RubyGems - awspec - Versions diffs - 1.17.4 → 1.18.0 - Mend

awspec 1.17.4 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

checksums.yaml +5 -5
data/README.md +27 -0
data/doc/_resource_types/alb.md +8 -0
data/doc/_resource_types/cloudtrail.md +8 -0
data/doc/_resource_types/cloudwatch_logs.md +8 -0
data/doc/_resource_types/secretsmanager.md +15 -0
data/doc/resource_types.md +61 -11
data/lib/awspec/generator/doc/type/alb.rb +2 -1
data/lib/awspec/generator/doc/type/secretsmanager.rb +17 -0
data/lib/awspec/helper/finder.rb +4 -1
data/lib/awspec/helper/finder/alb.rb +9 -0
data/lib/awspec/helper/finder/cloudtrail.rb +6 -0
data/lib/awspec/helper/finder/cloudwatch_logs.rb +4 -0
data/lib/awspec/helper/finder/lambda.rb +1 -1
data/lib/awspec/helper/finder/s3.rb +10 -0
data/lib/awspec/helper/finder/secretsmanager.rb +11 -0
data/lib/awspec/helper/type.rb +1 -0
data/lib/awspec/stub/alb.rb +9 -0
data/lib/awspec/stub/cloudtrail.rb +19 -1
data/lib/awspec/stub/cloudwatch_logs.rb +7 -0
data/lib/awspec/stub/secretsmanager.rb +36 -0
data/lib/awspec/type/alb.rb +9 -0
data/lib/awspec/type/cloudtrail.rb +6 -0
data/lib/awspec/type/cloudwatch_logs.rb +6 -0
data/lib/awspec/type/ec2.rb +2 -2
data/lib/awspec/type/route_table.rb +4 -2
data/lib/awspec/type/s3_bucket.rb +16 -9
data/lib/awspec/type/secretsmanager.rb +14 -0
data/lib/awspec/version.rb +1 -1
metadata +8 -4
data/.gitignore +0 -12

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 24a77e8385426709aab7708405c31a6c44f80043
-  data.tar.gz: bc25733590d646e87cf24930f3fe9494b8d0fc49
+SHA256:
+  metadata.gz: 282551e2308dd0173e1945a36abc52c0f7c5836b9a070a73c071385d268b4c21
+  data.tar.gz: bc12a2007ec95614d27b9d963cf204bcc0f10424fe063d620591e5ddf684a84f
 SHA512:
-  metadata.gz: 98c3884402e67f7856551ad7945597fe50cb906a39ee00a7b347843127561443a159f24829ec865682b2f11807dbbe85eb06c0ceaaaa1ce54f7a64381d902c64
-  data.tar.gz: 620fbf415995935dadb197ba200808ed0f8987de02fd2ac7b8be59d1decb2c96f2564b4593198bd1dba718664452c770985f940de2832698adc47261075e2680
+  metadata.gz: 05bbe8f18a6d921cfa135a2704a643a8ff6970d1975de78af029e1f93214d3ef6ef19199acccde8bba8535a29bc0b4aee9949287647eeae94d9a957aa2a64c7d
+  data.tar.gz: ddf9edd8742c58ffae8a106f1fe86e41dc38aa8fac3a7b31ed0a2826341a8eb916bb8e8673367f8e2d7149b35cb0530eeb0140e7eae68db55b4f7aa0fc9d999d

data/README.md CHANGED

@@ -96,6 +96,33 @@ describe sqs('my-sqs-queue'), region: 'us-west-2' do
 end
 ```
+#### Using terraform outputs as identifier
+Especially in cases, where resources created by terraform have the same names (e.g. created by VPC module), it is helpful to use terraform outputs as unique identifiers.
+```terraform
+output "my_ec2_instance" {
+    value = aws_instance.my_instance.id
+}
+```
+```ruby
+require 'spec_helper'
+my_ec2_instance = `terraform output my_ec2_instance`.strip
+describe ec2(my_ec2_instance) do
+  it { should be_running }
+  its(:image_id) { should eq 'ami-abc12def' }
+  its(:public_ip_address) { should eq '123.0.456.789' }
+  it { should have_security_group('my-security-group-name') }
+  it { should belong_to_vpc('my-vpc') }
+  it { should belong_to_subnet('subnet-1234a567') }
+  it { should have_eip('123.0.456.789') }
+  it { should be_disabled_api_termination }
+end
+```
 ### STEP 4. Run tests
 Add gem "rake" in your Gemfile if you are starting a blank project.

data/doc/_resource_types/alb.md CHANGED

@@ -30,6 +30,14 @@ describe alb('my-alb') do
 end
 ```
+### have_tag
+```ruby
+describe alb('my-alb') do
+  it { should have_tag('environment').value('dev') }
+end
+```
 ### belong_to_vpc
 ```ruby

data/doc/_resource_types/cloudtrail.md CHANGED

@@ -37,3 +37,11 @@ describe cloudtrail('my-trail') do
   it { should be_logging }
 end
 ```
+### have_tag
+```ruby
+describe cloudtrail('my-trail') do
+  it { should have_tag('Name').value('my-trail') }
+end
+```

data/doc/_resource_types/cloudwatch_logs.md CHANGED

@@ -38,3 +38,11 @@ describe cloudwatch_logs('my-cloudwatch-logs-group') do
   end
 end
 ```
+### have_tag
+```ruby
+describe cloudwatch_logs('my-cloudwatch-logs-group') do
+  it { should have_tag('Name').value('my-cloudwatch-logs-group') }
+end
+```

data/doc/_resource_types/secretsmanager.md ADDED

@@ -0,0 +1,15 @@
+### exist
+```ruby
+describe secretsmanager('my-secret') do
+  it { should exist }
+end
+```
+### have_tag
+```ruby
+describe secretsmanager('my-secret') do
+  it { should have_tag('Name').value('my-secret') }
+end
+```

data/doc/resource_types.md CHANGED

@@ -64,6 +64,7 @@
 | [route53_hosted_zone](#route53_hosted_zone)
 | [route_table](#route_table)
 | [s3_bucket](#s3_bucket)
+| [secretsmanager](#secretsmanager)
 | [security_group](#security_group)
 | [ses_identity](#ses_identity)
 | [sns_topic](#sns_topic)
@@ -144,6 +145,15 @@ end
 ```
+### have_tag
+```ruby
+describe alb('my-alb') do
+  it { should have_tag('environment').value('dev') }
+end
+```
 ### belong_to_vpc
 ```ruby
@@ -274,7 +284,7 @@ describe apigateway('my-apigateway') do
 end
 ```
-### its(:id), its(:name), its(:description), its(:created_date), its(:version), its(:warnings), its(:binary_media_types), its(:minimum_compression_size), its(:api_key_source), its(:policy)
+### its(:id), its(:name), its(:description), its(:created_date), its(:version), its(:warnings), its(:binary_media_types), its(:minimum_compression_size), its(:api_key_source), its(:policy), its(:tags)
 ## <a name="autoscaling_group">autoscaling_group</a>
 AutoscalingGroup resource type.
@@ -506,7 +516,7 @@ describe cloudfront_distribution('123456789zyxw.cloudfront.net') do
 end
 ```
-### its(:id), its(:arn), its(:status), its(:last_modified_time), its(:domain_name), its(:origin_groups), its(:comment), its(:price_class), its(:enabled), its(:web_acl_id), its(:http_version), its(:is_ipv6_enabled)
+### its(:id), its(:arn), its(:status), its(:last_modified_time), its(:domain_name), its(:origin_groups), its(:comment), its(:price_class), its(:enabled), its(:web_acl_id), its(:http_version), its(:is_ipv6_enabled), its(:alias_icp_recordals)
 ## <a name="cloudtrail">cloudtrail</a>
 Cloudtrail resource type.
@@ -528,6 +538,7 @@ describe cloudtrail('my-trail') do
 end
 ```
 ### be_multi_region_trail
 ```ruby
@@ -555,6 +566,14 @@ end
 ```
+### have_tag
+```ruby
+describe cloudtrail('my-trail') do
+  it { should have_tag('Name').value('my-trail') }
+end
+```
 ### its(:name), its(:s3_bucket_name), its(:s3_key_prefix), its(:sns_topic_name), its(:sns_topic_arn), its(:include_global_service_events), its(:is_multi_region_trail), its(:home_region), its(:trail_arn), its(:log_file_validation_enabled), its(:cloud_watch_logs_log_group_arn), its(:cloud_watch_logs_role_arn), its(:kms_key_id), its(:has_custom_event_selectors), its(:is_organization_trail)
 ## <a name="cloudwatch_alarm">cloudwatch_alarm</a>
@@ -604,7 +623,7 @@ describe cloudwatch_alarm('my-cloudwatch-alarm') do
 end
 ```
-### its(:alarm_name), its(:alarm_arn), its(:alarm_description), its(:alarm_configuration_updated_timestamp), its(:actions_enabled), its(:ok_actions), its(:alarm_actions), its(:insufficient_data_actions), its(:state_value), its(:state_reason), its(:state_reason_data), its(:state_updated_timestamp), its(:metric_name), its(:namespace), its(:statistic), its(:extended_statistic), its(:period), its(:unit), its(:evaluation_periods), its(:datapoints_to_alarm), its(:threshold), its(:comparison_operator), its(:treat_missing_data), its(:evaluate_low_sample_count_percentile), its(:metrics)
+### its(:alarm_name), its(:alarm_arn), its(:alarm_description), its(:alarm_configuration_updated_timestamp), its(:actions_enabled), its(:ok_actions), its(:alarm_actions), its(:insufficient_data_actions), its(:state_value), its(:state_reason), its(:state_reason_data), its(:state_updated_timestamp), its(:metric_name), its(:namespace), its(:statistic), its(:extended_statistic), its(:period), its(:unit), its(:evaluation_periods), its(:datapoints_to_alarm), its(:threshold), its(:comparison_operator), its(:treat_missing_data), its(:evaluate_low_sample_count_percentile), its(:metrics), its(:threshold_metric_id)
 ## <a name="cloudwatch_event">cloudwatch_event</a>
 CloudwatchEvent resource type.
@@ -615,7 +634,7 @@ CloudwatchEvent resource type.
 ### be_scheduled
-### its(:name), its(:arn), its(:event_pattern), its(:state), its(:description), its(:schedule_expression), its(:role_arn), its(:managed_by)
+### its(:name), its(:arn), its(:event_pattern), its(:state), its(:description), its(:schedule_expression), its(:role_arn), its(:managed_by), its(:event_bus_name)
 ## <a name="cloudwatch_logs">cloudwatch_logs</a>
 CloudwatchLogs resource type.
@@ -664,6 +683,15 @@ describe cloudwatch_logs('my-cloudwatch-logs-group') do
 end
 ```
+### have_tag
+```ruby
+describe cloudwatch_logs('my-cloudwatch-logs-group') do
+  it { should have_tag('Name').value('my-cloudwatch-logs-group') }
+end
+```
 ### its(:log_group_name), its(:creation_time), its(:retention_in_days), its(:metric_filter_count), its(:arn), its(:stored_bytes), its(:kms_key_id)
 ## <a name="codebuild">codebuild</a>
@@ -734,7 +762,7 @@ end
 ```
-### its(:bgp_asn), its(:customer_gateway_id), its(:ip_address), its(:state), its(:type), its(:tags)
+### its(:bgp_asn), its(:customer_gateway_id), its(:ip_address), its(:certificate_arn), its(:state), its(:type), its(:tags)
 ## <a name="directconnect_virtual_interface">directconnect_virtual_interface</a>
 DirectconnectVirtualInterface resource type.
@@ -770,7 +798,7 @@ describe directconnect_virtual_interface('my-directconnect-virtual-interface') d
 end
 ```
-### its(:owner_account), its(:virtual_interface_id), its(:location), its(:connection_id), its(:virtual_interface_type), its(:virtual_interface_name), its(:vlan), its(:asn), its(:amazon_side_asn), its(:auth_key), its(:amazon_address), its(:customer_address), its(:address_family), its(:virtual_interface_state), its(:customer_router_config), its(:mtu), its(:jumbo_frame_capable), its(:virtual_gateway_id), its(:direct_connect_gateway_id), its(:route_filter_prefixes), its(:bgp_peers), its(:region), its(:aws_device_v2)
+### its(:owner_account), its(:virtual_interface_id), its(:location), its(:connection_id), its(:virtual_interface_type), its(:virtual_interface_name), its(:vlan), its(:asn), its(:amazon_side_asn), its(:auth_key), its(:amazon_address), its(:customer_address), its(:address_family), its(:virtual_interface_state), its(:customer_router_config), its(:mtu), its(:jumbo_frame_capable), its(:virtual_gateway_id), its(:direct_connect_gateway_id), its(:route_filter_prefixes), its(:bgp_peers), its(:region), its(:aws_device_v2), its(:tags)
 ## <a name="dynamodb_table">dynamodb_table</a>
 DynamodbTable resource type.
@@ -1148,7 +1176,7 @@ describe ecs_cluster('my-ecs-cluster') do
 end
 ```
-### its(:cluster_arn), its(:cluster_name), its(:status), its(:registered_container_instances_count), its(:running_tasks_count), its(:pending_tasks_count), its(:active_services_count), its(:statistics), its(:tags)
+### its(:cluster_arn), its(:cluster_name), its(:status), its(:registered_container_instances_count), its(:running_tasks_count), its(:pending_tasks_count), its(:active_services_count), its(:statistics), its(:tags), its(:settings)
 ## <a name="ecs_container_instance">ecs_container_instance</a>
 ECS Container Instance resource type.
@@ -1173,7 +1201,7 @@ end
 ```
-### its(:container_instance_arn), its(:ec2_instance_id), its(:version), its(:version_info), its(:status), its(:agent_connected), its(:running_tasks_count), its(:pending_tasks_count), its(:agent_update_status), its(:attributes), its(:registered_at), its(:attachments), its(:tags)
+### its(:container_instance_arn), its(:ec2_instance_id), its(:version), its(:version_info), its(:status), its(:status_reason), its(:agent_connected), its(:running_tasks_count), its(:pending_tasks_count), its(:agent_update_status), its(:attributes), its(:registered_at), its(:attachments), its(:tags)
 ## <a name="ecs_service">ecs_service</a>
 ECS Service resource type.
@@ -2268,7 +2296,7 @@ describe mq('my-mq') do
 end
 ```
-### its(:vpc_id), its(:auto_minor_version_upgrade), its(:broker_arn), its(:broker_id), its(:broker_name), its(:broker_state), its(:created), its(:deployment_mode), its(:engine_type), its(:engine_version), its(:host_instance_type), its(:pending_engine_version), its(:publicly_accessible), its(:security_groups), its(:subnet_ids)
+### its(:vpc_id), its(:auto_minor_version_upgrade), its(:broker_arn), its(:broker_id), its(:broker_name), its(:broker_state), its(:created), its(:deployment_mode), its(:encryption_options), its(:engine_type), its(:engine_version), its(:host_instance_type), its(:pending_engine_version), its(:publicly_accessible), its(:security_groups), its(:subnet_ids)
 ## <a name="nat_gateway">nat_gateway</a>
 NatGateway resource type.
@@ -2696,7 +2724,7 @@ end
 ```
-### its(:vpc_id), its(:db_instance_identifier), its(:db_instance_class), its(:engine), its(:db_instance_status), its(:master_username), its(:db_name), its(:endpoint), its(:allocated_storage), its(:instance_create_time), its(:preferred_backup_window), its(:backup_retention_period), its(:db_security_groups), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:latest_restorable_time), its(:multi_az), its(:engine_version), its(:auto_minor_version_upgrade), its(:read_replica_source_db_instance_identifier), its(:read_replica_db_instance_identifiers), its(:read_replica_db_cluster_identifiers), its(:license_model), its(:iops), its(:character_set_name), its(:secondary_availability_zone), its(:publicly_accessible), its(:status_infos), its(:storage_type), its(:tde_credential_arn), its(:db_instance_port), its(:db_cluster_identifier), its(:storage_encrypted), its(:kms_key_id), its(:dbi_resource_id), its(:ca_certificate_identifier), its(:domain_memberships), its(:copy_tags_to_snapshot), its(:monitoring_interval), its(:enhanced_monitoring_resource_arn), its(:monitoring_role_arn), its(:promotion_tier), its(:db_instance_arn), its(:timezone), its(:iam_database_authentication_enabled), its(:performance_insights_enabled), its(:performance_insights_kms_key_id), its(:performance_insights_retention_period), its(:enabled_cloudwatch_logs_exports), its(:processor_features), its(:deletion_protection), its(:associated_roles), its(:listener_endpoint)
+### its(:vpc_id), its(:db_instance_identifier), its(:db_instance_class), its(:engine), its(:db_instance_status), its(:master_username), its(:db_name), its(:endpoint), its(:allocated_storage), its(:instance_create_time), its(:preferred_backup_window), its(:backup_retention_period), its(:db_security_groups), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:latest_restorable_time), its(:multi_az), its(:engine_version), its(:auto_minor_version_upgrade), its(:read_replica_source_db_instance_identifier), its(:read_replica_db_instance_identifiers), its(:read_replica_db_cluster_identifiers), its(:license_model), its(:iops), its(:character_set_name), its(:secondary_availability_zone), its(:publicly_accessible), its(:status_infos), its(:storage_type), its(:tde_credential_arn), its(:db_instance_port), its(:db_cluster_identifier), its(:storage_encrypted), its(:kms_key_id), its(:dbi_resource_id), its(:ca_certificate_identifier), its(:domain_memberships), its(:copy_tags_to_snapshot), its(:monitoring_interval), its(:enhanced_monitoring_resource_arn), its(:monitoring_role_arn), its(:promotion_tier), its(:db_instance_arn), its(:timezone), its(:iam_database_authentication_enabled), its(:performance_insights_enabled), its(:performance_insights_kms_key_id), its(:performance_insights_retention_period), its(:enabled_cloudwatch_logs_exports), its(:processor_features), its(:deletion_protection), its(:associated_roles), its(:listener_endpoint), its(:max_allocated_storage)
 ### :unlock: Advanced use
 `rds` can use `Aws::RDS::DBInstance` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/RDS/DBInstance.html).
@@ -2828,7 +2856,7 @@ describe redshift('my-redshift') do
 end
 ```
-### its(:vpc_id), its(:cluster_identifier), its(:node_type), its(:cluster_status), its(:modify_status), its(:master_username), its(:db_name), its(:endpoint), its(:cluster_create_time), its(:automated_snapshot_retention_period), its(:manual_snapshot_retention_period), its(:cluster_security_groups), its(:cluster_subnet_group_name), its(:vpc_id), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:cluster_version), its(:allow_version_upgrade), its(:number_of_nodes), its(:publicly_accessible), its(:encrypted), its(:restore_status), its(:data_transfer_progress), its(:hsm_status), its(:cluster_snapshot_copy_status), its(:cluster_public_key), its(:cluster_nodes), its(:elastic_ip_status), its(:cluster_revision_number), its(:kms_key_id), its(:enhanced_vpc_routing), its(:iam_roles), its(:pending_actions), its(:maintenance_track_name), its(:elastic_resize_number_of_node_options), its(:deferred_maintenance_windows), its(:snapshot_schedule_identifier), its(:snapshot_schedule_state), its(:resize_info)
+### its(:vpc_id), its(:cluster_identifier), its(:node_type), its(:cluster_status), its(:cluster_availability_status), its(:modify_status), its(:master_username), its(:db_name), its(:endpoint), its(:cluster_create_time), its(:automated_snapshot_retention_period), its(:manual_snapshot_retention_period), its(:cluster_security_groups), its(:cluster_subnet_group_name), its(:vpc_id), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:cluster_version), its(:allow_version_upgrade), its(:number_of_nodes), its(:publicly_accessible), its(:encrypted), its(:restore_status), its(:data_transfer_progress), its(:hsm_status), its(:cluster_snapshot_copy_status), its(:cluster_public_key), its(:cluster_nodes), its(:elastic_ip_status), its(:cluster_revision_number), its(:kms_key_id), its(:enhanced_vpc_routing), its(:iam_roles), its(:pending_actions), its(:maintenance_track_name), its(:elastic_resize_number_of_node_options), its(:deferred_maintenance_windows), its(:snapshot_schedule_identifier), its(:snapshot_schedule_state), its(:expected_next_snapshot_schedule_time), its(:expected_next_snapshot_schedule_time_status), its(:resize_info)
 ## <a name="redshift_cluster_parameter_group">redshift_cluster_parameter_group</a>
 RedshiftClusterParameterGroup resource type.
@@ -3123,6 +3151,28 @@ describe s3_bucket('my-bucket') do
 end
 ```
+## <a name="secretsmanager">secretsmanager</a>
+Secretsmanager resource type.
+### exist
+```ruby
+describe secretsmanager('my-secret') do
+  it { should exist }
+end
+```
+### have_tag
+```ruby
+describe secretsmanager('my-secret') do
+  it { should have_tag('Name').value('my-secret') }
+end
+```
+### its(:arn), its(:name), its(:description), its(:kms_key_id), its(:rotation_enabled), its(:rotation_lambda_arn), its(:last_rotated_date), its(:last_changed_date), its(:last_accessed_date), its(:deleted_date), its(:owning_service)
 ## <a name="security_group">security_group</a>
 SecurityGroup resource type.

data/lib/awspec/generator/doc/type/alb.rb CHANGED

@@ -9,7 +9,8 @@ module Awspec::Generator
           @ret = @type.resource_via_client
           @matchers = [
             Awspec::Type::Alb::STATES.map { |state| 'be_' + state }.join(', '),
-            'belong_to_vpc'
+            'belong_to_vpc',
+            # 'have_tag'
           ]
           @ignore_matchers = Awspec::Type::Alb::STATES.map { |state| 'be_' + state }
           @describes = []

data/lib/awspec/generator/doc/type/secretsmanager.rb ADDED

@@ -0,0 +1,17 @@
+module Awspec::Generator
+  module Doc
+    module Type
+      class Secretsmanager < Base
+        def initialize
+          super
+          @type_name = 'Secretsmanager'
+          @type = Awspec::Type::Secretsmanager.new('my-secret')
+          @ret = @type.resource_via_client
+          @matchers = []
+          @ignore_matchers = []
+          @describes = []
+        end
+      end
+    end
+  end
+end

data/lib/awspec/helper/finder.rb CHANGED

@@ -46,6 +46,7 @@ require 'awspec/helper/finder/emr'
 require 'awspec/helper/finder/redshift'
 require 'awspec/helper/finder/codedeploy'
 require 'awspec/helper/finder/mq'
+require 'awspec/helper/finder/secretsmanager'
 require 'awspec/helper/finder/account_attributes'
@@ -101,6 +102,7 @@ module Awspec::Helper
     include Awspec::Helper::Finder::Redshift
     include Awspec::Helper::Finder::Codedeploy
     include Awspec::Helper::Finder::Mq
+    include Awspec::Helper::Finder::Secretsmanager
     CLIENTS = {
       ec2_client: Aws::EC2::Client,
@@ -144,7 +146,8 @@ module Awspec::Helper
       emr_client: Aws::EMR::Client,
       redshift_client: Aws::Redshift::Client,
       codedeploy_client: Aws::CodeDeploy::Client,
-      mq_client: Aws::MQ::Client
+      mq_client: Aws::MQ::Client,
+      secretsmanager_client: Aws::SecretsManager::Client
     }
     CLIENT_OPTIONS = {

data/lib/awspec/helper/finder/alb.rb CHANGED

@@ -54,6 +54,15 @@ module Awspec::Helper
         end
         selected
       end
+      def select_all_alb_tags(id)
+        res = elbv2_client.describe_tags({ resource_arns: [id] })
+        res.tag_descriptions.select do |resource|
+          resource.resource_arn == id
+        end.first.tags
+      rescue
+        return nil
+      end
     end
   end
 end

data/lib/awspec/helper/finder/cloudtrail.rb CHANGED

@@ -15,6 +15,12 @@ module Awspec::Helper
         cloudtrail_client.get_trail_status(name: id)
       end
+      def get_trail_tags(arn)
+        cloudtrail_client.list_tags(
+          resource_id_list: [arn]
+        )[:resource_tag_list].first[:tags_list]
+      end
       def is_logging?(id)
         ret = get_trail_status(id).is_logging
       end

data/lib/awspec/helper/finder/cloudwatch_logs.rb CHANGED

@@ -64,6 +64,10 @@ module Awspec::Helper
         log_groups
       end
+      def find_tags_by_log_group_name(id)
+        cloudwatch_logs_client.list_tags_log_group(log_group_name: id)[:tags]
+      end
       filter_types = %w(metric subscription)
       filter_types.each do |type|
         define_method 'select_all_cloudwatch_logs_' + type + '_filter' do |*args|

data/lib/awspec/helper/finder/lambda.rb CHANGED

@@ -23,7 +23,7 @@ module Awspec::Helper
       end
       def select_all_lambda_functions
-        res = lambda_client.list_functions.map do |response|
+        lambda_client.list_functions.map do |response|
           response.functions
         end.flatten
       end

data/lib/awspec/helper/finder/s3.rb CHANGED

@@ -13,6 +13,16 @@ module Awspec::Helper
         nil
       end
+      def head_object(id, key)
+        res = s3_client.head_object({
+                                      bucket: id,
+                                      key: key.sub(%r(\A/), '')
+                                    })
+        res.data.class == Aws::S3::Types::HeadObjectOutput
+      rescue Aws::S3::Errors::NotFound
+        false
+      end
       def find_bucket_cors(id)
         s3_client.get_bucket_cors(bucket: id)
       rescue Aws::S3::Errors::ServiceError

data/lib/awspec/helper/finder/secretsmanager.rb ADDED

@@ -0,0 +1,11 @@
+module Awspec::Helper
+  module Finder
+    module Secretsmanager
+      def find_secret(id)
+        secretsmanager_client.describe_secret({
+                                                secret_id: id
+                                              })
+      end
+    end
+  end
+end

data/lib/awspec/helper/type.rb CHANGED

@@ -20,6 +20,7 @@ module Awspec
         elastictranscoder_pipeline waf_web_acl wafregional_web_acl customer_gateway vpn_gateway vpn_connection
         internet_gateway acm cloudwatch_logs dynamodb_table eip sqs ssm_parameter cloudformation_stack
         codebuild sns_topic redshift redshift_cluster_parameter_group codedeploy codedeploy_deployment_group
+        secretsmanager
       )
       ACCOUNT_ATTRIBUTES = %w(

data/lib/awspec/stub/alb.rb CHANGED

@@ -81,6 +81,15 @@ Aws.config[:elasticloadbalancingv2] = {
           protocol: 'HTTP'
         }
       ]
+    },
+    describe_tags: {
+      tag_descriptions: [
+        resource_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:loadbalancer/app/my-alb/1aa1bb1cc1ddee11',
+        tags: [
+          key: 'environment',
+          value: 'dev'
+        ]
+      ]
     }
   }
 }

data/lib/awspec/stub/cloudtrail.rb CHANGED

@@ -6,12 +6,30 @@ Aws.config[:cloudtrail] = {
           name: 'my-trail',
           include_global_service_events: true,
           is_multi_region_trail: true,
-          log_file_validation_enabled: true
+          log_file_validation_enabled: true,
+          trail_arn: 'my-trail-arn'
         }
       ]
     },
     get_trail_status: {
       is_logging: true
+    },
+    list_tags: {
+      resource_tag_list: [
+        {
+          resource_id: 'my-trail-arn',
+          tags_list: [
+            {
+              key: 'key_one',
+              value: 'value_one'
+            },
+            {
+              key: 'key_two',
+              value: 'value_two'
+            }
+          ]
+        }
+      ]
     }
   }
 }

data/lib/awspec/stub/cloudwatch_logs.rb CHANGED

@@ -29,6 +29,13 @@ Aws.config[:cloudwatchlogs] = {
           filter_pattern: '[host, ident, authuser, date, request, status, bytes]'
         }
       ]
+    },
+    list_tags_log_group: {
+      tags: {
+        'key_one' => 'value_one',
+        'key_two' => 'value_two'
+      }
     }
   }
 }

data/lib/awspec/stub/secretsmanager.rb ADDED

@@ -0,0 +1,36 @@
+Aws.config[:secretsmanager] = {
+  stub_responses: {
+    describe_secret: {
+      arn: 'my-secret-arn',
+      description: 'my secret description',
+      kms_key_id: 'secret-kms-key-arn',
+      last_accessed_date: Time.at(1_523_923_200),
+      last_changed_date: Time.at(1_523_477_145.729),
+      last_rotated_date: Time.at(1_525_747_253.72),
+      name: 'my-secret-name',
+      rotation_enabled: true,
+      rotation_lambda_arn: 'my-secret-rotation-lambda-arn',
+      rotation_rules: {
+        automatically_after_days: 30
+      },
+      tags: [
+        {
+          key: 'key_one',
+          value: 'value_one'
+        },
+        {
+          key: 'key_two',
+          value: 'value_two'
+        }
+      ],
+      version_ids_to_stages: {
+        'EXAMPLE1-90ab-cdef-fedc-ba987EXAMPLE' => [
+          'AWSPREVIOUS'
+        ],
+        'EXAMPLE2-90ab-cdef-fedc-ba987EXAMPLE' => [
+          'AWSCURRENT'
+        ]
+      }
+    }
+  }
+}

data/lib/awspec/type/alb.rb CHANGED

@@ -1,5 +1,6 @@
 module Awspec::Type
   class Alb < ResourceBase
+    tags_allowed
     def resource_via_client
       @resource_via_client ||= find_alb(@display_name)
     end
@@ -38,5 +39,13 @@ module Awspec::Type
       subnet2 = find_subnet(subnet_id)
       subnet2.subnet_id = subnet_id
     end
+    def has_tag?(tag_key, tag_value)
+      alb_arn = resource_via_client.load_balancer_arn
+      tag_set = select_all_alb_tags(alb_arn)
+      tag_set.find do |tag|
+        tag.key == tag_key && tag.value == tag_value
+      end
+    end
   end
 end

data/lib/awspec/type/cloudtrail.rb CHANGED

@@ -25,5 +25,11 @@ module Awspec::Type
     def logging?
       is_logging?(id)
     end
+    def has_tag?(tag_key, tag_value)
+      get_trail_tags(resource_via_client.trail_arn).find do |tag|
+        tag.key == tag_key && tag.value == tag_value
+      end
+    end
   end
 end

data/lib/awspec/type/cloudwatch_logs.rb CHANGED

@@ -27,5 +27,11 @@ module Awspec::Type
       end
       return true if ret.filter_name == filter_name
     end
+    def has_tag?(tag_key, tag_value)
+      find_tags_by_log_group_name(resource_via_client.log_group_name).find do |key, value|
+        key == tag_key && value == tag_value
+      end
+    end
   end
 end

data/lib/awspec/type/ec2.rb CHANGED

@@ -90,7 +90,7 @@ module Awspec::Type
     def has_network_interface?(network_interface_id, device_index = nil)
       res = find_network_interface(network_interface_id)
       interfaces = resource_via_client.network_interfaces
-      ret = interfaces.find do |interface|
+      interfaces.find do |interface|
         next false if device_index && interface.attachment.device_index != device_index
         interface.network_interface_id == res.network_interface_id
       end
@@ -98,7 +98,7 @@ module Awspec::Type
     def has_event?(event_code)
       status = find_ec2_status(id)
-      ret = status.events.find do |event|
+      status.events.find do |event|
         event.code == event_code
       end
     end

data/lib/awspec/type/route_table.rb CHANGED

@@ -54,7 +54,8 @@ module Awspec::Type
       cgw = find_customer_gateway(gateway_id)
       return true if cgw && cgw.customer_gateway_id == route.gateway_id
       # nat gateway
-      return true if route.nat_gateway_id == gateway_id
+      nat = find_nat_gateway(gateway_id)
+      return true if nat.nat_gateway_id == route.nat_gateway_id
       false
     end
@@ -68,7 +69,8 @@ module Awspec::Type
     def target_nat?(route, nat_gateway_id)
       # nat
-      route.nat_gateway_id == nat_gateway_id
+      nat = find_nat_gateway(nat_gateway_id)
+      nat.nat_gateway_id == route.nat_gateway_id
     end
     def target_vpc_peering_connection?(route, vpc_peering_connection_id)

data/lib/awspec/type/s3_bucket.rb CHANGED

@@ -11,16 +11,12 @@ module Awspec::Type
     end
     def has_object?(key)
-      res = s3_client.head_object({
-                                    bucket: id,
-                                    key: key.sub(%r(\A/), '')
-                                  })
-      res
-    rescue
-      false
+      check_existence
+      head_object(id, key)
     end
     def has_acl_grant?(grantee:, permission:)
+      check_existence
       @acl = find_bucket_acl(id)
       @acl.grants.find do |grant|
         grant.permission == permission &&
@@ -29,11 +25,13 @@ module Awspec::Type
     end
     def acl_owner
+      check_existence
       @acl = find_bucket_acl(id)
       @acl.owner.display_name
     end
     def acl_grants_count
+      check_existence
       @acl = find_bucket_acl(id)
       @acl.grants.count
     end
@@ -57,7 +55,9 @@ module Awspec::Type
     end
     def has_policy?(policy)
+      check_existence
       bp = find_bucket_policy(id)
       if bp
         JSON.parse(bp.policy.read, array_class: Set) == JSON.parse(policy, array_class: Set)
       else
@@ -66,12 +66,14 @@ module Awspec::Type
     end
     def has_tag?(key, value)
+      check_existence
       tag = find_bucket_tag(id, key)
       return nil if tag.value != value
       tag
     end
     def has_logging_enabled?(target_bucket: nil, target_prefix: nil)
+      check_existence
       bl = find_bucket_logging(id)
       le = bl ? bl.logging_enabled : nil
@@ -82,11 +84,13 @@ module Awspec::Type
     end
     def has_versioning_enabled?
+      check_existence
       bv = find_bucket_versioning(id)
       bv ? (bv.status == 'Enabled') : false
     end
     def has_lifecycle_rule?(rule)
+      check_existence
       lc_rule = lifecycle_configuration_rules.select { |r| r[:id] == rule[:id] }
       return false if lc_rule == []
@@ -105,11 +109,13 @@ module Awspec::Type
     end
     def has_mfa_delete_enabled?
+      check_existence
       bv = find_bucket_versioning(id)
       bv ? (bv.mfa_delete == 'Enabled') : false
     end
     def has_server_side_encryption?(algorithm:)
+      check_existence
       configuration = find_bucket_server_side_encryption(id)
       return false unless configuration
@@ -120,8 +126,9 @@ module Awspec::Type
     private
     def cors_rules
-      cors = find_bucket_cors(id)
-      cors ? cors.cors_rules : []
+      check_existence
+      @cors ||= find_bucket_cors(id)
+      @cors ? @cors.cors_rules : []
     end
     def lifecycle_configuration_rules

data/lib/awspec/type/secretsmanager.rb ADDED

@@ -0,0 +1,14 @@
+module Awspec::Type
+  class Secretsmanager < ResourceBase
+    aws_resource Aws::SecretsManager
+    tags_allowed
+    def resource_via_client
+      @resource_via_client ||= find_secret(@display_name)
+    end
+    def id
+      @id ||= resource_via_client.name if resource_via_client
+    end
+  end
+end

data/lib/awspec/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Awspec
-  VERSION = '1.17.4'
+  VERSION = '1.18.0'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awspec
 version: !ruby/object:Gem::Version
-  version: 1.17.4
+  version: 1.18.0
 platform: ruby
 authors:
 - k1LoW
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-05-17 00:00:00.000000000 Z
+date: 2019-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -207,7 +207,6 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".editorconfig"
-- ".gitignore"
 - ".rubocop.yml"
 - ".tachikoma.yml"
 - ".travis.yml"
@@ -285,6 +284,7 @@ files:
 - doc/_resource_types/route53_hosted_zone.md
 - doc/_resource_types/route_table.md
 - doc/_resource_types/s3_bucket.md
+- doc/_resource_types/secretsmanager.md
 - doc/_resource_types/security_group.md
 - doc/_resource_types/ses_identity.md
 - doc/_resource_types/ses_send_quota.md
@@ -382,6 +382,7 @@ files:
 - lib/awspec/generator/doc/type/route53_hosted_zone.rb
 - lib/awspec/generator/doc/type/route_table.rb
 - lib/awspec/generator/doc/type/s3_bucket.rb
+- lib/awspec/generator/doc/type/secretsmanager.rb
 - lib/awspec/generator/doc/type/security_group.rb
 - lib/awspec/generator/doc/type/ses_identity.rb
 - lib/awspec/generator/doc/type/ses_send_quota.rb
@@ -476,6 +477,7 @@ files:
 - lib/awspec/helper/finder/redshift.rb
 - lib/awspec/helper/finder/route53.rb
 - lib/awspec/helper/finder/s3.rb
+- lib/awspec/helper/finder/secretsmanager.rb
 - lib/awspec/helper/finder/security_group.rb
 - lib/awspec/helper/finder/ses.rb
 - lib/awspec/helper/finder/sns_topic.rb
@@ -599,6 +601,7 @@ files:
 - lib/awspec/stub/route53_hosted_zone.rb
 - lib/awspec/stub/route_table.rb
 - lib/awspec/stub/s3_bucket.rb
+- lib/awspec/stub/secretsmanager.rb
 - lib/awspec/stub/security_group.rb
 - lib/awspec/stub/ses_identity.rb
 - lib/awspec/stub/sns_topic.rb
@@ -683,6 +686,7 @@ files:
 - lib/awspec/type/route53_hosted_zone.rb
 - lib/awspec/type/route_table.rb
 - lib/awspec/type/s3_bucket.rb
+- lib/awspec/type/secretsmanager.rb
 - lib/awspec/type/security_group.rb
 - lib/awspec/type/ses_identity.rb
 - lib/awspec/type/ses_send_quota.rb
@@ -716,7 +720,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.14
+rubygems_version: 2.7.6
 signing_key:
 specification_version: 4
 summary: RSpec tests for your AWS resources.

data/.gitignore DELETED

@@ -1,12 +0,0 @@
-/.bundle/
-/.yardoc
-/Gemfile.lock
-/_yardoc/
-/coverage/
-/pkg/
-/spec/reports/
-/tmp/
-/spec/secrets.yml
-/.ruby-version
-*.sw*
-*.gem