RubyGems - awspec - Versions diffs - 1.17.4 → 1.18.0 - Mend

awspec 1.17.4 → 1.18.0

Files changed (31) hide show

checksums.yaml +5 -5
data/README.md +27 -0
data/doc/_resource_types/alb.md +8 -0
data/doc/_resource_types/cloudtrail.md +8 -0
data/doc/_resource_types/cloudwatch_logs.md +8 -0
data/doc/_resource_types/secretsmanager.md +15 -0
data/doc/resource_types.md +61 -11
data/lib/awspec/generator/doc/type/alb.rb +2 -1
data/lib/awspec/generator/doc/type/secretsmanager.rb +17 -0
data/lib/awspec/helper/finder.rb +4 -1
data/lib/awspec/helper/finder/alb.rb +9 -0
data/lib/awspec/helper/finder/cloudtrail.rb +6 -0
data/lib/awspec/helper/finder/cloudwatch_logs.rb +4 -0
data/lib/awspec/helper/finder/lambda.rb +1 -1
data/lib/awspec/helper/finder/s3.rb +10 -0
data/lib/awspec/helper/finder/secretsmanager.rb +11 -0
data/lib/awspec/helper/type.rb +1 -0
data/lib/awspec/stub/alb.rb +9 -0
data/lib/awspec/stub/cloudtrail.rb +19 -1
data/lib/awspec/stub/cloudwatch_logs.rb +7 -0
data/lib/awspec/stub/secretsmanager.rb +36 -0
data/lib/awspec/type/alb.rb +9 -0
data/lib/awspec/type/cloudtrail.rb +6 -0
data/lib/awspec/type/cloudwatch_logs.rb +6 -0
data/lib/awspec/type/ec2.rb +2 -2
data/lib/awspec/type/route_table.rb +4 -2
data/lib/awspec/type/s3_bucket.rb +16 -9
data/lib/awspec/type/secretsmanager.rb +14 -0
data/lib/awspec/version.rb +1 -1
metadata +8 -4
data/.gitignore +0 -12

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 24a77e8385426709aab7708405c31a6c44f80043
-  data.tar.gz: bc25733590d646e87cf24930f3fe9494b8d0fc49
+SHA256:
+  metadata.gz: 282551e2308dd0173e1945a36abc52c0f7c5836b9a070a73c071385d268b4c21
+  data.tar.gz: bc12a2007ec95614d27b9d963cf204bcc0f10424fe063d620591e5ddf684a84f
 SHA512:
-  metadata.gz: 98c3884402e67f7856551ad7945597fe50cb906a39ee00a7b347843127561443a159f24829ec865682b2f11807dbbe85eb06c0ceaaaa1ce54f7a64381d902c64
-  data.tar.gz: 620fbf415995935dadb197ba200808ed0f8987de02fd2ac7b8be59d1decb2c96f2564b4593198bd1dba718664452c770985f940de2832698adc47261075e2680
+  metadata.gz: 05bbe8f18a6d921cfa135a2704a643a8ff6970d1975de78af029e1f93214d3ef6ef19199acccde8bba8535a29bc0b4aee9949287647eeae94d9a957aa2a64c7d
+  data.tar.gz: ddf9edd8742c58ffae8a106f1fe86e41dc38aa8fac3a7b31ed0a2826341a8eb916bb8e8673367f8e2d7149b35cb0530eeb0140e7eae68db55b4f7aa0fc9d999d

data/README.md CHANGED

@@ -96,6 +96,33 @@ describe sqs('my-sqs-queue'), region: 'us-west-2' do
 end
 ```
+#### Using terraform outputs as identifier
+Especially in cases, where resources created by terraform have the same names (e.g. created by VPC module), it is helpful to use terraform outputs as unique identifiers.
+```terraform
+output "my_ec2_instance" {
+    value = aws_instance.my_instance.id
+}
+```
+```ruby
+require 'spec_helper'
+my_ec2_instance = `terraform output my_ec2_instance`.strip
+describe ec2(my_ec2_instance) do
+  it { should be_running }
+  its(:image_id) { should eq 'ami-abc12def' }
+  its(:public_ip_address) { should eq '123.0.456.789' }
+  it { should have_security_group('my-security-group-name') }
+  it { should belong_to_vpc('my-vpc') }
+  it { should belong_to_subnet('subnet-1234a567') }
+  it { should have_eip('123.0.456.789') }
+  it { should be_disabled_api_termination }
+end
+```
 ### STEP 4. Run tests
 Add gem "rake" in your Gemfile if you are starting a blank project.

data/doc/_resource_types/alb.md CHANGED

@@ -30,6 +30,14 @@ describe alb('my-alb') do
 end
 ```
+### have_tag
+```ruby
+describe alb('my-alb') do
+  it { should have_tag('environment').value('dev') }
+end
+```
 ### belong_to_vpc
 ```ruby

data/doc/_resource_types/cloudtrail.md CHANGED

@@ -37,3 +37,11 @@ describe cloudtrail('my-trail') do
   it { should be_logging }
 end
 ```
+### have_tag
+```ruby
+describe cloudtrail('my-trail') do
+  it { should have_tag('Name').value('my-trail') }
+end
+```

data/doc/_resource_types/cloudwatch_logs.md CHANGED

@@ -38,3 +38,11 @@ describe cloudwatch_logs('my-cloudwatch-logs-group') do
   end
 end
 ```
+### have_tag
+```ruby
+describe cloudwatch_logs('my-cloudwatch-logs-group') do
+  it { should have_tag('Name').value('my-cloudwatch-logs-group') }
+end
+```

data/doc/_resource_types/secretsmanager.md ADDED

@@ -0,0 +1,15 @@
+### exist
+```ruby
+describe secretsmanager('my-secret') do
+  it { should exist }
+end
+```
+### have_tag
+```ruby
+describe secretsmanager('my-secret') do
+  it { should have_tag('Name').value('my-secret') }
+end
+```

data/doc/resource_types.md CHANGED

@@ -64,6 +64,7 @@
 | [route53_hosted_zone](#route53_hosted_zone)
 | [route_table](#route_table)
 | [s3_bucket](#s3_bucket)
+| [secretsmanager](#secretsmanager)
 | [security_group](#security_group)
 | [ses_identity](#ses_identity)
 | [sns_topic](#sns_topic)
@@ -144,6 +145,15 @@ end
 ```
+### have_tag
+```ruby
+describe alb('my-alb') do
+  it { should have_tag('environment').value('dev') }
+end
+```
 ### belong_to_vpc
 ```ruby
@@ -274,7 +284,7 @@ describe apigateway('my-apigateway') do
 end
 ```
-### its(:id), its(:name), its(:description), its(:created_date), its(:version), its(:warnings), its(:binary_media_types), its(:minimum_compression_size), its(:api_key_source), its(:policy)
+### its(:id), its(:name), its(:description), its(:created_date), its(:version), its(:warnings), its(:binary_media_types), its(:minimum_compression_size), its(:api_key_source), its(:policy), its(:tags)
 ## <a name="autoscaling_group">autoscaling_group</a>
 AutoscalingGroup resource type.
@@ -506,7 +516,7 @@ describe cloudfront_distribution('123456789zyxw.cloudfront.net') do
 end
 ```
-### its(:id), its(:arn), its(:status), its(:last_modified_time), its(:domain_name), its(:origin_groups), its(:comment), its(:price_class), its(:enabled), its(:web_acl_id), its(:http_version), its(:is_ipv6_enabled)
+### its(:id), its(:arn), its(:status), its(:last_modified_time), its(:domain_name), its(:origin_groups), its(:comment), its(:price_class), its(:enabled), its(:web_acl_id), its(:http_version), its(:is_ipv6_enabled), its(:alias_icp_recordals)
 ## <a name="cloudtrail">cloudtrail</a>
 Cloudtrail resource type.
@@ -528,6 +538,7 @@ describe cloudtrail('my-trail') do
 end
 ```
 ### be_multi_region_trail
 ```ruby
@@ -555,6 +566,14 @@ end
 ```
+### have_tag
+```ruby
+describe cloudtrail('my-trail') do
+  it { should have_tag('Name').value('my-trail') }
+end
+```
 ### its(:name), its(:s3_bucket_name), its(:s3_key_prefix), its(:sns_topic_name), its(:sns_topic_arn), its(:include_global_service_events), its(:is_multi_region_trail), its(:home_region), its(:trail_arn), its(:log_file_validation_enabled), its(:cloud_watch_logs_log_group_arn), its(:cloud_watch_logs_role_arn), its(:kms_key_id), its(:has_custom_event_selectors), its(:is_organization_trail)
 ## <a name="cloudwatch_alarm">cloudwatch_alarm</a>
@@ -604,7 +623,7 @@ describe cloudwatch_alarm('my-cloudwatch-alarm') do
 end
 ```
-### its(:alarm_name), its(:alarm_arn), its(:alarm_description), its(:alarm_configuration_updated_timestamp), its(:actions_enabled), its(:ok_actions), its(:alarm_actions), its(:insufficient_data_actions), its(:state_value), its(:state_reason), its(:state_reason_data), its(:state_updated_timestamp), its(:metric_name), its(:namespace), its(:statistic), its(:extended_statistic), its(:period), its(:unit), its(:evaluation_periods), its(:datapoints_to_alarm), its(:threshold), its(:comparison_operator), its(:treat_missing_data), its(:evaluate_low_sample_count_percentile), its(:metrics)
+### its(:alarm_name), its(:alarm_arn), its(:alarm_description), its(:alarm_configuration_updated_timestamp), its(:actions_enabled), its(:ok_actions), its(:alarm_actions), its(:insufficient_data_actions), its(:state_value), its(:state_reason), its(:state_reason_data), its(:state_updated_timestamp), its(:metric_name), its(:namespace), its(:statistic), its(:extended_statistic), its(:period), its(:unit), its(:evaluation_periods), its(:datapoints_to_alarm), its(:threshold), its(:comparison_operator), its(:treat_missing_data), its(:evaluate_low_sample_count_percentile), its(:metrics), its(:threshold_metric_id)
 ## <a name="cloudwatch_event">cloudwatch_event</a>
 CloudwatchEvent resource type.
@@ -615,7 +634,7 @@ CloudwatchEvent resource type.
 ### be_scheduled
-### its(:name), its(:arn), its(:event_pattern), its(:state), its(:description), its(:schedule_expression), its(:role_arn), its(:managed_by)
+### its(:name), its(:arn), its(:event_pattern), its(:state), its(:description), its(:schedule_expression), its(:role_arn), its(:managed_by), its(:event_bus_name)
 ## <a name="cloudwatch_logs">cloudwatch_logs</a>
 CloudwatchLogs resource type.
@@ -664,6 +683,15 @@ describe cloudwatch_logs('my-cloudwatch-logs-group') do
 end
 ```
+### have_tag
+```ruby
+describe cloudwatch_logs('my-cloudwatch-logs-group') do
+  it { should have_tag('Name').value('my-cloudwatch-logs-group') }
+end
+```
 ### its(:log_group_name), its(:creation_time), its(:retention_in_days), its(:metric_filter_count), its(:arn), its(:stored_bytes), its(:kms_key_id)
 ## <a name="codebuild">codebuild</a>
@@ -734,7 +762,7 @@ end
 ```
-### its(:bgp_asn), its(:customer_gateway_id), its(:ip_address), its(:state), its(:type), its(:tags)
+### its(:bgp_asn), its(:customer_gateway_id), its(:ip_address), its(:certificate_arn), its(:state), its(:type), its(:tags)
 ## <a name="directconnect_virtual_interface">directconnect_virtual_interface</a>
 DirectconnectVirtualInterface resource type.
@@ -770,7 +798,7 @@ describe directconnect_virtual_interface('my-directconnect-virtual-interface') d
 end
 ```
-### its(:owner_account), its(:virtual_interface_id), its(:location), its(:connection_id), its(:virtual_interface_type), its(:virtual_interface_name), its(:vlan), its(:asn), its(:amazon_side_asn), its(:auth_key), its(:amazon_address), its(:customer_address), its(:address_family), its(:virtual_interface_state), its(:customer_router_config), its(:mtu), its(:jumbo_frame_capable), its(:virtual_gateway_id), its(:direct_connect_gateway_id), its(:route_filter_prefixes), its(:bgp_peers), its(:region), its(:aws_device_v2)
+### its(:owner_account), its(:virtual_interface_id), its(:location), its(:connection_id), its(:virtual_interface_type), its(:virtual_interface_name), its(:vlan), its(:asn), its(:amazon_side_asn), its(:auth_key), its(:amazon_address), its(:customer_address), its(:address_family), its(:virtual_interface_state), its(:customer_router_config), its(:mtu), its(:jumbo_frame_capable), its(:virtual_gateway_id), its(:direct_connect_gateway_id), its(:route_filter_prefixes), its(:bgp_peers), its(:region), its(:aws_device_v2), its(:tags)
 ## <a name="dynamodb_table">dynamodb_table</a>
 DynamodbTable resource type.
@@ -1148,7 +1176,7 @@ describe ecs_cluster('my-ecs-cluster') do
 end
 ```
-### its(:cluster_arn), its(:cluster_name), its(:status), its(:registered_container_instances_count), its(:running_tasks_count), its(:pending_tasks_count), its(:active_services_count), its(:statistics), its(:tags)
+### its(:cluster_arn), its(:cluster_name), its(:status), its(:registered_container_instances_count), its(:running_tasks_count), its(:pending_tasks_count), its(:active_services_count), its(:statistics), its(:tags), its(:settings)
 ## <a name="ecs_container_instance">ecs_container_instance</a>
 ECS Container Instance resource type.
@@ -1173,7 +1201,7 @@ end
 ```
-### its(:container_instance_arn), its(:ec2_instance_id), its(:version), its(:version_info), its(:status), its(:agent_connected), its(:running_tasks_count), its(:pending_tasks_count), its(:agent_update_status), its(:attributes), its(:registered_at), its(:attachments), its(:tags)
+### its(:container_instance_arn), its(:ec2_instance_id), its(:version), its(:version_info), its(:status), its(:status_reason), its(:agent_connected), its(:running_tasks_count), its(:pending_tasks_count), its(:agent_update_status), its(:attributes), its(:registered_at), its(:attachments), its(:tags)
 ## <a name="ecs_service">ecs_service</a>
 ECS Service resource type.
@@ -2268,7 +2296,7 @@ describe mq('my-mq') do
 end
 ```
-### its(:vpc_id), its(:auto_minor_version_upgrade), its(:broker_arn), its(:broker_id), its(:broker_name), its(:broker_state), its(:created), its(:deployment_mode), its(:engine_type), its(:engine_version), its(:host_instance_type), its(:pending_engine_version), its(:publicly_accessible), its(:security_groups), its(:subnet_ids)
+### its(:vpc_id), its(:auto_minor_version_upgrade), its(:broker_arn), its(:broker_id), its(:broker_name), its(:broker_state), its(:created), its(:deployment_mode), its(:encryption_options), its(:engine_type), its(:engine_version), its(:host_instance_type), its(:pending_engine_version), its(:publicly_accessible), its(:security_groups), its(:subnet_ids)
 ## <a name="nat_gateway">nat_gateway</a>
 NatGateway resource type.
@@ -2696,7 +2724,7 @@ end
 ```
-### its(:vpc_id), its(:db_instance_identifier), its(:db_instance_class), its(:engine), its(:db_instance_status), its(:master_username), its(:db_name), its(:endpoint), its(:allocated_storage), its(:instance_create_time), its(:preferred_backup_window), its(:backup_retention_period), its(:db_security_groups), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:latest_restorable_time), its(:multi_az), its(:engine_version), its(:auto_minor_version_upgrade), its(:read_replica_source_db_instance_identifier), its(:read_replica_db_instance_identifiers), its(:read_replica_db_cluster_identifiers), its(:license_model), its(:iops), its(:character_set_name), its(:secondary_availability_zone), its(:publicly_accessible), its(:status_infos), its(:storage_type), its(:tde_credential_arn), its(:db_instance_port), its(:db_cluster_identifier), its(:storage_encrypted), its(:kms_key_id), its(:dbi_resource_id), its(:ca_certificate_identifier), its(:domain_memberships), its(:copy_tags_to_snapshot), its(:monitoring_interval), its(:enhanced_monitoring_resource_arn), its(:monitoring_role_arn), its(:promotion_tier), its(:db_instance_arn), its(:timezone), its(:iam_database_authentication_enabled), its(:performance_insights_enabled), its(:performance_insights_kms_key_id), its(:performance_insights_retention_period), its(:enabled_cloudwatch_logs_exports), its(:processor_features), its(:deletion_protection), its(:associated_roles), its(:listener_endpoint)
+### its(:vpc_id), its(:db_instance_identifier), its(:db_instance_class), its(:engine), its(:db_instance_status), its(:master_username), its(:db_name), its(:endpoint), its(:allocated_storage), its(:instance_create_time), its(:preferred_backup_window), its(:backup_retention_period), its(:db_security_groups), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:latest_restorable_time), its(:multi_az), its(:engine_version), its(:auto_minor_version_upgrade), its(:read_replica_source_db_instance_identifier), its(:read_replica_db_instance_identifiers), its(:read_replica_db_cluster_identifiers), its(:license_model), its(:iops), its(:character_set_name), its(:secondary_availability_zone), its(:publicly_accessible), its(:status_infos), its(:storage_type), its(:tde_credential_arn), its(:db_instance_port), its(:db_cluster_identifier), its(:storage_encrypted), its(:kms_key_id), its(:dbi_resource_id), its(:ca_certificate_identifier), its(:domain_memberships), its(:copy_tags_to_snapshot), its(:monitoring_interval), its(:enhanced_monitoring_resource_arn), its(:monitoring_role_arn), its(:promotion_tier), its(:db_instance_arn), its(:timezone), its(:iam_database_authentication_enabled), its(:performance_insights_enabled), its(:performance_insights_kms_key_id), its(:performance_insights_retention_period), its(:enabled_cloudwatch_logs_exports), its(:processor_features), its(:deletion_protection), its(:associated_roles), its(:listener_endpoint), its(:max_allocated_storage)
 ### :unlock: Advanced use
 `rds` can use `Aws::RDS::DBInstance` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/RDS/DBInstance.html).
@@ -2828,7 +2856,7 @@ describe redshift('my-redshift') do
 end
 ```
-### its(:vpc_id), its(:cluster_identifier), its(:node_type), its(:cluster_status), its(:modify_status), its(:master_username), its(:db_name), its(:endpoint), its(:cluster_create_time), its(:automated_snapshot_retention_period), its(:manual_snapshot_retention_period), its(:cluster_security_groups), its(:cluster_subnet_group_name), its(:vpc_id), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:cluster_version), its(:allow_version_upgrade), its(:number_of_nodes), its(:publicly_accessible), its(:encrypted), its(:restore_status), its(:data_transfer_progress), its(:hsm_status), its(:cluster_snapshot_copy_status), its(:cluster_public_key), its(:cluster_nodes), its(:elastic_ip_status), its(:cluster_revision_number), its(:kms_key_id), its(:enhanced_vpc_routing), its(:iam_roles), its(:pending_actions), its(:maintenance_track_name), its(:elastic_resize_number_of_node_options), its(:deferred_maintenance_windows), its(:snapshot_schedule_identifier), its(:snapshot_schedule_state), its(:resize_info)
+### its(:vpc_id), its(:cluster_identifier), its(:node_type), its(:cluster_status), its(:cluster_availability_status), its(:modify_status), its(:master_username), its(:db_name), its(:endpoint), its(:cluster_create_time), its(:automated_snapshot_retention_period), its(:manual_snapshot_retention_period), its(:cluster_security_groups), its(:cluster_subnet_group_name), its(:vpc_id), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:cluster_version), its(:allow_version_upgrade), its(:number_of_nodes), its(:publicly_accessible), its(:encrypted), its(:restore_status), its(:data_transfer_progress), its(:hsm_status), its(:cluster_snapshot_copy_status), its(:cluster_public_key), its(:cluster_nodes), its(:elastic_ip_status), its(:cluster_revision_number), its(:kms_key_id), its(:enhanced_vpc_routing), its(:iam_roles), its(:pending_actions), its(:maintenance_track_name), its(:elastic_resize_number_of_node_options), its(:deferred_maintenance_windows), its(:snapshot_schedule_identifier), its(:snapshot_schedule_state), its(:expected_next_snapshot_schedule_time), its(:expected_next_snapshot_schedule_time_status), its(:resize_info)
 ## <a name="redshift_cluster_parameter_group">redshift_cluster_parameter_group</a>
 RedshiftClusterParameterGroup resource type.
@@ -3123,6 +3151,28 @@ describe s3_bucket('my-bucket') do
 end
 ```
+## <a name="secretsmanager">secretsmanager</a>
+Secretsmanager resource type.
+### exist
+```ruby
+describe secretsmanager('my-secret') do
+  it { should exist }
+end
+```
+### have_tag
+```ruby
+describe secretsmanager('my-secret') do
+  it { should have_tag('Name').value('my-secret') }
+end
+```
+### its(:arn), its(:name), its(:description), its(:kms_key_id), its(:rotation_enabled), its(:rotation_lambda_arn), its(:last_rotated_date), its(:last_changed_date), its(:last_accessed_date), its(:deleted_date), its(:owning_service)
 ## <a name="security_group">security_group</a>
 SecurityGroup resource type.

data/lib/awspec/generator/doc/type/alb.rb CHANGED

@@ -9,7 +9,8 @@ module Awspec::Generator
           @ret = @type.resource_via_client
           @matchers = [
             Awspec::Type::Alb::STATES.map { |state| 'be_' + state }.join(', '),
-            'belong_to_vpc'
+            'belong_to_vpc',
+            # 'have_tag'
           ]
           @ignore_matchers = Awspec::Type::Alb::STATES.map { |state| 'be_' + state }
           @describes = []

data/lib/awspec/generator/doc/type/secretsmanager.rb ADDED

@@ -0,0 +1,17 @@
+module Awspec::Generator
+  module Doc
+    module Type
+      class Secretsmanager < Base
+        def initialize
+          super
+          @type_name = 'Secretsmanager'
+          @type = Awspec::Type::Secretsmanager.new('my-secret')
+          @ret = @type.resource_via_client
+          @matchers = []
+          @ignore_matchers = []
+          @describes = []
+        end
+      end
+    end
+  end
+end

data/lib/awspec/helper/finder.rb CHANGED

@@ -46,6 +46,7 @@ require 'awspec/helper/finder/emr'
 require 'awspec/helper/finder/redshift'
 require 'awspec/helper/finder/codedeploy'
 require 'awspec/helper/finder/mq'
+require 'awspec/helper/finder/secretsmanager'
 require 'awspec/helper/finder/account_attributes'
@@ -101,6 +102,7 @@ module Awspec::Helper
     include Awspec::Helper::Finder::Redshift
     include Awspec::Helper::Finder::Codedeploy
     include Awspec::Helper::Finder::Mq
+    include Awspec::Helper::Finder::Secretsmanager
     CLIENTS = {
       ec2_client: Aws::EC2::Client,
@@ -144,7 +146,8 @@ module Awspec::Helper
       emr_client: Aws::EMR::Client,
       redshift_client: Aws::Redshift::Client,
       codedeploy_client: Aws::CodeDeploy::Client,
-      mq_client: Aws::MQ::Client
+      mq_client: Aws::MQ::Client,
+      secretsmanager_client: Aws::SecretsManager::Client
     }
     CLIENT_OPTIONS = {

data/lib/awspec/helper/finder/alb.rb CHANGED

@@ -54,6 +54,15 @@ module Awspec::Helper
         end
         selected
       end
+      def select_all_alb_tags(id)
+        res = elbv2_client.describe_tags({ resource_arns: [id] })
+        res.tag_descriptions.select do |resource|
+          resource.resource_arn == id
+        end.first.tags
+      rescue
+        return nil
+      end
     end
   end
 end

data/lib/awspec/helper/finder/cloudtrail.rb CHANGED

@@ -15,6 +15,12 @@ module Awspec::Helper
         cloudtrail_client.get_trail_status(name: id)
       end
+      def get_trail_tags(arn)
+        cloudtrail_client.list_tags(
+          resource_id_list: [arn]
+        )[:resource_tag_list].first[:tags_list]
+      end
       def is_logging?(id)
         ret = get_trail_status(id).is_logging
       end

data/lib/awspec/helper/finder/cloudwatch_logs.rb CHANGED

@@ -64,6 +64,10 @@ module Awspec::Helper
         log_groups
       end
+      def find_tags_by_log_group_name(id)
+        cloudwatch_logs_client.list_tags_log_group(log_group_name: id)[:tags]
+      end
       filter_types = %w(metric subscription)
       filter_types.each do |type|
         define_method 'select_all_cloudwatch_logs_' + type + '_filter' do |*args|

data/lib/awspec/helper/finder/lambda.rb CHANGED

@@ -23,7 +23,7 @@ module Awspec::Helper
       end
       def select_all_lambda_functions
-        res = lambda_client.list_functions.map do |response|
+        lambda_client.list_functions.map do |response|
           response.functions
         end.flatten
       end

data/lib/awspec/helper/finder/s3.rb CHANGED

@@ -13,6 +13,16 @@ module Awspec::Helper
         nil
       end
+      def head_object(id, key)
+        res = s3_client.head_object({
+                                      bucket: id,
+                                      key: key.sub(%r(\A/), '')
+                                    })
+        res.data.class == Aws::S3::Types::HeadObjectOutput
+      rescue Aws::S3::Errors::NotFound
+        false
+      end
       def find_bucket_cors(id)
         s3_client.get_bucket_cors(bucket: id)
       rescue Aws::S3::Errors::ServiceError

data/lib/awspec/helper/finder/secretsmanager.rb ADDED

@@ -0,0 +1,11 @@
+module Awspec::Helper
+  module Finder
+    module Secretsmanager
+      def find_secret(id)
+        secretsmanager_client.describe_secret({
+                                                secret_id: id
+                                              })
+      end
+    end
+  end
+end

data/lib/awspec/helper/type.rb CHANGED

@@ -20,6 +20,7 @@ module Awspec
         elastictranscoder_pipeline waf_web_acl wafregional_web_acl customer_gateway vpn_gateway vpn_connection
         internet_gateway acm cloudwatch_logs dynamodb_table eip sqs ssm_parameter cloudformation_stack
         codebuild sns_topic redshift redshift_cluster_parameter_group codedeploy codedeploy_deployment_group
+        secretsmanager
       )
       ACCOUNT_ATTRIBUTES = %w(

data/lib/awspec/stub/alb.rb CHANGED

@@ -81,6 +81,15 @@ Aws.config[:elasticloadbalancingv2] = {
           protocol: 'HTTP'
         }
       ]
+    },
+    describe_tags: {
+      tag_descriptions: [
+        resource_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-alb/1aa1bb1cc1ddee11',
+        tags: [
+          key: 'environment',
+          value: 'dev'
+        ]
+      ]
     }
   }
 }

data/lib/awspec/stub/cloudtrail.rb CHANGED

@@ -6,12 +6,30 @@ Aws.config[:cloudtrail] = {
           name: 'my-trail',
           include_global_service_events: true,
           is_multi_region_trail: true,
-          log_file_validation_enabled: true
+          log_file_validation_enabled: true,
+          trail_arn: 'my-trail-arn'
         }
       ]
     },
     get_trail_status: {
       is_logging: true
+    },
+    list_tags: {
+      resource_tag_list: [
+        {
+          resource_id: 'my-trail-arn',
+          tags_list: [
+            {
+              key: 'key_one',
+              value: 'value_one'
+            },
+            {
+              key: 'key_two',
+              value: 'value_two'
+            }
+          ]
+        }
+      ]
     }
   }
 }

data/lib/awspec/stub/cloudwatch_logs.rb CHANGED

@@ -29,6 +29,13 @@ Aws.config[:cloudwatchlogs] = {
           filter_pattern: '[host, ident, authuser, date, request, status, bytes]'
         }
       ]
+    },
+    list_tags_log_group: {
+      tags: {
+        'key_one' => 'value_one',
+        'key_two' => 'value_two'
+      }
     }
   }
 }

data/lib/awspec/stub/secretsmanager.rb ADDED

@@ -0,0 +1,36 @@
+Aws.config[:secretsmanager] = {
+  stub_responses: {
+    describe_secret: {
+      arn: 'my-secret-arn',
+      description: 'my secret description',
+      kms_key_id: 'secret-kms-key-arn',
+      last_accessed_date: Time.at(1_523_923_200),
+      last_changed_date: Time.at(1_523_477_145.729),
+      last_rotated_date: Time.at(1_525_747_253.72),
+      name: 'my-secret-name',
+      rotation_enabled: true,
+      rotation_lambda_arn: 'my-secret-rotation-lambda-arn',
+      rotation_rules: {
+        automatically_after_days: 30
+      },
+      tags: [
+        {
+          key: 'key_one',
+          value: 'value_one'
+        },
+        {
+          key: 'key_two',
+          value: 'value_two'
+        }
+      ],
+      version_ids_to_stages: {
+        'EXAMPLE1-90ab-cdef-fedc-ba987EXAMPLE' => [
+          'AWSPREVIOUS'
+        ],
+        'EXAMPLE2-90ab-cdef-fedc-ba987EXAMPLE' => [
+          'AWSCURRENT'
+        ]
+      }
+    }
+  }
+}

data/lib/awspec/type/alb.rb CHANGED

@@ -1,5 +1,6 @@
 module Awspec::Type
   class Alb < ResourceBase
+    tags_allowed
     def resource_via_client
       @resource_via_client ||= find_alb(@display_name)
     end
@@ -38,5 +39,13 @@ module Awspec::Type
       subnet2 = find_subnet(subnet_id)
       subnet2.subnet_id = subnet_id
     end
+    def has_tag?(tag_key, tag_value)
+      alb_arn = resource_via_client.load_balancer_arn
+      tag_set = select_all_alb_tags(alb_arn)
+      tag_set.find do |tag|
+        tag.key == tag_key && tag.value == tag_value
+      end
+    end
   end
 end

data/lib/awspec/type/cloudtrail.rb CHANGED

@@ -25,5 +25,11 @@ module Awspec::Type
     def logging?
       is_logging?(id)
     end
+    def has_tag?(tag_key, tag_value)
+      get_trail_tags(resource_via_client.trail_arn).find do |tag|
+        tag.key == tag_key && tag.value == tag_value
+      end
+    end
   end
 end

data/lib/awspec/type/cloudwatch_logs.rb CHANGED

@@ -27,5 +27,11 @@ module Awspec::Type
       end
       return true if ret.filter_name == filter_name
     end
+    def has_tag?(tag_key, tag_value)
+      find_tags_by_log_group_name(resource_via_client.log_group_name).find do |key, value|
+        key == tag_key && value == tag_value
+      end
+    end
   end
 end

data/lib/awspec/type/ec2.rb CHANGED

@@ -90,7 +90,7 @@ module Awspec::Type
     def has_network_interface?(network_interface_id, device_index = nil)
       res = find_network_interface(network_interface_id)
       interfaces = resource_via_client.network_interfaces
-      ret = interfaces.find do |interface|
+      interfaces.find do |interface|
         next false if device_index && interface.attachment.device_index != device_index
         interface.network_interface_id == res.network_interface_id
       end
@@ -98,7 +98,7 @@ module Awspec::Type
     def has_event?(event_code)
       status = find_ec2_status(id)
-      ret = status.events.find do |event|
+      status.events.find do |event|
         event.code == event_code
       end
     end

data/lib/awspec/type/route_table.rb CHANGED

@@ -54,7 +54,8 @@ module Awspec::Type
       cgw = find_customer_gateway(gateway_id)
       return true if cgw && cgw.customer_gateway_id == route.gateway_id
       # nat gateway
-      return true if route.nat_gateway_id == gateway_id
+      nat = find_nat_gateway(gateway_id)
+      return true if nat.nat_gateway_id == route.nat_gateway_id
       false
     end
@@ -68,7 +69,8 @@ module Awspec::Type
     def target_nat?(route, nat_gateway_id)
       # nat
-      route.nat_gateway_id == nat_gateway_id
+      nat = find_nat_gateway(nat_gateway_id)
+      nat.nat_gateway_id == route.nat_gateway_id
     end
     def target_vpc_peering_connection?(route, vpc_peering_connection_id)

data/lib/awspec/type/s3_bucket.rb CHANGED

@@ -11,16 +11,12 @@ module Awspec::Type
     end
     def has_object?(key)
-      res = s3_client.head_object({
-                                    bucket: id,
-                                    key: key.sub(%r(\A/), '')
-                                  })
-      res
-    rescue
-      false
+      check_existence
+      head_object(id, key)
     end
     def has_acl_grant?(grantee:, permission:)
+      check_existence
       @acl = find_bucket_acl(id)
       @acl.grants.find do |grant|
         grant.permission == permission &&
@@ -29,11 +25,13 @@ module Awspec::Type
     end
     def acl_owner
+      check_existence
       @acl = find_bucket_acl(id)
       @acl.owner.display_name
     end
     def acl_grants_count
+      check_existence
       @acl = find_bucket_acl(id)
       @acl.grants.count
     end
@@ -57,7 +55,9 @@ module Awspec::Type
     end
     def has_policy?(policy)
+      check_existence
       bp = find_bucket_policy(id)
       if bp
         JSON.parse(bp.policy.read, array_class: Set) == JSON.parse(policy, array_class: Set)
       else
@@ -66,12 +66,14 @@ module Awspec::Type
     end
     def has_tag?(key, value)
+      check_existence
       tag = find_bucket_tag(id, key)
       return nil if tag.value != value
       tag
     end
     def has_logging_enabled?(target_bucket: nil, target_prefix: nil)
+      check_existence
       bl = find_bucket_logging(id)
       le = bl ? bl.logging_enabled : nil
@@ -82,11 +84,13 @@ module Awspec::Type
     end
     def has_versioning_enabled?
+      check_existence
       bv = find_bucket_versioning(id)
       bv ? (bv.status == 'Enabled') : false
     end
     def has_lifecycle_rule?(rule)
+      check_existence
       lc_rule = lifecycle_configuration_rules.select { |r| r[:id] == rule[:id] }
       return false if lc_rule == []
@@ -105,11 +109,13 @@ module Awspec::Type
     end
     def has_mfa_delete_enabled?
+      check_existence
       bv = find_bucket_versioning(id)
       bv ? (bv.mfa_delete == 'Enabled') : false
     end
     def has_server_side_encryption?(algorithm:)
+      check_existence
       configuration = find_bucket_server_side_encryption(id)
       return false unless configuration
@@ -120,8 +126,9 @@ module Awspec::Type
     private
     def cors_rules
-      cors = find_bucket_cors(id)
-      cors ? cors.cors_rules : []
+      check_existence
+      @cors ||= find_bucket_cors(id)
+      @cors ? @cors.cors_rules : []
     end
     def lifecycle_configuration_rules

data/lib/awspec/type/secretsmanager.rb ADDED

@@ -0,0 +1,14 @@
+module Awspec::Type
+  class Secretsmanager < ResourceBase
+    aws_resource Aws::SecretsManager
+    tags_allowed
+    def resource_via_client
+      @resource_via_client ||= find_secret(@display_name)
+    end
+    def id
+      @id ||= resource_via_client.name if resource_via_client
+    end
+  end
+end

data/lib/awspec/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Awspec
-  VERSION = '1.17.4'
+  VERSION = '1.18.0'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awspec
 version: !ruby/object:Gem::Version
-  version: 1.17.4
+  version: 1.18.0
 platform: ruby
 authors:
 - k1LoW
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-05-17 00:00:00.000000000 Z
+date: 2019-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -207,7 +207,6 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".editorconfig"
-- ".gitignore"
 - ".rubocop.yml"
 - ".tachikoma.yml"
 - ".travis.yml"
@@ -285,6 +284,7 @@ files:
 - doc/_resource_types/route53_hosted_zone.md
 - doc/_resource_types/route_table.md
 - doc/_resource_types/s3_bucket.md
+- doc/_resource_types/secretsmanager.md
 - doc/_resource_types/security_group.md
 - doc/_resource_types/ses_identity.md
 - doc/_resource_types/ses_send_quota.md
@@ -382,6 +382,7 @@ files:
 - lib/awspec/generator/doc/type/route53_hosted_zone.rb
 - lib/awspec/generator/doc/type/route_table.rb
 - lib/awspec/generator/doc/type/s3_bucket.rb
+- lib/awspec/generator/doc/type/secretsmanager.rb
 - lib/awspec/generator/doc/type/security_group.rb
 - lib/awspec/generator/doc/type/ses_identity.rb
 - lib/awspec/generator/doc/type/ses_send_quota.rb
@@ -476,6 +477,7 @@ files:
 - lib/awspec/helper/finder/redshift.rb
 - lib/awspec/helper/finder/route53.rb
 - lib/awspec/helper/finder/s3.rb
+- lib/awspec/helper/finder/secretsmanager.rb
 - lib/awspec/helper/finder/security_group.rb
 - lib/awspec/helper/finder/ses.rb
 - lib/awspec/helper/finder/sns_topic.rb
@@ -599,6 +601,7 @@ files:
 - lib/awspec/stub/route53_hosted_zone.rb
 - lib/awspec/stub/route_table.rb
 - lib/awspec/stub/s3_bucket.rb
+- lib/awspec/stub/secretsmanager.rb
 - lib/awspec/stub/security_group.rb
 - lib/awspec/stub/ses_identity.rb
 - lib/awspec/stub/sns_topic.rb
@@ -683,6 +686,7 @@ files:
 - lib/awspec/type/route53_hosted_zone.rb
 - lib/awspec/type/route_table.rb
 - lib/awspec/type/s3_bucket.rb
+- lib/awspec/type/secretsmanager.rb
 - lib/awspec/type/security_group.rb
 - lib/awspec/type/ses_identity.rb
 - lib/awspec/type/ses_send_quota.rb
@@ -716,7 +720,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.14
+rubygems_version: 2.7.6
 signing_key:
 specification_version: 4
 summary: RSpec tests for your AWS resources.

data/.gitignore DELETED

@@ -1,12 +0,0 @@
-/.bundle/
-/.yardoc
-/Gemfile.lock
-/_yardoc/
-/coverage/
-/pkg/
-/spec/reports/
-/tmp/
-/spec/secrets.yml
-/.ruby-version
-*.sw*
-*.gem