chef-provisioning-aws 1.9.0 → 1.10.0

data/lib/chef/provisioning/aws_driver/tagging_strategy/auto_scaling.rb

@@ -0,0 +1,76 @@
+require 'chef/provisioning/aws_driver/aws_tagger'
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+  module AutoScalingConvergeTags
+    def aws_tagger
+      @aws_tagger ||= begin
+        auto_scaling_strategy = Chef::Provisioning::AWSDriver::TaggingStrategy::AutoScaling.new(
+          new_resource.driver.auto_scaling_client,
+          new_resource.name,
+          new_resource.aws_tags
+        )
+        Chef::Provisioning::AWSDriver::AWSTagger.new(auto_scaling_strategy, action_handler)
+      end
+    end
+    def converge_tags
+      aws_tagger.converge_tags
+    end
+  end
+end
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+class AutoScaling
+
+  attr_reader :auto_scaling_client, :group_name, :desired_tags
+
+  def initialize(auto_scaling_client, group_name, desired_tags)
+    @auto_scaling_client = auto_scaling_client
+    @group_name = group_name
+    @desired_tags = desired_tags
+  end
+
+  def current_tags
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Client.html#describe_tags-instance_method
+    resp = auto_scaling_client.describe_tags({
+      filters: [
+        {
+          name: "auto-scaling-group",
+          values: [group_name]
+        }
+      ]
+    })
+    Hash[resp.tags.map {|t| [t.key, t.value]}]
+  end
+
+  def set_tags(tags)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Client.html#create_or_update_tags-instance_method
+    auto_scaling_client.create_or_update_tags({
+      tags: tags.map {|k,v|
+        {
+          resource_id: group_name,
+          key: k,
+          value: v,
+          resource_type: "auto-scaling-group",
+          propagate_at_launch: false
+        }
+      }
+    })
+  end
+
+  def delete_tags(tag_keys)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Client.html#delete_tags-instance_method
+    auto_scaling_client.delete_tags({
+      tags: tag_keys.map {|k|
+        {
+          resource_id: group_name,
+          key: k,
+          value: nil,
+          resource_type: "auto-scaling-group",
+          propagate_at_launch: false
+        }
+      }
+    })
+  end
+
+end
+end

data/lib/chef/provisioning/aws_driver/version.rb

@@ -1,7 +1,7 @@
 class Chef
 module Provisioning
 module AWSDriver
-  VERSION = '1.9.0'
+  VERSION = '1.10.0'
 end
 end
 end

data/lib/chef/resource/aws_auto_scaling_group.rb

@@ -1,16 +1,20 @@
 require 'chef/provisioning/aws_driver/aws_resource'
 
 class Chef::Resource::AwsAutoScalingGroup < Chef::Provisioning::AWSDriver::AWSResource
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::AutoScaling::Group
 
-  attribute :name,                 kind_of: String,  name_attribute: true
-  attribute :options,              kind_of: Hash,    default: {}
-  attribute :availability_zones,   kind_of: Array
-  attribute :desired_capacity,     kind_of: Integer
-  attribute :launch_configuration, kind_of: String
-  attribute :min_size,             kind_of: Integer
-  attribute :max_size,             kind_of: Integer
-  attribute :load_balancers,       kind_of: Array,   coerce: proc { |value| [value].flatten }
+  attribute :name,                        kind_of: String,  name_attribute: true
+  attribute :options,                     kind_of: Hash,    default: {}
+  attribute :availability_zones,          kind_of: Array
+  attribute :desired_capacity,            kind_of: Integer
+  attribute :launch_configuration,        kind_of: String
+  attribute :min_size,                    kind_of: Integer
+  attribute :max_size,                    kind_of: Integer
+  attribute :load_balancers,              kind_of: Array,   coerce: proc { |value| [value].flatten }
+  attribute :notification_configurations, kind_of: Array,   default: []
+  attribute :scaling_policies,            kind_of: Hash,    default: {}
 
   def aws_object
     result = driver.auto_scaling.groups[name]

data/lib/chef/resource/aws_cloudwatch_alarm.rb

@@ -0,0 +1,35 @@
+require 'chef/provisioning/aws_driver/aws_resource'
+
+class Chef::Resource::AwsCloudwatchAlarm < Chef::Provisioning::AWSDriver::AWSResource
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
+  aws_sdk_type ::Aws::CloudWatch::Alarm, id: :name
+
+  # This name must be unique within the user's AWS account
+  attribute :name, :kind_of => String, :name_attribute => true
+  attribute :namespace, :kind_of => String
+  attribute :metric_name, :kind_of => String
+  attribute :dimensions, :kind_of => Array
+  attribute :comparison_operator, :kind_of => String
+  attribute :evaluation_periods, :kind_of => Integer
+  attribute :period, :kind_of => [Integer,Float], coerce: proc {|v| v.to_f}
+  attribute :statistic, :kind_of => String
+  attribute :threshold, :kind_of => Integer
+  attribute :insufficient_data_actions, :kind_of => Array, coerce: proc {|v| [v].flatten}
+  attribute :ok_actions, :kind_of => Array, coerce: proc {|v| [v].flatten}
+  attribute :alarm_actions, :kind_of => Array, coerce: proc {|v| [v].flatten}
+  attribute :actions_enabled, :kind_of => [TrueClass, FalseClass]
+  attribute :alarm_description, :kind_of => String
+  attribute :unit, :kind_of => String
+
+  def aws_object
+    # TODO exists? isn't defined yet
+    # https://github.com/aws/aws-sdk-ruby/issues/1171
+    a = driver.cloudwatch_resource.alarm(name)
+    return nil if a.data.nil?
+    a
+  rescue ::Aws::CloudWatch::Errors::NoSuchEntity
+    nil
+  end
+
+end

data/lib/chef/resource/aws_image.rb

@@ -4,11 +4,11 @@ require 'chef/provisioning/aws_driver/aws_taggable'
 class Chef::Resource::AwsImage < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
   include Chef::Provisioning::AWSDriver::AWSTaggable
 
-  aws_sdk_type AWS::EC2::Image,
-               managed_entry_type:    :machine_image,
+  aws_sdk_type ::Aws::EC2::Image,
+               managed_entry_type: :machine_image,
                managed_entry_id_name: 'image_id'
 
-  attribute :name, kind_of: String,  name_attribute: true
+  attribute :name, kind_of: String, name_attribute: true
 
   attribute :image_id, kind_of: String, aws_id_attribute: true, default: lazy {
     name =~ /^ami-[a-f0-9]{8}$/ ? name : nil
@@ -16,7 +16,7 @@ class Chef::Resource::AwsImage < Chef::Provisioning::AWSDriver::AWSResourceWithE
 
   def aws_object
     driver, id = get_driver_and_id
-    result = driver.ec2.images[id] if id
+    result = driver.ec2_resource.image(id) if id
     result && result.exists? ? result : nil
   end
 end

data/lib/chef/resource/aws_launch_configuration.rb

@@ -4,7 +4,7 @@ class Chef::Resource::AwsLaunchConfiguration < Chef::Provisioning::AWSDriver::AW
   aws_sdk_type AWS::AutoScaling::LaunchConfiguration, id: :name
 
   attribute :name,          kind_of: String, name_attribute: true
-  attribute :image,         kind_of: [ String, AWS::EC2::Image ]
+  attribute :image,         kind_of: [ String, AWS::EC2::Image, ::Aws::EC2::Image ]
   attribute :instance_type, kind_of: String
   attribute :options,       kind_of: Hash,   default: {}
 

data/lib/chef/resource/aws_nat_gateway.rb

@@ -0,0 +1,98 @@
+#
+# An AWS nat gateway, enable instances in a private subnet to connect to
+# the Internet or other AWS services, but prevent the Internet from
+# initiating a connection with those instances
+#
+# `name` is not guaranteed unique for an AWS account; therefore, Chef will
+# store the nat gateway ID associated with this name in your Chef server in the
+# data bag `data/aws_nat_gateway/<name>`.
+#
+# API documentation for the AWS Ruby SDK for Nat gateway can be found here:
+#
+# - http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Types/NatGateway.html
+#
+
+# We provide this class because the AWS SDK V2 does not provide it (as of
+# May 2016). We copied the pattern in their SDK so when they do add a real
+# resource there shouldn't be a need for much translation.
+class Aws::EC2::NatGateway < Aws::Resources::Resource
+  attr_reader :resource, :id, :nat_gateway_id, :vpc_id, :subnet_id, :nat_gateway_addresses
+
+  def initialize(id, options = {})
+    @id = id
+    @nat_gateway_id = id
+    @client = options[:client]
+    nat_gateway_struct = get_nat_gateway_struct
+    @vpc_id = nat_gateway_struct.vpc_id
+    @subnet_id = nat_gateway_struct.subnet_id
+    @nat_gateway_addresses = nat_gateway_struct.nat_gateway_addresses
+  end
+
+  def state
+    get_nat_gateway_struct.state
+  end
+
+  def delete
+    @client.delete_nat_gateway({ nat_gateway_id: @id })
+  end
+
+  private
+  def get_nat_gateway_struct
+    @client.describe_nat_gateways({ nat_gateway_ids: [@id] }).nat_gateways.first
+  end
+end
+
+# See comment on class above as to why we add these methods to the AWS SDK
+class Aws::EC2::Resource
+  def create_nat_gateway(options)
+    nat_gateway_struct = self.client.create_nat_gateway(options).nat_gateway
+    self.nat_gateway(nat_gateway_struct.nat_gateway_id)
+  end
+
+  def nat_gateway(nat_gateway_id)
+    ::Aws::EC2::NatGateway.new(nat_gateway_id, {client: client})
+  end
+end
+
+class Chef::Resource::AwsNatGateway < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
+
+  aws_sdk_type ::Aws::EC2::NatGateway, id: :nat_gateway_id, managed_entry_id_name: 'nat_gateway_id'
+
+  require 'chef/resource/aws_subnet'
+  require 'chef/resource/aws_eip_address'
+
+  #
+  # The name of this nat gateway.
+  #
+  attribute :name, kind_of: String, name_attribute: true
+
+  #
+  # A subnet to attach to the internet gateway.
+  #
+  # May be one of:
+  # - The name of an `aws_subnet` Chef resource.
+  # - An actual `aws_subnet` resource.
+  # - An Aws `Subnet` object.
+  #
+  attribute :subnet, kind_of: [ String, AwsSubnet, ::Aws::EC2::Subnet ]
+
+  #
+  # A elastic ip address for the nat gateway.
+  #
+  # May be one of:
+  # - The name of an `aws_eip_address` Chef resource.
+  # - An actual `aws_eip_address` resource.
+  # - nil, meaning that no EIP exists yet and needs to be created.
+  #
+  attribute :eip_address, kind_of: [ String, AWS::EC2::ElasticIp, AwsEipAddress, nil ], default: nil
+
+  attribute :nat_gateway_id, kind_of: String, aws_id_attribute: true, default: lazy {
+    name =~ /^nat-[A-Fa-f0-9]{17}$/ ? name : nil
+  }
+
+  def aws_object
+    driver, nat_gateway_id = get_driver_and_id
+    result = driver.ec2_resource.nat_gateway(nat_gateway_id) if nat_gateway_id
+    result && result.id ? result : nil
+  end
+end

data/lib/chef/resource/aws_route_table.rb

@@ -62,6 +62,7 @@ class Chef::Resource::AwsRouteTable < Chef::Provisioning::AWSDriver::AWSResource
   # The destination (the left side of the `=>`) is always a CIDR block.
   # The target (the right side of the `=>`) can be one of several things:
   # - { internet_gateway: <AWS Internet Gateway ID or object> }
+  # - { nat_gateway: <AWS Nat Gateway ID or object> }
   # - { instance: <Chef machine name or resource, AWS Instance ID or object> }
   # - { network_interface: <AWS Network Interface ID or object> }
   # - { vpc_peering_connection: <AWS VPC Peering Connection ID or object> }

data/spec/aws_support.rb

@@ -23,7 +23,7 @@ module AWSSupport
   require 'aws'
   require 'aws_support/deep_matcher/matchable_object'
   require 'aws_support/deep_matcher/matchable_array'
-  DeepMatcher::MatchableObject.matchable_classes << proc { |o| o.class.name =~ /^(AWS|Aws)::(EC2|ELB|IAM|S3|RDS|CloudSearch|Route53|ElasticsearchService)($|::)/ }
+  DeepMatcher::MatchableObject.matchable_classes << proc { |o| o.class.name =~ /^(AWS|Aws)::(AutoScaling|EC2|ELB|IAM|S3|RDS|CloudSearch|CloudWatch|Route53|ElasticsearchService)($|::)/ }
   DeepMatcher::MatchableArray.matchable_classes  << AWS::Core::Data::List
 
   def purge_all

data/spec/integration/aws_auto_scaling_group_spec.rb

@@ -0,0 +1,118 @@
+require 'spec_helper'
+
+describe Chef::Resource::AwsAutoScalingGroup do
+  extend AWSSupport
+
+  when_the_chef_12_server 'exists', organization: 'foo', server_scope: :context do
+    with_aws 'When connected to AWS' do
+      # Select an amazon linux ami based upon region
+      ami = {
+        'eu-west-1' => 'ami-3850624c',
+        'eu-central-1' => 'ami-993383ea',
+        'us-east-1' => 'ami-e024bf89',
+        'us-west-1' => 'ami-951945d0',
+        'us-west-2' => 'ami-16fd7026',
+        'ap-northeast-1' => 'ami-dcfa4edd',
+        'ap-northeast-2' => 'ami-7308c51d',
+        'ap-southeast-1' => 'ami-74dda626',
+        'ap-southeast-2' => 'ami-b5990e8f',
+        'sa-east-1' => 'ami-3e3be423'
+      }[driver.aws_config.region]
+
+      aws_launch_configuration 'test_config' do
+        image ami
+        instance_type 't1.micro'
+      end
+
+      aws_sns_topic 'test_topic'
+
+      it "aws_auto_scaling_group 'test_group' creates an auto scaling group" do
+        expect_recipe {
+          aws_auto_scaling_group 'test_group' do
+            launch_configuration 'test_config'
+            availability_zones ["#{driver.aws_config.region}a"]
+            min_size 1
+            max_size 2
+          end
+        }.to create_an_aws_auto_scaling_group(
+          'test_group').and be_idempotent
+      end
+
+      it "aws_auto_scaling_group 'test_group_with_policy' creates an auto scaling group" do
+        expect_recipe {
+          aws_auto_scaling_group 'test_group_with_policy' do
+            launch_configuration 'test_config'
+            availability_zones ["#{driver.aws_config.region}a"]
+            min_size 1
+            max_size 2
+            notification_configurations [{
+              topic: driver.build_arn(service: 'sns', resource: 'test_topic'),
+              types: [
+                'autoscaling:EC2_INSTANCE_LAUNCH',
+                'autoscaling:EC2_INSTANCE_TERMINATE'
+              ]
+            }]
+            scaling_policies(
+              test_policy: {
+                adjustment_type: 'ChangeInCapacity',
+                scaling_adjustment: 1
+              }
+            )
+          end
+        }.to create_an_aws_auto_scaling_group(
+          'test_group_with_policy').and be_idempotent
+      end
+
+      it "creates aws_auto_scaling_group tags" do
+        expect_recipe {
+          aws_auto_scaling_group 'test_group_with_policy' do
+            launch_configuration 'test_config'
+            availability_zones ["#{driver.aws_config.region}a"]
+            min_size 1
+            max_size 2
+            aws_tags key1: "value"
+          end
+        }.to create_an_aws_auto_scaling_group('test_group_with_policy'
+        ).and have_aws_auto_scaling_group_tags('test_group_with_policy',
+          {
+            'key1' => 'value'
+          }
+        ).and be_idempotent
+      end
+
+      context "with existing tags" do
+        aws_auto_scaling_group 'test_group_with_policy' do
+          launch_configuration 'test_config'
+          availability_zones ["#{driver.aws_config.region}a"]
+          min_size 1
+          max_size 2
+          aws_tags key1: "value"
+        end
+
+        it "updates aws_auto_scaling_group tags" do
+          expect_recipe {
+            aws_auto_scaling_group 'test_group_with_policy' do
+              aws_tags key1: "value2", key2: nil
+            end
+          }.to have_aws_auto_scaling_group_tags('test_group_with_policy',
+            {
+              'key1' => 'value2',
+              'key2' => ''
+            }
+          ).and be_idempotent
+        end
+
+        it "removes all aws_network_acl tags" do
+          expect_recipe {
+            aws_auto_scaling_group 'test_group_with_policy' do
+              aws_tags({})
+            end
+          }.to have_aws_auto_scaling_group_tags('test_group_with_policy',
+            {}
+          ).and be_idempotent
+        end
+      end
+
+    end
+  end
+end

data/spec/integration/aws_cloudwatch_alarm_spec.rb

@@ -0,0 +1,286 @@
+require 'spec_helper'
+
+describe Chef::Resource::AwsCloudwatchAlarm do
+  extend AWSSupport
+
+  when_the_chef_12_server 'exists', organization: 'foo', server_scope: :context do
+    with_aws 'When connected to AWS' do
+
+      aws_sns_topic 'mytesttopic1'
+      aws_sns_topic 'mytesttopic2'
+
+      it "creates an aws_cloudwatch_alarm with minimum properties" do
+        expect_recipe {
+          aws_cloudwatch_alarm 'my-test-alert' do
+            namespace 'AWS/EC2'
+            metric_name 'CPUUtilization'
+            comparison_operator 'GreaterThanThreshold'
+            evaluation_periods 1
+            period 60
+            statistic 'Average'
+            threshold 80
+          end
+        }.to create_an_aws_cloudwatch_alarm('my-test-alert',
+          namespace: 'AWS/EC2',
+          metric_name: 'CPUUtilization',
+          comparison_operator: 'GreaterThanThreshold',
+          evaluation_periods: 1,
+          period: 60,
+          statistic: 'Average',
+          threshold: 80,
+          actions_enabled: true # this is true by default
+        ).and be_idempotent
+      end
+
+      it "creates an aws_cloudwatch_alarm with maximum properties" do
+        expect_recipe {
+          aws_cloudwatch_alarm 'my-test-alert' do
+            namespace 'AWS/EC2'
+            metric_name 'CPUUtilization'
+            comparison_operator 'GreaterThanThreshold'
+            evaluation_periods 1
+            period 60
+            statistic 'Average'
+            threshold 80
+            dimensions([
+              {
+                name: "foo1",
+                value: "bar1"
+              },
+              {
+                name: "foo2",
+                value: "bar2"
+              }
+            ])
+            insufficient_data_actions ['mytesttopic1']
+            ok_actions ['mytesttopic1']
+            alarm_actions ['mytesttopic1']
+            actions_enabled false
+            alarm_description "description"
+            unit "Percent"
+          end
+        }.to create_an_aws_cloudwatch_alarm('my-test-alert',
+          namespace: 'AWS/EC2',
+          metric_name: 'CPUUtilization',
+          comparison_operator: 'GreaterThanThreshold',
+          evaluation_periods: 1,
+          period: 60,
+          statistic: 'Average',
+          threshold: 80,
+          dimensions: [
+            {
+              name: "foo1",
+              value: "bar1"
+            },
+            {
+              name: "foo2",
+              value: "bar2"
+            }
+          ],
+          insufficient_data_actions: [mytesttopic1.aws_object.arn],
+          ok_actions: [mytesttopic1.aws_object.arn],
+          alarm_actions: [mytesttopic1.aws_object.arn],
+          actions_enabled: false,
+          alarm_description: "description",
+          unit: "Percent",
+        ).and be_idempotent
+      end
+
+      context "with an existing minimum cloudwatch alarm" do
+        aws_cloudwatch_alarm 'my-test-alert' do
+          namespace 'AWS/EC2'
+          metric_name 'CPUUtilization'
+          comparison_operator 'GreaterThanThreshold'
+          evaluation_periods 1
+          period 60
+          statistic 'Average'
+          threshold 80
+        end
+
+        it "updates an aws_cloudwatch_alarm with maximum properties" do
+          expect_recipe {
+            aws_cloudwatch_alarm 'my-test-alert' do
+              namespace 'AWS/EC2'
+              metric_name 'CPUUtilization'
+              comparison_operator 'GreaterThanThreshold'
+              evaluation_periods 1
+              period 60
+              statistic 'Average'
+              threshold 80
+              dimensions([
+                {
+                  name: "foo1",
+                  value: "bar1"
+                },
+                {
+                  name: "foo2",
+                  value: "bar2"
+                }
+              ])
+              insufficient_data_actions ['mytesttopic1']
+              ok_actions ['mytesttopic1']
+              alarm_actions ['mytesttopic1']
+              actions_enabled false
+              alarm_description "description"
+              unit "Percent"
+            end
+          }.to update_an_aws_cloudwatch_alarm('my-test-alert',
+            namespace: 'AWS/EC2',
+            metric_name: 'CPUUtilization',
+            comparison_operator: 'GreaterThanThreshold',
+            evaluation_periods: 1,
+            period: 60,
+            statistic: 'Average',
+            threshold: 80,
+            dimensions: [
+              {
+                name: "foo1",
+                value: "bar1"
+              },
+              {
+                name: "foo2",
+                value: "bar2"
+              }
+            ],
+            insufficient_data_actions: [mytesttopic1.aws_object.arn],
+            ok_actions: [mytesttopic1.aws_object.arn],
+            alarm_actions: [mytesttopic1.aws_object.arn],
+            actions_enabled: false,
+            alarm_description: "description",
+            unit: "Percent",
+          ).and be_idempotent
+        end
+
+      end
+
+      context "with an existing maximum cloudwatch alarm" do
+        aws_cloudwatch_alarm 'my-test-alert' do
+          namespace 'AWS/EC2'
+          metric_name 'CPUUtilization'
+          comparison_operator 'GreaterThanThreshold'
+          evaluation_periods 1
+          period 60
+          statistic 'Average'
+          threshold 80
+          dimensions([
+            {
+              name: "foo1",
+              value: "bar1"
+            },
+            {
+              name: "foo2",
+              value: "bar2"
+            }
+          ])
+          insufficient_data_actions ['mytesttopic1']
+          ok_actions ['mytesttopic1']
+          alarm_actions ['mytesttopic1']
+          actions_enabled false
+          alarm_description "description"
+          unit "Percent"
+        end
+
+        it "updates all updateable attributes" do
+          expect_recipe {
+            aws_cloudwatch_alarm 'my-test-alert' do
+              namespace 'AWS/S3'
+              metric_name 'foo'
+              comparison_operator 'LessThanThreshold'
+              evaluation_periods 2
+              period 120
+              statistic 'Maximum'
+              threshold 70
+              dimensions([
+                {
+                  name: "foo3",
+                  value: "bar3"
+                }
+              ])
+              insufficient_data_actions ['mytesttopic2']
+              ok_actions ['mytesttopic1', 'mytesttopic2']
+              alarm_actions ['mytesttopic2']
+              actions_enabled true
+              alarm_description "description2"
+              unit "Bits"
+            end
+          }.to update_an_aws_cloudwatch_alarm('my-test-alert',
+            namespace: 'AWS/S3',
+            metric_name: 'foo',
+            comparison_operator: 'LessThanThreshold',
+            evaluation_periods: 2,
+            period: 120,
+            statistic: 'Maximum',
+            threshold: 70,
+            dimensions: [
+              {
+                name: "foo3",
+                value: "bar3"
+              }
+            ],
+            insufficient_data_actions: [mytesttopic2.aws_object.arn],
+            ok_actions: Set[mytesttopic1.aws_object.arn, mytesttopic2.aws_object.arn],
+            alarm_actions: [mytesttopic2.aws_object.arn],
+            actions_enabled: true,
+            alarm_description: "description2",
+            unit: "Bits",
+          ).and be_idempotent
+        end
+
+        it "updates only the specified properties" do
+          expect_recipe {
+            aws_cloudwatch_alarm 'my-test-alert' do
+              unit "Gigabytes"
+            end
+          }.to update_an_aws_cloudwatch_alarm('my-test-alert',
+          namespace: 'AWS/S3',
+          metric_name: 'foo',
+          comparison_operator: 'LessThanThreshold',
+          evaluation_periods: 2,
+          period: 120,
+          statistic: 'Maximum',
+          threshold: 70,
+          dimensions: [
+            {
+              name: "foo3",
+              value: "bar3"
+            }
+          ],
+          insufficient_data_actions: [mytesttopic2.aws_object.arn],
+          ok_actions: Set[mytesttopic1.aws_object.arn, mytesttopic2.aws_object.arn],
+          alarm_actions: [mytesttopic2.aws_object.arn],
+          actions_enabled: true,
+          alarm_description: "description2",
+          unit: "Gigabytes",
+          ).and be_idempotent
+        end
+
+        it "clears out all clearable arrays" do
+          expect_recipe {
+            aws_cloudwatch_alarm 'my-test-alert' do
+              dimensions []
+              insufficient_data_actions []
+              ok_actions []
+              alarm_actions []
+            end
+          }.to create_an_aws_cloudwatch_alarm('my-test-alert',
+            namespace: 'AWS/S3',
+            metric_name: 'foo',
+            comparison_operator: 'LessThanThreshold',
+            evaluation_periods: 2,
+            period: 120,
+            statistic: 'Maximum',
+            threshold: 70,
+            dimensions: [],
+            insufficient_data_actions: [],
+            ok_actions: [],
+            alarm_actions: [],
+            actions_enabled: true,
+            alarm_description: "description2",
+            unit: "Gigabytes",
+          ).and be_idempotent
+        end
+      end
+
+    end
+  end
+end