
-                '22',
-                '51678',
-                '2375'
+                2376
+                22
+                51678
+                2375
               ]
             }
           ],
@@ -80,11 +80,11 @@ Aws.config[:ecs] = {
               integer_value: 0,
               long_value: 0,
               string_set_value: %w[
-                '2376',
-                '22',
-                '80',
-                '51678',
-                '2375'
+                2376
+                22
+                80
+                51678
+                2375
               ]
             }
           ],