cmonson_2ndwatch_awspec 0.85.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.editorconfig +12 -0
- data/.gitignore +10 -0
- data/.rubocop.yml +87 -0
- data/.tachikoma.yml +1 -0
- data/.travis.yml +12 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +21 -0
- data/README.md +126 -0
- data/Rakefile +54 -0
- data/awspec-logo.png +0 -0
- data/awspec.gemspec +35 -0
- data/bin/console +7 -0
- data/bin/setup +5 -0
- data/bin/toolbox +5 -0
- data/doc/_resource_types/acm.md +15 -0
- data/doc/_resource_types/alb.md +39 -0
- data/doc/_resource_types/alb_listener.md +29 -0
- data/doc/_resource_types/alb_target_group.md +35 -0
- data/doc/_resource_types/ami.md +19 -0
- data/doc/_resource_types/autoscaling_group.md +47 -0
- data/doc/_resource_types/cloudformation_stack.md +8 -0
- data/doc/_resource_types/cloudfront_distribution.md +44 -0
- data/doc/_resource_types/cloudtrail.md +39 -0
- data/doc/_resource_types/cloudwatch_alarm.md +39 -0
- data/doc/_resource_types/cloudwatch_logs.md +40 -0
- data/doc/_resource_types/customer_gateway.md +25 -0
- data/doc/_resource_types/directconnect_virtual_interface.md +30 -0
- data/doc/_resource_types/dynamodb_table.md +52 -0
- data/doc/_resource_types/ebs.md +49 -0
- data/doc/_resource_types/ec2.md +153 -0
- data/doc/_resource_types/ec2_account_attributes.md +8 -0
- data/doc/_resource_types/ecs_cluster.md +23 -0
- data/doc/_resource_types/ecs_container_instance.md +18 -0
- data/doc/_resource_types/ecs_service.md +15 -0
- data/doc/_resource_types/ecs_task_definition.md +15 -0
- data/doc/_resource_types/efs.md +15 -0
- data/doc/_resource_types/eip.md +23 -0
- data/doc/_resource_types/elasticache.md +57 -0
- data/doc/_resource_types/elasticache_cache_parameter_group.md +17 -0
- data/doc/_resource_types/elasticsearch.md +48 -0
- data/doc/_resource_types/elastictranscoder_pipeline.md +15 -0
- data/doc/_resource_types/elb.md +49 -0
- data/doc/_resource_types/iam_group.md +86 -0
- data/doc/_resource_types/iam_policy.md +39 -0
- data/doc/_resource_types/iam_role.md +70 -0
- data/doc/_resource_types/iam_user.md +78 -0
- data/doc/_resource_types/internet_gateway.md +31 -0
- data/doc/_resource_types/kms.md +70 -0
- data/doc/_resource_types/lambda.md +11 -0
- data/doc/_resource_types/lambda_account_settings.md +10 -0
- data/doc/_resource_types/launch_configuration.md +15 -0
- data/doc/_resource_types/nat_gateway.md +31 -0
- data/doc/_resource_types/network_acl.md +61 -0
- data/doc/_resource_types/network_interface.md +66 -0
- data/doc/_resource_types/rds.md +92 -0
- data/doc/_resource_types/rds_account_attributes.md +8 -0
- data/doc/_resource_types/rds_db_cluster_parameter_group.md +16 -0
- data/doc/_resource_types/rds_db_parameter_group.md +15 -0
- data/doc/_resource_types/route53_hosted_zone.md +25 -0
- data/doc/_resource_types/route_table.md +53 -0
- data/doc/_resource_types/s3_bucket.md +138 -0
- data/doc/_resource_types/security_group.md +44 -0
- data/doc/_resource_types/ses_identity.md +17 -0
- data/doc/_resource_types/ses_send_quota.md +9 -0
- data/doc/_resource_types/sqs.md +7 -0
- data/doc/_resource_types/subnet.md +41 -0
- data/doc/_resource_types/vpc.md +59 -0
- data/doc/_resource_types/vpn_connection.md +25 -0
- data/doc/_resource_types/vpn_gateway.md +25 -0
- data/doc/_resource_types/waf_web_acl.md +29 -0
- data/doc/contributing.md +36 -0
- data/doc/resource_types.md +2779 -0
- data/exe/awspec +5 -0
- data/lib/awspec.rb +20 -0
- data/lib/awspec/cli.rb +25 -0
- data/lib/awspec/command/generate.rb +57 -0
- data/lib/awspec/error.rb +6 -0
- data/lib/awspec/ext.rb +3 -0
- data/lib/awspec/ext/array.rb +8 -0
- data/lib/awspec/ext/hash.rb +10 -0
- data/lib/awspec/ext/struct.rb +8 -0
- data/lib/awspec/generator.rb +46 -0
- data/lib/awspec/generator/doc/type.rb +60 -0
- data/lib/awspec/generator/doc/type/account.rb +71 -0
- data/lib/awspec/generator/doc/type/account_attribute.rb +69 -0
- data/lib/awspec/generator/doc/type/account_attribute_base.rb +32 -0
- data/lib/awspec/generator/doc/type/acm.rb +19 -0
- data/lib/awspec/generator/doc/type/alb.rb +20 -0
- data/lib/awspec/generator/doc/type/alb_listener.rb +18 -0
- data/lib/awspec/generator/doc/type/alb_target_group.rb +17 -0
- data/lib/awspec/generator/doc/type/ami.rb +19 -0
- data/lib/awspec/generator/doc/type/autoscaling_group.rb +16 -0
- data/lib/awspec/generator/doc/type/base.rb +99 -0
- data/lib/awspec/generator/doc/type/cloudformation_stack.rb +17 -0
- data/lib/awspec/generator/doc/type/cloudfront_distribution.rb +20 -0
- data/lib/awspec/generator/doc/type/cloudtrail.rb +17 -0
- data/lib/awspec/generator/doc/type/cloudwatch_alarm.rb +17 -0
- data/lib/awspec/generator/doc/type/cloudwatch_event.rb +17 -0
- data/lib/awspec/generator/doc/type/cloudwatch_logs.rb +17 -0
- data/lib/awspec/generator/doc/type/customer_gateway.rb +19 -0
- data/lib/awspec/generator/doc/type/directconnect_virtual_interface.rb +21 -0
- data/lib/awspec/generator/doc/type/dynamodb_table.rb +19 -0
- data/lib/awspec/generator/doc/type/ebs.rb +19 -0
- data/lib/awspec/generator/doc/type/ec2.rb +21 -0
- data/lib/awspec/generator/doc/type/ec2_account_attributes.rb +17 -0
- data/lib/awspec/generator/doc/type/ecr_repository.rb +15 -0
- data/lib/awspec/generator/doc/type/ecs_cluster.rb +19 -0
- data/lib/awspec/generator/doc/type/ecs_container_instance.rb +19 -0
- data/lib/awspec/generator/doc/type/ecs_service.rb +19 -0
- data/lib/awspec/generator/doc/type/ecs_task_definition.rb +19 -0
- data/lib/awspec/generator/doc/type/efs.rb +17 -0
- data/lib/awspec/generator/doc/type/eip.rb +17 -0
- data/lib/awspec/generator/doc/type/elasticache.rb +22 -0
- data/lib/awspec/generator/doc/type/elasticache_cache_parameter_group.rb +17 -0
- data/lib/awspec/generator/doc/type/elasticsearch.rb +17 -0
- data/lib/awspec/generator/doc/type/elastictranscoder_pipeline.rb +21 -0
- data/lib/awspec/generator/doc/type/elb.rb +20 -0
- data/lib/awspec/generator/doc/type/iam_group.rb +17 -0
- data/lib/awspec/generator/doc/type/iam_policy.rb +17 -0
- data/lib/awspec/generator/doc/type/iam_role.rb +17 -0
- data/lib/awspec/generator/doc/type/iam_user.rb +17 -0
- data/lib/awspec/generator/doc/type/internet_gateway.rb +17 -0
- data/lib/awspec/generator/doc/type/kms.rb +17 -0
- data/lib/awspec/generator/doc/type/lambda.rb +17 -0
- data/lib/awspec/generator/doc/type/lambda_account_settings.rb +17 -0
- data/lib/awspec/generator/doc/type/launch_configuration.rb +17 -0
- data/lib/awspec/generator/doc/type/nat_gateway.rb +20 -0
- data/lib/awspec/generator/doc/type/network_acl.rb +20 -0
- data/lib/awspec/generator/doc/type/network_interface.rb +21 -0
- data/lib/awspec/generator/doc/type/rds.rb +22 -0
- data/lib/awspec/generator/doc/type/rds_account_attributes.rb +17 -0
- data/lib/awspec/generator/doc/type/rds_db_cluster_parameter_group.rb +15 -0
- data/lib/awspec/generator/doc/type/rds_db_parameter_group.rb +15 -0
- data/lib/awspec/generator/doc/type/route53_hosted_zone.rb +16 -0
- data/lib/awspec/generator/doc/type/route_table.rb +16 -0
- data/lib/awspec/generator/doc/type/s3_bucket.rb +16 -0
- data/lib/awspec/generator/doc/type/security_group.rb +16 -0
- data/lib/awspec/generator/doc/type/ses_identity.rb +22 -0
- data/lib/awspec/generator/doc/type/ses_send_quota.rb +17 -0
- data/lib/awspec/generator/doc/type/sqs.rb +17 -0
- data/lib/awspec/generator/doc/type/subnet.rb +18 -0
- data/lib/awspec/generator/doc/type/vpc.rb +19 -0
- data/lib/awspec/generator/doc/type/vpn_connection.rb +19 -0
- data/lib/awspec/generator/doc/type/vpn_gateway.rb +19 -0
- data/lib/awspec/generator/doc/type/waf_web_acl.rb +17 -0
- data/lib/awspec/generator/spec/acm.rb +27 -0
- data/lib/awspec/generator/spec/alb.rb +38 -0
- data/lib/awspec/generator/spec/cloudwatch_alarm.rb +40 -0
- data/lib/awspec/generator/spec/cloudwatch_event.rb +27 -0
- data/lib/awspec/generator/spec/cloudwatch_logs.rb +68 -0
- data/lib/awspec/generator/spec/directconnect.rb +33 -0
- data/lib/awspec/generator/spec/ebs.rb +55 -0
- data/lib/awspec/generator/spec/ec2.rb +78 -0
- data/lib/awspec/generator/spec/efs.rb +28 -0
- data/lib/awspec/generator/spec/eip.rb +30 -0
- data/lib/awspec/generator/spec/elasticsearch.rb +41 -0
- data/lib/awspec/generator/spec/elb.rb +56 -0
- data/lib/awspec/generator/spec/iam_group.rb +39 -0
- data/lib/awspec/generator/spec/iam_policy.rb +56 -0
- data/lib/awspec/generator/spec/iam_role.rb +39 -0
- data/lib/awspec/generator/spec/iam_user.rb +39 -0
- data/lib/awspec/generator/spec/internet_gateway.rb +35 -0
- data/lib/awspec/generator/spec/kms.rb +26 -0
- data/lib/awspec/generator/spec/lambda.rb +29 -0
- data/lib/awspec/generator/spec/nat_gateway.rb +39 -0
- data/lib/awspec/generator/spec/network_acl.rb +96 -0
- data/lib/awspec/generator/spec/network_interface.rb +80 -0
- data/lib/awspec/generator/spec/rds.rb +62 -0
- data/lib/awspec/generator/spec/route53_hosted_zone.rb +52 -0
- data/lib/awspec/generator/spec/route_table.rb +128 -0
- data/lib/awspec/generator/spec/s3_bucket.rb +70 -0
- data/lib/awspec/generator/spec/security_group.rb +95 -0
- data/lib/awspec/generator/spec/subnet.rb +47 -0
- data/lib/awspec/generator/spec/vpc.rb +57 -0
- data/lib/awspec/generator/template.rb +146 -0
- data/lib/awspec/helper.rb +8 -0
- data/lib/awspec/helper/color.rb +5 -0
- data/lib/awspec/helper/finder.rb +119 -0
- data/lib/awspec/helper/finder/account_attributes.rb +61 -0
- data/lib/awspec/helper/finder/acm.rb +18 -0
- data/lib/awspec/helper/finder/alb.rb +48 -0
- data/lib/awspec/helper/finder/ami.rb +22 -0
- data/lib/awspec/helper/finder/autoscaling.rb +34 -0
- data/lib/awspec/helper/finder/cloudformation.rb +12 -0
- data/lib/awspec/helper/finder/cloudfront.rb +18 -0
- data/lib/awspec/helper/finder/cloudtrail.rb +23 -0
- data/lib/awspec/helper/finder/cloudwatch.rb +30 -0
- data/lib/awspec/helper/finder/cloudwatch_event.rb +15 -0
- data/lib/awspec/helper/finder/cloudwatch_logs.rb +68 -0
- data/lib/awspec/helper/finder/directconnect.rb +19 -0
- data/lib/awspec/helper/finder/dynamodb.rb +10 -0
- data/lib/awspec/helper/finder/ebs.rb +40 -0
- data/lib/awspec/helper/finder/ec2.rb +158 -0
- data/lib/awspec/helper/finder/ecr.rb +10 -0
- data/lib/awspec/helper/finder/ecs.rb +45 -0
- data/lib/awspec/helper/finder/efs.rb +63 -0
- data/lib/awspec/helper/finder/elasticache.rb +21 -0
- data/lib/awspec/helper/finder/elasticsearch.rb +19 -0
- data/lib/awspec/helper/finder/elastictranscoder.rb +18 -0
- data/lib/awspec/helper/finder/elb.rb +21 -0
- data/lib/awspec/helper/finder/iam.rb +108 -0
- data/lib/awspec/helper/finder/kms.rb +22 -0
- data/lib/awspec/helper/finder/lambda.rb +32 -0
- data/lib/awspec/helper/finder/rds.rb +25 -0
- data/lib/awspec/helper/finder/route53.rb +31 -0
- data/lib/awspec/helper/finder/s3.rb +64 -0
- data/lib/awspec/helper/finder/security_group.rb +35 -0
- data/lib/awspec/helper/finder/ses.rb +13 -0
- data/lib/awspec/helper/finder/sqs.rb +12 -0
- data/lib/awspec/helper/finder/subnet.rb +29 -0
- data/lib/awspec/helper/finder/vpc.rb +77 -0
- data/lib/awspec/helper/finder/waf.rb +53 -0
- data/lib/awspec/helper/type.rb +67 -0
- data/lib/awspec/matcher.rb +62 -0
- data/lib/awspec/matcher/be_allowed.rb +25 -0
- data/lib/awspec/matcher/be_allowed_action.rb +19 -0
- data/lib/awspec/matcher/be_attached_to.rb +19 -0
- data/lib/awspec/matcher/be_denied.rb +25 -0
- data/lib/awspec/matcher/be_opened.rb +17 -0
- data/lib/awspec/matcher/be_opened_only.rb +17 -0
- data/lib/awspec/matcher/belong_to_alb.rb +8 -0
- data/lib/awspec/matcher/belong_to_cache_subnet_group.rb +5 -0
- data/lib/awspec/matcher/belong_to_db_subnet_group.rb +5 -0
- data/lib/awspec/matcher/belong_to_domain.rb +5 -0
- data/lib/awspec/matcher/belong_to_iam_group.rb +8 -0
- data/lib/awspec/matcher/belong_to_metric.rb +13 -0
- data/lib/awspec/matcher/belong_to_replication_group.rb +6 -0
- data/lib/awspec/matcher/belong_to_subnet.rb +31 -0
- data/lib/awspec/matcher/belong_to_vpc.rb +8 -0
- data/lib/awspec/matcher/have_attribute_definition.rb +9 -0
- data/lib/awspec/matcher/have_inline_policy.rb +9 -0
- data/lib/awspec/matcher/have_key_policy.rb +9 -0
- data/lib/awspec/matcher/have_key_schema.rb +9 -0
- data/lib/awspec/matcher/have_network_interface.rb +15 -0
- data/lib/awspec/matcher/have_origin.rb +21 -0
- data/lib/awspec/matcher/have_private_ip_address.rb +9 -0
- data/lib/awspec/matcher/have_record_set.rb +32 -0
- data/lib/awspec/matcher/have_route.rb +36 -0
- data/lib/awspec/matcher/have_rule.rb +34 -0
- data/lib/awspec/matcher/have_subscription_filter.rb +9 -0
- data/lib/awspec/matcher/have_tag.rb +9 -0
- data/lib/awspec/resource_reader.rb +54 -0
- data/lib/awspec/setup.rb +84 -0
- data/lib/awspec/shared_context.rb +25 -0
- data/lib/awspec/stub.rb +7 -0
- data/lib/awspec/stub/account.rb +146 -0
- data/lib/awspec/stub/acm.rb +20 -0
- data/lib/awspec/stub/alb.rb +252 -0
- data/lib/awspec/stub/alb_listener.rb +307 -0
- data/lib/awspec/stub/alb_target_group.rb +325 -0
- data/lib/awspec/stub/ami.rb +58 -0
- data/lib/awspec/stub/autoscaling_group.rb +241 -0
- data/lib/awspec/stub/cloudformation_stack.rb +49 -0
- data/lib/awspec/stub/cloudfront_distribution.rb +210 -0
- data/lib/awspec/stub/cloudtrail.rb +17 -0
- data/lib/awspec/stub/cloudwatch_alarm.rb +39 -0
- data/lib/awspec/stub/cloudwatch_event.rb +15 -0
- data/lib/awspec/stub/cloudwatch_logs.rb +34 -0
- data/lib/awspec/stub/customer_gateway.rb +16 -0
- data/lib/awspec/stub/directconnect_virtual_interface.rb +25 -0
- data/lib/awspec/stub/duplicated_resource_type.rb +26 -0
- data/lib/awspec/stub/dynamodb_table.rb +34 -0
- data/lib/awspec/stub/ebs.rb +67 -0
- data/lib/awspec/stub/ec2.rb +227 -0
- data/lib/awspec/stub/ec2_has_multi_security_groups.rb +21 -0
- data/lib/awspec/stub/ecr_repository.rb +13 -0
- data/lib/awspec/stub/ecs.rb +199 -0
- data/lib/awspec/stub/ecs_cluster.rb +99 -0
- data/lib/awspec/stub/ecs_container_instance.rb +78 -0
- data/lib/awspec/stub/ecs_service.rb +51 -0
- data/lib/awspec/stub/ecs_task_definition.rb +58 -0
- data/lib/awspec/stub/efs.rb +33 -0
- data/lib/awspec/stub/eip.rb +13 -0
- data/lib/awspec/stub/elasticache.rb +91 -0
- data/lib/awspec/stub/elasticache_cache_parameter_group.rb +16 -0
- data/lib/awspec/stub/elasticsearch.rb +52 -0
- data/lib/awspec/stub/elastictranscoder_pipeline.rb +63 -0
- data/lib/awspec/stub/elb.rb +129 -0
- data/lib/awspec/stub/iam_group.rb +90 -0
- data/lib/awspec/stub/iam_policy.rb +70 -0
- data/lib/awspec/stub/iam_role.rb +60 -0
- data/lib/awspec/stub/iam_user.rb +71 -0
- data/lib/awspec/stub/internet_gateway.rb +36 -0
- data/lib/awspec/stub/kms.rb +71 -0
- data/lib/awspec/stub/lambda.rb +21 -0
- data/lib/awspec/stub/launch_configuration.rb +56 -0
- data/lib/awspec/stub/nat_gateway.rb +35 -0
- data/lib/awspec/stub/network_acl.rb +97 -0
- data/lib/awspec/stub/network_interface.rb +144 -0
- data/lib/awspec/stub/rds.rb +102 -0
- data/lib/awspec/stub/rds_db_cluster_parameter_group.rb +20 -0
- data/lib/awspec/stub/rds_db_parameter_group.rb +20 -0
- data/lib/awspec/stub/route53_hosted_zone.rb +103 -0
- data/lib/awspec/stub/route_table.rb +207 -0
- data/lib/awspec/stub/s3_bucket.rb +80 -0
- data/lib/awspec/stub/security_group.rb +149 -0
- data/lib/awspec/stub/ses_identity.rb +41 -0
- data/lib/awspec/stub/sqs.rb +25 -0
- data/lib/awspec/stub/subnet.rb +33 -0
- data/lib/awspec/stub/vpc.rb +69 -0
- data/lib/awspec/stub/vpn_connection.rb +20 -0
- data/lib/awspec/stub/vpn_gateway.rb +15 -0
- data/lib/awspec/stub/waf_web_acl.rb +62 -0
- data/lib/awspec/toolbox.rb +18 -0
- data/lib/awspec/type/account.rb +35 -0
- data/lib/awspec/type/account_attribute.rb +28 -0
- data/lib/awspec/type/account_attribute_base.rb +4 -0
- data/lib/awspec/type/acm.rb +27 -0
- data/lib/awspec/type/alb.rb +42 -0
- data/lib/awspec/type/alb_listener.rb +36 -0
- data/lib/awspec/type/alb_target_group.rb +22 -0
- data/lib/awspec/type/ami.rb +25 -0
- data/lib/awspec/type/autoscaling_group.rb +46 -0
- data/lib/awspec/type/base.rb +47 -0
- data/lib/awspec/type/cloudformation_stack.rb +11 -0
- data/lib/awspec/type/cloudfront_distribution.rb +46 -0
- data/lib/awspec/type/cloudtrail.rb +29 -0
- data/lib/awspec/type/cloudwatch_alarm.rb +23 -0
- data/lib/awspec/type/cloudwatch_event.rb +19 -0
- data/lib/awspec/type/cloudwatch_logs.rb +31 -0
- data/lib/awspec/type/customer_gateway.rb +40 -0
- data/lib/awspec/type/directconnect_virtual_interface.rb +27 -0
- data/lib/awspec/type/dynamodb_table.rb +40 -0
- data/lib/awspec/type/ebs.rb +37 -0
- data/lib/awspec/type/ec2.rb +145 -0
- data/lib/awspec/type/ec2_account_attributes.rb +7 -0
- data/lib/awspec/type/ecr_repository.rb +18 -0
- data/lib/awspec/type/ecs_cluster.rb +46 -0
- data/lib/awspec/type/ecs_container_instance.rb +30 -0
- data/lib/awspec/type/ecs_service.rb +24 -0
- data/lib/awspec/type/ecs_task_definition.rb +24 -0
- data/lib/awspec/type/efs.rb +22 -0
- data/lib/awspec/type/eip.rb +16 -0
- data/lib/awspec/type/elasticache.rb +68 -0
- data/lib/awspec/type/elasticache_cache_parameter_group.rb +38 -0
- data/lib/awspec/type/elasticsearch.rb +23 -0
- data/lib/awspec/type/elastictranscoder_pipeline.rb +21 -0
- data/lib/awspec/type/elb.rb +61 -0
- data/lib/awspec/type/iam_group.rb +39 -0
- data/lib/awspec/type/iam_policy.rb +54 -0
- data/lib/awspec/type/iam_role.rb +29 -0
- data/lib/awspec/type/iam_user.rb +29 -0
- data/lib/awspec/type/internet_gateway.rb +20 -0
- data/lib/awspec/type/kms.rb +21 -0
- data/lib/awspec/type/lambda.rb +22 -0
- data/lib/awspec/type/lambda_account_settings.rb +7 -0
- data/lib/awspec/type/launch_configuration.rb +28 -0
- data/lib/awspec/type/nat_gateway.rb +27 -0
- data/lib/awspec/type/network_acl.rb +117 -0
- data/lib/awspec/type/network_interface.rb +56 -0
- data/lib/awspec/type/rds.rb +100 -0
- data/lib/awspec/type/rds_account_attributes.rb +7 -0
- data/lib/awspec/type/rds_db_cluster_parameter_group.rb +34 -0
- data/lib/awspec/type/rds_db_parameter_group.rb +34 -0
- data/lib/awspec/type/resource_base.rb +24 -0
- data/lib/awspec/type/route53_hosted_zone.rb +35 -0
- data/lib/awspec/type/route_table.rb +78 -0
- data/lib/awspec/type/s3_bucket.rb +112 -0
- data/lib/awspec/type/security_group.rb +137 -0
- data/lib/awspec/type/ses_identity.rb +70 -0
- data/lib/awspec/type/ses_send_quota.rb +7 -0
- data/lib/awspec/type/sqs.rb +31 -0
- data/lib/awspec/type/subnet.rb +39 -0
- data/lib/awspec/type/vpc.rb +36 -0
- data/lib/awspec/type/vpn_connection.rb +40 -0
- data/lib/awspec/type/vpn_gateway.rb +40 -0
- data/lib/awspec/type/waf_web_acl.rb +24 -0
- data/lib/awspec/version.rb +3 -0
- metadata +587 -0
@@ -0,0 +1,44 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe security_group('my-security-group-name') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### have_tag
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
describe security_group('my-security-group-name') do
|
13
|
+
it { should have_tag('env').value('dev') }
|
14
|
+
end
|
15
|
+
```
|
16
|
+
|
17
|
+
### its(:inbound), its(:outbound)
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
describe security_group('my-security-group-name') do
|
21
|
+
its(:outbound) { should be_opened }
|
22
|
+
its(:inbound) { should be_opened(80) }
|
23
|
+
its(:inbound) { should be_opened(80).protocol('tcp').for('203.0.113.1/32') }
|
24
|
+
its(:inbound) { should be_opened(22).protocol('tcp').for('sg-5a6b7cd8') }
|
25
|
+
end
|
26
|
+
```
|
27
|
+
|
28
|
+
### advanced
|
29
|
+
|
30
|
+
`security_group` can use `Aws::EC2::SecurityGroup` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/SecurityGroup.html).
|
31
|
+
|
32
|
+
```ruby
|
33
|
+
describe security_group('my-security-group-name') do
|
34
|
+
its('group_name') { should eq 'my-security-group-name' }
|
35
|
+
end
|
36
|
+
```
|
37
|
+
|
38
|
+
or
|
39
|
+
|
40
|
+
```ruby
|
41
|
+
describe security_group('my-security-group-name') do
|
42
|
+
its('resource.group_name') { should eq 'my-security-group-name' }
|
43
|
+
end
|
44
|
+
```
|
@@ -0,0 +1,17 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe ses_identity('example.com') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### have_dkim_tokens
|
10
|
+
|
11
|
+
### have_identity_policy
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
describe ses_identity('example.com') do
|
15
|
+
it { should have_identity_policy('my-identity-policy-name') }
|
16
|
+
end
|
17
|
+
```
|
@@ -0,0 +1,41 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe subnet('my-subnet') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### be_available, be_pending
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
describe subnet('my-subnet') do
|
13
|
+
it { should be_available }
|
14
|
+
end
|
15
|
+
```
|
16
|
+
|
17
|
+
### have_tag
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
describe subnet('my-subnet') do
|
21
|
+
it { should have_tag('Environment').value('QA') }
|
22
|
+
end
|
23
|
+
```
|
24
|
+
|
25
|
+
### advanced
|
26
|
+
|
27
|
+
`subnet` can use `Aws::EC2::Subnet` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Subnet.html).
|
28
|
+
|
29
|
+
```ruby
|
30
|
+
describe subnet('my-subnet') do
|
31
|
+
its('vpc.id') { should eq 'vpc-ab123cde' }
|
32
|
+
end
|
33
|
+
```
|
34
|
+
|
35
|
+
or
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
describe subnet('my-subnet') do
|
39
|
+
its('resource.vpc.id') { should eq 'vpc-ab123cde' }
|
40
|
+
end
|
41
|
+
```
|
@@ -0,0 +1,59 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe vpc('my-vpc') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### be_available, be_pending
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
describe vpc('vpc-ab123cde') do
|
13
|
+
it { should be_available }
|
14
|
+
end
|
15
|
+
```
|
16
|
+
|
17
|
+
### have_network_acl
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
describe vpc('vpc-ab123cde') do
|
21
|
+
it { should have_network_acl('acl-1abc2d3e') }
|
22
|
+
it { should have_network_acl('my-network-acl') }
|
23
|
+
end
|
24
|
+
```
|
25
|
+
|
26
|
+
### have_route_table
|
27
|
+
|
28
|
+
```ruby
|
29
|
+
describe vpc('vpc-ab123cde') do
|
30
|
+
it { should have_route_table('rtb-ab123cde') }
|
31
|
+
it { should have_route_table('my-route-table') }
|
32
|
+
end
|
33
|
+
```
|
34
|
+
|
35
|
+
### have_tag
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
describe vpc('vpc-ab123cde') do
|
39
|
+
it { should have_tag('Stack').value('Networking') }
|
40
|
+
end
|
41
|
+
```
|
42
|
+
|
43
|
+
### advanced
|
44
|
+
|
45
|
+
`vpc` can use `Aws::EC2::Vpc` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Vpc.html).
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
describe vpc('my-vpc') do
|
49
|
+
its('route_tables.first.route_table_id') { should eq 'rtb-a12bcd34' }
|
50
|
+
end
|
51
|
+
```
|
52
|
+
|
53
|
+
or
|
54
|
+
|
55
|
+
```ruby
|
56
|
+
describe vpc('my-vpc') do
|
57
|
+
its('resource.route_tables.first.route_table_id') { should eq 'rtb-a12bcd34' }
|
58
|
+
end
|
59
|
+
```
|
@@ -0,0 +1,25 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe vpn_connection('my-vpn-connection') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### be_pending, be_available, be_deleting, be_deleted
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
describe vpn_connection('my-vpn-connection') do
|
13
|
+
it { should be_running }
|
14
|
+
end
|
15
|
+
```
|
16
|
+
|
17
|
+
### have_tag
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
describe vpn_connection('my-vpn-connection') do
|
21
|
+
it { should have_tag('Name').value('my-vpn-connection') }
|
22
|
+
end
|
23
|
+
```
|
24
|
+
|
25
|
+
### its(:vpn_connection_id), its(:state), its(:customer_gateway_configuration), its(:type), its(:customer_gateway_id), its(:vpn_gateway_id), its(:options)
|
@@ -0,0 +1,25 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe vpn_gateway('my-vpn-gateway') do
|
5
|
+
it { should exist }
|
6
|
+
end
|
7
|
+
```
|
8
|
+
|
9
|
+
### be_pending, be_available, be_deleting, be_deleted
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
describe vpn_gateway('my-vpn-gateway') do
|
13
|
+
it { should be_running }
|
14
|
+
end
|
15
|
+
```
|
16
|
+
|
17
|
+
### have_tag
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
describe vpn_gateway('my-vpn-gateway') do
|
21
|
+
it { should have_tag('Name').value('my-vpn-gateway') }
|
22
|
+
end
|
23
|
+
```
|
24
|
+
|
25
|
+
### its(:vpn_gateway_id), its(:state), its(:type), its(:availability_zone)
|
@@ -0,0 +1,29 @@
|
|
1
|
+
### exist
|
2
|
+
|
3
|
+
```ruby
|
4
|
+
describe waf_web_acl('my-waf-web-acl') do
|
5
|
+
it { should exist }
|
6
|
+
its(:default_action) { should eq 'BLOCK' }
|
7
|
+
it { should have_rule('my-waf-web-acl-allowed-ips') }
|
8
|
+
it { should have_rule('my-waf-web-acl-allowed-ips').order(2).action('BLOCK') }
|
9
|
+
end
|
10
|
+
```
|
11
|
+
|
12
|
+
### have_rule
|
13
|
+
|
14
|
+
```ruby
|
15
|
+
describe waf_web_acl('my-waf-web-acl') do
|
16
|
+
it { should have_rule('my-waf-web-acl-allowed-ips') }
|
17
|
+
it { should have_rule('my-waf-web-acl-allowed-ips').order(2).action('BLOCK') }
|
18
|
+
end
|
19
|
+
```
|
20
|
+
|
21
|
+
### its(:default_action), its(:web_acl_id), its(:name), its(:metric_name)
|
22
|
+
|
23
|
+
```ruby
|
24
|
+
describe waf_web_acl('my-waf-web-acl') do
|
25
|
+
its(:default_action) { should eq 'BLOCK' }
|
26
|
+
end
|
27
|
+
```
|
28
|
+
|
29
|
+
|
data/doc/contributing.md
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
# Contributing
|
2
|
+
|
3
|
+
## Add new resource type (ex. Redshift resource)
|
4
|
+
|
5
|
+
1. Create your feature branch (`git checkout -b add-type-redshift`)
|
6
|
+
2. Generate template files (`bundle exec bin/toolbox template redshift`)
|
7
|
+
3. Fill files with code.
|
8
|
+
4. Generate [doc/resource_types.md](doc/resource_types.md) (`bundle exec bin/toolbox docgen > doc/resource_types.md`)
|
9
|
+
5. Run test (`bundle exec rake spec`)
|
10
|
+
6. Push to the branch (`git push origin add-type-redshift`)
|
11
|
+
7. Create a new Pull Request
|
12
|
+
|
13
|
+
## Add new account attribute type (ex. CloudFormation::Client#describe_account_attributes )
|
14
|
+
|
15
|
+
1. Create your feature branch (`git checkout -b add-type-cf-limit`)
|
16
|
+
2. Generate template files (`bundle exec bin/toolbox template cloudformation_account_attributes -a`) **with -a option**
|
17
|
+
3. Fill files with code.
|
18
|
+
4. Generate [doc/resource_types.md](doc/resource_types.md) (`bundle exec bin/toolbox docgen > doc/resource_types.md`)
|
19
|
+
5. Run test (`bundle exec rake spec`)
|
20
|
+
6. Push to the branch (`git push origin add-type-redshift`)
|
21
|
+
7. Create a new Pull Request
|
22
|
+
|
23
|
+
## Append resource type document (ex. VPC resource `be_available`)
|
24
|
+
|
25
|
+
1. Create vpc.md (`touch doc/_resource_types/vpc.md`)
|
26
|
+
2. Write following document.
|
27
|
+
|
28
|
+
<pre>
|
29
|
+
### be_available
|
30
|
+
(Write cool description)
|
31
|
+
```ruby
|
32
|
+
describe vpc('my-vpc') do
|
33
|
+
it { should be_available }
|
34
|
+
end
|
35
|
+
```
|
36
|
+
</pre>
|
@@ -0,0 +1,2779 @@
|
|
1
|
+
# Resource Types
|
2
|
+
|
3
|
+
[acm](#acm)
|
4
|
+
| [alb](#alb)
|
5
|
+
| [alb_listener](#alb_listener)
|
6
|
+
| [alb_target_group](#alb_target_group)
|
7
|
+
| [ami](#ami)
|
8
|
+
| [autoscaling_group](#autoscaling_group)
|
9
|
+
| [cloudformation_stack](#cloudformation_stack)
|
10
|
+
| [cloudfront_distribution](#cloudfront_distribution)
|
11
|
+
| [cloudtrail](#cloudtrail)
|
12
|
+
| [cloudwatch_alarm](#cloudwatch_alarm)
|
13
|
+
| [cloudwatch_event](#cloudwatch_event)
|
14
|
+
| [cloudwatch_logs](#cloudwatch_logs)
|
15
|
+
| [customer_gateway](#customer_gateway)
|
16
|
+
| [directconnect_virtual_interface](#directconnect_virtual_interface)
|
17
|
+
| [dynamodb_table](#dynamodb_table)
|
18
|
+
| [ebs](#ebs)
|
19
|
+
| [ec2](#ec2)
|
20
|
+
| [ecr_repository](#ecr_repository)
|
21
|
+
| [ecs_cluster](#ecs_cluster)
|
22
|
+
| [ecs_container_instance](#ecs_container_instance)
|
23
|
+
| [ecs_service](#ecs_service)
|
24
|
+
| [ecs_task_definition](#ecs_task_definition)
|
25
|
+
| [efs](#efs)
|
26
|
+
| [eip](#eip)
|
27
|
+
| [elasticache](#elasticache)
|
28
|
+
| [elasticache_cache_parameter_group](#elasticache_cache_parameter_group)
|
29
|
+
| [elasticsearch](#elasticsearch)
|
30
|
+
| [elastictranscoder_pipeline](#elastictranscoder_pipeline)
|
31
|
+
| [elb](#elb)
|
32
|
+
| [iam_group](#iam_group)
|
33
|
+
| [iam_policy](#iam_policy)
|
34
|
+
| [iam_role](#iam_role)
|
35
|
+
| [iam_user](#iam_user)
|
36
|
+
| [internet_gateway](#internet_gateway)
|
37
|
+
| [kms](#kms)
|
38
|
+
| [lambda](#lambda)
|
39
|
+
| [launch_configuration](#launch_configuration)
|
40
|
+
| [nat_gateway](#nat_gateway)
|
41
|
+
| [network_acl](#network_acl)
|
42
|
+
| [network_interface](#network_interface)
|
43
|
+
| [rds](#rds)
|
44
|
+
| [rds_db_cluster_parameter_group](#rds_db_cluster_parameter_group)
|
45
|
+
| [rds_db_parameter_group](#rds_db_parameter_group)
|
46
|
+
| [route53_hosted_zone](#route53_hosted_zone)
|
47
|
+
| [route_table](#route_table)
|
48
|
+
| [s3_bucket](#s3_bucket)
|
49
|
+
| [security_group](#security_group)
|
50
|
+
| [ses_identity](#ses_identity)
|
51
|
+
| [sqs](#sqs)
|
52
|
+
| [subnet](#subnet)
|
53
|
+
| [vpc](#vpc)
|
54
|
+
| [vpn_connection](#vpn_connection)
|
55
|
+
| [vpn_gateway](#vpn_gateway)
|
56
|
+
| [waf_web_acl](#waf_web_acl)
|
57
|
+
| [account](#account)
|
58
|
+
|
59
|
+
## <a name="acm">acm</a>
|
60
|
+
|
61
|
+
Acm resource type.
|
62
|
+
|
63
|
+
### exist
|
64
|
+
|
65
|
+
```ruby
|
66
|
+
describe acm('example.com') do
|
67
|
+
it { should exist }
|
68
|
+
end
|
69
|
+
```
|
70
|
+
|
71
|
+
|
72
|
+
### be_pending_validation, be_issued, be_inactive, be_expired, be_validation_timed_out, be_revoked, be_failed
|
73
|
+
|
74
|
+
### its(:certificate_arn), its(:domain_name), its(:subject_alternative_names), its(:domain_validation_options), its(:serial), its(:subject), its(:issuer), its(:created_at), its(:issued_at), its(:imported_at), its(:status), its(:revoked_at), its(:revocation_reason), its(:not_before), its(:not_after), its(:key_algorithm), its(:signature_algorithm), its(:in_use_by), its(:failure_reason), its(:type), its(:renewal_summary)
|
75
|
+
## <a name="alb">alb</a>
|
76
|
+
|
77
|
+
ALB resource type.
|
78
|
+
|
79
|
+
### exist
|
80
|
+
|
81
|
+
```ruby
|
82
|
+
describe alb('my-alb') do
|
83
|
+
it { should exist }
|
84
|
+
end
|
85
|
+
```
|
86
|
+
|
87
|
+
|
88
|
+
### be_active, be_provisioning, be_failed
|
89
|
+
|
90
|
+
```ruby
|
91
|
+
describe alb('my-alb') do
|
92
|
+
it { should be_active }
|
93
|
+
end
|
94
|
+
```
|
95
|
+
|
96
|
+
|
97
|
+
### have_security_group
|
98
|
+
|
99
|
+
```ruby
|
100
|
+
describe alb('my-alb') do
|
101
|
+
it { should have_security_group('sg-1a2b3cd4') }
|
102
|
+
end
|
103
|
+
```
|
104
|
+
|
105
|
+
|
106
|
+
### have_subnet
|
107
|
+
|
108
|
+
```ruby
|
109
|
+
describe alb('my-alb') do
|
110
|
+
it { should have_subnet('subnet-1234a567') }
|
111
|
+
end
|
112
|
+
```
|
113
|
+
|
114
|
+
|
115
|
+
### belong_to_vpc
|
116
|
+
|
117
|
+
```ruby
|
118
|
+
describe alb('my-alb') do
|
119
|
+
it { should belong_to_vpc('my-vpc') }
|
120
|
+
end
|
121
|
+
```
|
122
|
+
|
123
|
+
### its(:load_balancer_arn), its(:dns_name), its(:canonical_hosted_zone_id), its(:created_time), its(:load_balancer_name), its(:scheme), its(:vpc_id), its(:type), its(:security_groups), its(:ip_address_type)
|
124
|
+
## <a name="alb_listener">alb_listener</a>
|
125
|
+
|
126
|
+
AlbListener resource type.
|
127
|
+
|
128
|
+
### exist
|
129
|
+
|
130
|
+
```ruby
|
131
|
+
describe alb_listener('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:listener/app/my-alb/1aa1bb1cc1ddee11/f2f7dc8efc522ab2') do
|
132
|
+
it { should exist }
|
133
|
+
its(:port) { should eq 80 }
|
134
|
+
its(:protocol) { should eq 'HTTP' }
|
135
|
+
end
|
136
|
+
```
|
137
|
+
|
138
|
+
|
139
|
+
### have_rule
|
140
|
+
|
141
|
+
```ruby
|
142
|
+
describe alb_listener('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:listener/app/my-alb/1aa1bb1cc1ddee11/f2f7dc8efc522ab2') do
|
143
|
+
it { should have_rule('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:listener-rule/app/my-alb/1aa1bb1cc1ddee11/f2f7dc8efc522ab2/9683b2d02a6cabee') }
|
144
|
+
it do
|
145
|
+
should have_rule.priority('10')
|
146
|
+
.conditions(field: 'path-pattern', values: ['/img/*'])
|
147
|
+
.actions(target_group_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:123456789012:targetgroup/73e2d6bc24d8a067/73e2d6bc24d8a067', type: 'forward')
|
148
|
+
end
|
149
|
+
it do
|
150
|
+
should have_rule.priority('10')
|
151
|
+
.if(field: 'path-pattern', values: ['/img/*'])
|
152
|
+
.then(target_group_arn: 'arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:123456789012:targetgroup/73e2d6bc24d8a067/73e2d6bc24d8a067', type: 'forward')
|
153
|
+
end
|
154
|
+
it { should have_rule.conditions([{ field: 'path-pattern', values: ['/admin/*'] }, { field: 'host-header', values: ['admin.example.com'] }]) }
|
155
|
+
it { should have_rule.actions(target_group_name: 'my-alb-target-group', type: 'forward') }
|
156
|
+
end
|
157
|
+
```
|
158
|
+
|
159
|
+
### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy)
|
160
|
+
## <a name="alb_target_group">alb_target_group</a>
|
161
|
+
|
162
|
+
AlbTargetGroup resource type.
|
163
|
+
|
164
|
+
### exist
|
165
|
+
|
166
|
+
```ruby
|
167
|
+
describe alb_target_group('my-alb-target-group') do
|
168
|
+
it { should exist }
|
169
|
+
its(:health_check_path) { should eq '/' }
|
170
|
+
its(:health_check_port) { should eq 'traffic-port' }
|
171
|
+
its(:health_check_protocol) { should eq 'HTTP' }
|
172
|
+
end
|
173
|
+
```
|
174
|
+
|
175
|
+
|
176
|
+
### have_ec2
|
177
|
+
|
178
|
+
```ruby
|
179
|
+
describe alb_target_group('my-alb-target-group') do
|
180
|
+
it { should have_ec2('my-ec2') }
|
181
|
+
end
|
182
|
+
```
|
183
|
+
|
184
|
+
|
185
|
+
### belong_to_alb
|
186
|
+
|
187
|
+
```ruby
|
188
|
+
describe alb_target_group('my-alb-target-group') do
|
189
|
+
it { should belong_to_alb('my-alb') }
|
190
|
+
end
|
191
|
+
```
|
192
|
+
|
193
|
+
|
194
|
+
### belong_to_vpc
|
195
|
+
|
196
|
+
```ruby
|
197
|
+
describe alb_target_group('my-alb-target-group') do
|
198
|
+
it { should belong_to_vpc('my-vpc') }
|
199
|
+
end
|
200
|
+
```
|
201
|
+
|
202
|
+
|
203
|
+
### its(:target_group_arn), its(:target_group_name), its(:protocol), its(:port), its(:vpc_id), its(:health_check_protocol), its(:health_check_port), its(:health_check_interval_seconds), its(:health_check_timeout_seconds), its(:healthy_threshold_count), its(:unhealthy_threshold_count), its(:health_check_path), its(:load_balancer_arns), its(:target_type)
|
204
|
+
## <a name="ami">ami</a>
|
205
|
+
|
206
|
+
AMI resource type.
|
207
|
+
|
208
|
+
### exist
|
209
|
+
|
210
|
+
```ruby
|
211
|
+
describe ami('my-ami') do
|
212
|
+
it { should exist }
|
213
|
+
end
|
214
|
+
```
|
215
|
+
|
216
|
+
|
217
|
+
### be_pending, be_available, be_invalid, be_deregistered, be_transient, be_failed, be_error
|
218
|
+
|
219
|
+
```ruby
|
220
|
+
describe ami('my-ami') do
|
221
|
+
it { should be_available }
|
222
|
+
end
|
223
|
+
```
|
224
|
+
|
225
|
+
|
226
|
+
### have_tag
|
227
|
+
|
228
|
+
### its(:architecture), its(:creation_date), its(:image_id), its(:image_location), its(:image_type), its(:public), its(:kernel_id), its(:owner_id), its(:platform), its(:ramdisk_id), its(:state), its(:description), its(:ena_support), its(:hypervisor), its(:image_owner_alias), its(:name), its(:root_device_name), its(:root_device_type), its(:sriov_net_support), its(:state_reason), its(:virtualization_type)
|
229
|
+
### :unlock: Advanced use
|
230
|
+
|
231
|
+
`ami` can use `Aws::EC2::Image` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Image.html).
|
232
|
+
|
233
|
+
## <a name="autoscaling_group">autoscaling_group</a>
|
234
|
+
|
235
|
+
AutoscalingGroup resource type.
|
236
|
+
|
237
|
+
### exist
|
238
|
+
|
239
|
+
```ruby
|
240
|
+
describe autoscaling_group('my-auto-scaling-group') do
|
241
|
+
it { should exist }
|
242
|
+
end
|
243
|
+
```
|
244
|
+
|
245
|
+
|
246
|
+
### have_alb_target_group
|
247
|
+
|
248
|
+
```ruby
|
249
|
+
describe autoscaling_group('my-auto-scaling-group') do
|
250
|
+
it { should have_alb_target_group('my-alb-target-group') }
|
251
|
+
end
|
252
|
+
```
|
253
|
+
|
254
|
+
|
255
|
+
### have_ec2
|
256
|
+
|
257
|
+
```ruby
|
258
|
+
describe autoscaling_group('my-auto-scaling-group') do
|
259
|
+
it { should have_ec2('my-ec2') }
|
260
|
+
end
|
261
|
+
```
|
262
|
+
|
263
|
+
|
264
|
+
### have_elb
|
265
|
+
|
266
|
+
```ruby
|
267
|
+
describe autoscaling_group('my-auto-scaling-group') do
|
268
|
+
it { should have_elb('my-elb') }
|
269
|
+
end
|
270
|
+
```
|
271
|
+
|
272
|
+
|
273
|
+
### have_launch_configuration
|
274
|
+
|
275
|
+
```ruby
|
276
|
+
describe autoscaling_group('my-auto-scaling-group') do
|
277
|
+
it { should have_launch_configuration('my-lc') }
|
278
|
+
end
|
279
|
+
```
|
280
|
+
|
281
|
+
|
282
|
+
### have_suspended_process
|
283
|
+
|
284
|
+
### have_tag
|
285
|
+
|
286
|
+
```ruby
|
287
|
+
describe autoscaling_group('my-auto-scaling-group') do
|
288
|
+
it { should have_tag('Name').value('my-group') }
|
289
|
+
end
|
290
|
+
```
|
291
|
+
|
292
|
+
### its(:auto_scaling_group_name), its(:auto_scaling_group_arn), its(:launch_configuration_name), its(:min_size), its(:max_size), its(:desired_capacity), its(:default_cooldown), its(:availability_zones), its(:load_balancer_names), its(:target_group_arns), its(:health_check_type), its(:health_check_grace_period), its(:created_time), its(:placement_group), its(:vpc_zone_identifier), its(:enabled_metrics), its(:status), its(:termination_policies), its(:new_instances_protected_from_scale_in)
|
293
|
+
## <a name="cloudformation_stack">cloudformation_stack</a>
|
294
|
+
|
295
|
+
CloudformationStack resource type.
|
296
|
+
|
297
|
+
### exist
|
298
|
+
|
299
|
+
```ruby
|
300
|
+
describe cloudformation_stack('my-cloudformation-stack') do
|
301
|
+
it { should exist }
|
302
|
+
its(:stack_status) { should eq 'UPDATE_COMPLETE' }
|
303
|
+
end
|
304
|
+
```
|
305
|
+
|
306
|
+
### its(:stack_id), its(:stack_name), its(:change_set_id), its(:description), its(:parameters), its(:creation_time), its(:last_updated_time), its(:rollback_configuration), its(:stack_status), its(:stack_status_reason), its(:disable_rollback), its(:notification_arns), its(:timeout_in_minutes), its(:capabilities), its(:role_arn)
|
307
|
+
## <a name="cloudfront_distribution">cloudfront_distribution</a>
|
308
|
+
|
309
|
+
CloudfrontDistribution resource type.
|
310
|
+
|
311
|
+
### exist
|
312
|
+
|
313
|
+
```ruby
|
314
|
+
describe cloudfront_distribution('123456789zyxw.cloudfront.net') do
|
315
|
+
it { should exist }
|
316
|
+
end
|
317
|
+
```
|
318
|
+
|
319
|
+
|
320
|
+
### be_in_progress, be_deployed
|
321
|
+
|
322
|
+
```ruby
|
323
|
+
describe cloudfront_distribution('123456789zyxw.cloudfront.net') do
|
324
|
+
it { should be_deployed }
|
325
|
+
end
|
326
|
+
```
|
327
|
+
|
328
|
+
|
329
|
+
### have_origin
|
330
|
+
|
331
|
+
```ruby
|
332
|
+
describe cloudfront_distribution('E2CLOUDFRONTXX') do
|
333
|
+
it do
|
334
|
+
should have_origin('cf-s3-origin-hosting.dev.example.com')
|
335
|
+
.domain_name('cf-s3-origin-hosting.dev.example.com.s3.amazonaws.com')
|
336
|
+
.origin_path('/img')
|
337
|
+
.origin_access_identity('origin-access-identity/cloudfront/E2VVVVVVVVVVVV')
|
338
|
+
end
|
339
|
+
end
|
340
|
+
```
|
341
|
+
|
342
|
+
|
343
|
+
### have_origin_domain_name
|
344
|
+
|
345
|
+
```ruby
|
346
|
+
describe cloudfront_distribution('123456789zyxw.cloudfront.net') do
|
347
|
+
it { should have_origin_domain_name('cf-s3-origin-hosting.dev.example.com.s3.amazonaws.com') }
|
348
|
+
end
|
349
|
+
```
|
350
|
+
|
351
|
+
|
352
|
+
### have_origin_domain_name_and_path
|
353
|
+
|
354
|
+
```ruby
|
355
|
+
describe cloudfront_distribution('123456789zyxw.cloudfront.net') do
|
356
|
+
it { should have_origin_domain_name_and_path('cf-s3-origin-hosting.dev.example.com.s3.amazonaws.com/img') }
|
357
|
+
end
|
358
|
+
```
|
359
|
+
|
360
|
+
### its(:id), its(:arn), its(:status), its(:last_modified_time), its(:domain_name), its(:comment), its(:price_class), its(:enabled), its(:web_acl_id), its(:http_version), its(:is_ipv6_enabled)
|
361
|
+
## <a name="cloudtrail">cloudtrail</a>
|
362
|
+
|
363
|
+
Cloudtrail resource type.
|
364
|
+
|
365
|
+
### exist
|
366
|
+
|
367
|
+
```ruby
|
368
|
+
describe cloudtrail('my-trail') do
|
369
|
+
it { should exist }
|
370
|
+
end
|
371
|
+
```
|
372
|
+
|
373
|
+
|
374
|
+
### be_logging
|
375
|
+
|
376
|
+
```ruby
|
377
|
+
describe cloudtrail('my-trail') do
|
378
|
+
it { should be_logging }
|
379
|
+
end
|
380
|
+
```
|
381
|
+
|
382
|
+
### be_multi_region_trail
|
383
|
+
|
384
|
+
```ruby
|
385
|
+
describe cloudtrail('my-trail') do
|
386
|
+
it { should be_multi_region_trail }
|
387
|
+
end
|
388
|
+
```
|
389
|
+
|
390
|
+
|
391
|
+
### have_global_service_events_included
|
392
|
+
|
393
|
+
```ruby
|
394
|
+
describe cloudtrail('my-trail') do
|
395
|
+
it { should have_global_service_events_included }
|
396
|
+
end
|
397
|
+
```
|
398
|
+
|
399
|
+
|
400
|
+
### have_log_file_validation_enabled
|
401
|
+
|
402
|
+
```ruby
|
403
|
+
describe cloudtrail('my-trail') do
|
404
|
+
it { should have_log_file_validation_enabled }
|
405
|
+
end
|
406
|
+
```
|
407
|
+
|
408
|
+
|
409
|
+
### its(:name), its(:s3_bucket_name), its(:s3_key_prefix), its(:sns_topic_name), its(:sns_topic_arn), its(:include_global_service_events), its(:is_multi_region_trail), its(:home_region), its(:trail_arn), its(:log_file_validation_enabled), its(:cloud_watch_logs_log_group_arn), its(:cloud_watch_logs_role_arn), its(:kms_key_id), its(:has_custom_event_selectors)
|
410
|
+
## <a name="cloudwatch_alarm">cloudwatch_alarm</a>
|
411
|
+
|
412
|
+
CloudwatchAlarm resource type.
|
413
|
+
|
414
|
+
### exist
|
415
|
+
|
416
|
+
```ruby
|
417
|
+
describe cloudwatch_alarm('my-cloudwatch-alarm') do
|
418
|
+
it { should exist }
|
419
|
+
end
|
420
|
+
```
|
421
|
+
|
422
|
+
|
423
|
+
### have_alarm_action
|
424
|
+
|
425
|
+
```ruby
|
426
|
+
describe cloudwatch_alarm('my-cloudwatch-alarm') do
|
427
|
+
it { should have_alarm_action('arn:aws:sns:ap-northeast-1:1234567890:sns_alert') }
|
428
|
+
end
|
429
|
+
```
|
430
|
+
|
431
|
+
|
432
|
+
### have_insufficient_data_action
|
433
|
+
|
434
|
+
```ruby
|
435
|
+
describe cloudwatch_alarm('my-cloudwatch-alarm') do
|
436
|
+
it { should have_insufficient_data_action('arn:aws:sns:ap-northeast-1:1234567890:sns_alert') }
|
437
|
+
end
|
438
|
+
```
|
439
|
+
|
440
|
+
|
441
|
+
### have_ok_action
|
442
|
+
|
443
|
+
```ruby
|
444
|
+
describe cloudwatch_alarm('my-cloudwatch-alarm') do
|
445
|
+
it { should have_ok_action('arn:aws:sns:ap-northeast-1:1234567890:sns_alert') }
|
446
|
+
end
|
447
|
+
```
|
448
|
+
|
449
|
+
|
450
|
+
### belong_to_metric
|
451
|
+
|
452
|
+
```ruby
|
453
|
+
describe cloudwatch_alarm('my-cloudwatch-alarm') do
|
454
|
+
it { should belong_to_metric('NumberOfProcesses').namespace('my-cloudwatch-namespace') }
|
455
|
+
end
|
456
|
+
```
|
457
|
+
|
458
|
+
### its(:alarm_name), its(:alarm_arn), its(:alarm_description), its(:alarm_configuration_updated_timestamp), its(:actions_enabled), its(:ok_actions), its(:alarm_actions), its(:insufficient_data_actions), its(:state_value), its(:state_reason), its(:state_reason_data), its(:state_updated_timestamp), its(:metric_name), its(:namespace), its(:statistic), its(:extended_statistic), its(:period), its(:unit), its(:evaluation_periods), its(:threshold), its(:comparison_operator), its(:treat_missing_data), its(:evaluate_low_sample_count_percentile)
|
459
|
+
## <a name="cloudwatch_event">cloudwatch_event</a>
|
460
|
+
|
461
|
+
CloudwatchEvent resource type.
|
462
|
+
|
463
|
+
### exist
|
464
|
+
|
465
|
+
### be_enable
|
466
|
+
|
467
|
+
### be_scheduled
|
468
|
+
|
469
|
+
### its(:name), its(:arn), its(:event_pattern), its(:state), its(:description), its(:schedule_expression), its(:role_arn)
|
470
|
+
## <a name="cloudwatch_logs">cloudwatch_logs</a>
|
471
|
+
|
472
|
+
CloudwatchLogs resource type.
|
473
|
+
|
474
|
+
### exist
|
475
|
+
|
476
|
+
```ruby
|
477
|
+
describe cloudwatch_logs('my-cloudwatch-logs-group') do
|
478
|
+
it { should exist }
|
479
|
+
end
|
480
|
+
```
|
481
|
+
|
482
|
+
|
483
|
+
### have_log_stream
|
484
|
+
|
485
|
+
```ruby
|
486
|
+
describe cloudwatch_logs('my-cloudwatch-logs-group') do
|
487
|
+
it { should have_log_stream('my-cloudwatch-logs-stream') }
|
488
|
+
end
|
489
|
+
```
|
490
|
+
|
491
|
+
|
492
|
+
### have_metric_filter
|
493
|
+
|
494
|
+
```ruby
|
495
|
+
describe cloudwatch_logs('my-cloudwatch-logs-group') do
|
496
|
+
it { should have_metric_filter('my-cloudwatch-logs-metric-filter') }
|
497
|
+
end
|
498
|
+
```
|
499
|
+
|
500
|
+
|
501
|
+
### have_subscription_filter
|
502
|
+
|
503
|
+
```ruby
|
504
|
+
describe cloudwatch_logs('my-cloudwatch-logs-group') do
|
505
|
+
it { should have_subscription_filter('my-cloudwatch-logs-subscription-filter') }
|
506
|
+
end
|
507
|
+
```
|
508
|
+
or
|
509
|
+
```ruby
|
510
|
+
describe cloudwatch_logs('my-cloudwatch-logs-group') do
|
511
|
+
it do
|
512
|
+
should have_subscription_filter('my-cloudwatch-logs-subscription-filter')\
|
513
|
+
.filter_pattern('[host, ident, authuser, date, request, status, bytes]')
|
514
|
+
end
|
515
|
+
end
|
516
|
+
```
|
517
|
+
|
518
|
+
### its(:log_group_name), its(:creation_time), its(:retention_in_days), its(:metric_filter_count), its(:arn), its(:stored_bytes)
|
519
|
+
## <a name="customer_gateway">customer_gateway</a>
|
520
|
+
|
521
|
+
CustomerGateway resource type.
|
522
|
+
|
523
|
+
### exist
|
524
|
+
|
525
|
+
```ruby
|
526
|
+
describe customer_gateway('my-customer-gateway') do
|
527
|
+
it { should exist }
|
528
|
+
end
|
529
|
+
```
|
530
|
+
|
531
|
+
|
532
|
+
### be_pending, be_available, be_deleting, be_deleted
|
533
|
+
|
534
|
+
```ruby
|
535
|
+
describe customer_gateway('my-customer-gateway') do
|
536
|
+
it { should be_running }
|
537
|
+
end
|
538
|
+
```
|
539
|
+
|
540
|
+
|
541
|
+
### have_tag
|
542
|
+
|
543
|
+
```ruby
|
544
|
+
describe customer_gateway('my-customer-gateway') do
|
545
|
+
it { should have_tag('Name').value('my-customer-gateway') }
|
546
|
+
end
|
547
|
+
```
|
548
|
+
|
549
|
+
|
550
|
+
### its(:bgp_asn), its(:customer_gateway_id), its(:ip_address), its(:state), its(:type), its(:tags)
|
551
|
+
## <a name="directconnect_virtual_interface">directconnect_virtual_interface</a>
|
552
|
+
|
553
|
+
DirectconnectVirtualInterface resource type.
|
554
|
+
|
555
|
+
```ruby
|
556
|
+
describe directconnect_virtual_interface('my-directconnect-virtual-interface') do
|
557
|
+
it { should exist }
|
558
|
+
it { should be_available }
|
559
|
+
its(:connection_id) { should eq 'dxcon-abcd5fgh' }
|
560
|
+
its(:virtual_interface_id) { should eq 'dxvif-aabbccdd' }
|
561
|
+
its(:amazon_address) { should eq '170.252.252.1/30' }
|
562
|
+
its(:customer_address) { should eq '123.456.789.2/30' }
|
563
|
+
its(:virtual_gateway_id) { should eq 'vgw-d234e5f6' }
|
564
|
+
end
|
565
|
+
```
|
566
|
+
|
567
|
+
|
568
|
+
### exist
|
569
|
+
|
570
|
+
```ruby
|
571
|
+
describe directconnect_virtual_interface('my-directconnect-virtual-interface') do
|
572
|
+
it { should exist }
|
573
|
+
end
|
574
|
+
```
|
575
|
+
|
576
|
+
|
577
|
+
### be_confirming, be_verifying, be_pending, be_available, be_deleting, be_deleted, be_rejected
|
578
|
+
|
579
|
+
```ruby
|
580
|
+
describe directconnect_virtual_interface('my-directconnect-virtual-interface') do
|
581
|
+
it { should exist }
|
582
|
+
it { should be_available }
|
583
|
+
end
|
584
|
+
```
|
585
|
+
|
586
|
+
### its(:owner_account), its(:virtual_interface_id), its(:location), its(:connection_id), its(:virtual_interface_type), its(:virtual_interface_name), its(:vlan), its(:asn), its(:auth_key), its(:amazon_address), its(:customer_address), its(:address_family), its(:virtual_interface_state), its(:customer_router_config), its(:virtual_gateway_id), its(:route_filter_prefixes), its(:bgp_peers)
|
587
|
+
## <a name="dynamodb_table">dynamodb_table</a>
|
588
|
+
|
589
|
+
DynamodbTable resource type.
|
590
|
+
|
591
|
+
### exist
|
592
|
+
|
593
|
+
```ruby
|
594
|
+
describe dynamodb_table('my-dynamodb-table') do
|
595
|
+
it { should exist }
|
596
|
+
end
|
597
|
+
```
|
598
|
+
|
599
|
+
|
600
|
+
### be_creating, be_updating, be_deleting, be_active
|
601
|
+
|
602
|
+
### have_attribute_definition
|
603
|
+
|
604
|
+
```ruby
|
605
|
+
describe dynamodb_table('my-dynamodb-table') do
|
606
|
+
it { should have_attribute_definition('my-dynamodb-table-attaribute1').attribute_type('S') }
|
607
|
+
it { should have_attribute_definition('my-dynamodb-table-attaribute2').attribute_type('N') }
|
608
|
+
end
|
609
|
+
```
|
610
|
+
|
611
|
+
|
612
|
+
### have_key_schema
|
613
|
+
|
614
|
+
```ruby
|
615
|
+
describe dynamodb_table('my-dynamodb-table') do
|
616
|
+
it { should have_key_schema('my-dynamodb-table-key_schema1').key_type('HASH') }
|
617
|
+
it { should have_key_schema('my-dynamodb-table-key_schema2').key_type('RANGE') }
|
618
|
+
end
|
619
|
+
```
|
620
|
+
|
621
|
+
|
622
|
+
### its(:table_name), its(:table_status), its(:creation_date_time), its(:table_size_bytes), its(:item_count), its(:table_arn), its(:local_secondary_indexes), its(:global_secondary_indexes), its(:stream_specification), its(:latest_stream_label), its(:latest_stream_arn)
|
623
|
+
### :unlock: Advanced use
|
624
|
+
|
625
|
+
`dynamodb_table` can use `Aws::DynamoDB::Table` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/DynamoDB/Table.html).
|
626
|
+
|
627
|
+
```ruby
|
628
|
+
describe dynamodb_table('my-dynamodb-table') do
|
629
|
+
its('key_schema.first.key_type') { should eq 'HASH' }
|
630
|
+
end
|
631
|
+
```
|
632
|
+
|
633
|
+
or
|
634
|
+
|
635
|
+
```ruby
|
636
|
+
describe dynamodb_table('my-dynamodb-table') do
|
637
|
+
its('resource.key_schema.first.key_type') { should eq 'HASH' }
|
638
|
+
end
|
639
|
+
```
|
640
|
+
|
641
|
+
|
642
|
+
## <a name="ebs">ebs</a>
|
643
|
+
|
644
|
+
EBS resource type.
|
645
|
+
|
646
|
+
### exist
|
647
|
+
|
648
|
+
```ruby
|
649
|
+
describe ebs('my-volume') do
|
650
|
+
it { should exist }
|
651
|
+
end
|
652
|
+
```
|
653
|
+
|
654
|
+
|
655
|
+
### be_attached_to
|
656
|
+
|
657
|
+
```ruby
|
658
|
+
describe ebs('my-volume') do
|
659
|
+
it { should be_attached_to('my-ec2') }
|
660
|
+
end
|
661
|
+
```
|
662
|
+
|
663
|
+
|
664
|
+
### be_creating, be_available, be_in_use, be_deleting, be_deleted, be_error
|
665
|
+
|
666
|
+
```ruby
|
667
|
+
describe ebs('my-volume') do
|
668
|
+
it { should be_in_use }
|
669
|
+
end
|
670
|
+
```
|
671
|
+
|
672
|
+
|
673
|
+
### have_tag
|
674
|
+
|
675
|
+
```ruby
|
676
|
+
describe ebs('my-volume') do
|
677
|
+
it { should have_tag('Name').value('my-volume') }
|
678
|
+
end
|
679
|
+
```
|
680
|
+
|
681
|
+
|
682
|
+
### its(:availability_zone), its(:create_time), its(:encrypted), its(:kms_key_id), its(:size), its(:snapshot_id), its(:state), its(:volume_id), its(:iops), its(:volume_type)
|
683
|
+
### :unlock: Advanced use
|
684
|
+
|
685
|
+
`ebs` can use `Aws::EC2::Volume` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Volume.html).
|
686
|
+
|
687
|
+
```ruby
|
688
|
+
describe ebs('my-volume') do
|
689
|
+
its('attachments.first.instance_id') { should eq 'i-ec12345a' }
|
690
|
+
end
|
691
|
+
```
|
692
|
+
|
693
|
+
or
|
694
|
+
|
695
|
+
```ruby
|
696
|
+
describe ebs('my-volume') do
|
697
|
+
its('resource.attachments.first.instance_id') { should eq 'i-ec12345a' }
|
698
|
+
end
|
699
|
+
```
|
700
|
+
|
701
|
+
## <a name="ec2">ec2</a>
|
702
|
+
|
703
|
+
EC2 resource type.
|
704
|
+
|
705
|
+
### exist
|
706
|
+
|
707
|
+
```ruby
|
708
|
+
describe ec2('my-ec2') do
|
709
|
+
it { should exist }
|
710
|
+
end
|
711
|
+
```
|
712
|
+
|
713
|
+
|
714
|
+
### be_disabled_api_termination
|
715
|
+
|
716
|
+
```ruby
|
717
|
+
describe ec2('my-ec2') do
|
718
|
+
it { should be_disabled_api_termination }
|
719
|
+
end
|
720
|
+
```
|
721
|
+
|
722
|
+
|
723
|
+
### be_pending, be_running, be_shutting_down, be_terminated, be_stopping, be_stopped
|
724
|
+
|
725
|
+
```ruby
|
726
|
+
describe ec2('my-ec2') do
|
727
|
+
it { should be_running }
|
728
|
+
end
|
729
|
+
```
|
730
|
+
|
731
|
+
|
732
|
+
### have_classiclink
|
733
|
+
|
734
|
+
```ruby
|
735
|
+
describe ec2('my-ec2-classic') do
|
736
|
+
it { should have_classiclink('my-vpc') }
|
737
|
+
end
|
738
|
+
```
|
739
|
+
|
740
|
+
|
741
|
+
### have_classiclink_security_group
|
742
|
+
|
743
|
+
```ruby
|
744
|
+
describe ec2('my-ec2-classic') do
|
745
|
+
it { should have_classiclink_security_group('sg-2a3b4cd5') }
|
746
|
+
it { should have_classiclink_security_group('my-vpc-security-group-name') }
|
747
|
+
end
|
748
|
+
```
|
749
|
+
|
750
|
+
|
751
|
+
### have_ebs
|
752
|
+
|
753
|
+
```ruby
|
754
|
+
describe ec2('my-ec2') do
|
755
|
+
it { should have_ebs('vol-123a123b') }
|
756
|
+
it { should have_ebs('my-volume') }
|
757
|
+
end
|
758
|
+
```
|
759
|
+
|
760
|
+
|
761
|
+
### have_eip
|
762
|
+
|
763
|
+
```ruby
|
764
|
+
describe ec2('my-ec2') do
|
765
|
+
it { should have_eip('123.0.456.789') }
|
766
|
+
end
|
767
|
+
```
|
768
|
+
|
769
|
+
|
770
|
+
### have_event
|
771
|
+
|
772
|
+
```ruby
|
773
|
+
describe ec2('my-ec2') do
|
774
|
+
it { should have_event('system-reboot') }
|
775
|
+
end
|
776
|
+
```
|
777
|
+
|
778
|
+
|
779
|
+
### have_events
|
780
|
+
|
781
|
+
```ruby
|
782
|
+
describe ec2('my-ec2') do
|
783
|
+
it { should_not have_events }
|
784
|
+
end
|
785
|
+
```
|
786
|
+
|
787
|
+
|
788
|
+
### have_iam_instance_profile
|
789
|
+
|
790
|
+
```ruby
|
791
|
+
describe ec2('my-ec2') do
|
792
|
+
it { should have_iam_instance_profile('Ec2IamProfileName') }
|
793
|
+
end
|
794
|
+
```
|
795
|
+
|
796
|
+
|
797
|
+
### have_network_interface
|
798
|
+
|
799
|
+
```ruby
|
800
|
+
describe ec2('my-ec2') do
|
801
|
+
it { should have_network_interface('my-eni') }
|
802
|
+
it { should have_network_interface('eni-12ab3cde') }
|
803
|
+
it { should have_network_interface('my-eni').as_eth0 }
|
804
|
+
end
|
805
|
+
```
|
806
|
+
|
807
|
+
|
808
|
+
### have_security_group
|
809
|
+
|
810
|
+
```ruby
|
811
|
+
describe ec2('my-ec2') do
|
812
|
+
it { should have_security_group('my-security-group-name') }
|
813
|
+
it { should have_security_group('sg-1a2b3cd4') }
|
814
|
+
end
|
815
|
+
```
|
816
|
+
|
817
|
+
|
818
|
+
### have_security_groups
|
819
|
+
|
820
|
+
```ruby
|
821
|
+
describe ec2('my-ec2') do
|
822
|
+
it { should have_security_groups(['my-security-group-name-1', 'my-security-group-name-2']) }
|
823
|
+
it { should have_security_groups(['sg-1a2b3cd4', 'sg-5e6f7gh8']) }
|
824
|
+
end
|
825
|
+
```
|
826
|
+
|
827
|
+
|
828
|
+
### have_tag
|
829
|
+
|
830
|
+
```ruby
|
831
|
+
describe ec2('my-ec2') do
|
832
|
+
it { should have_tag('Name').value('my-ec2') }
|
833
|
+
end
|
834
|
+
```
|
835
|
+
|
836
|
+
|
837
|
+
### belong_to_subnet
|
838
|
+
|
839
|
+
```ruby
|
840
|
+
describe ec2('my-ec2') do
|
841
|
+
it { should belong_to_subnet('subnet-1234a567') }
|
842
|
+
it { should belong_to_subnet('my-subnet') }
|
843
|
+
end
|
844
|
+
```
|
845
|
+
|
846
|
+
|
847
|
+
### belong_to_vpc
|
848
|
+
|
849
|
+
```ruby
|
850
|
+
describe ec2('my-ec2') do
|
851
|
+
it { should belong_to_vpc('vpc-ab123cde') }
|
852
|
+
it { should belong_to_vpc('my-vpc') }
|
853
|
+
end
|
854
|
+
```
|
855
|
+
|
856
|
+
|
857
|
+
### its(:ami_launch_index), its(:image_id), its(:instance_id), its(:instance_type), its(:kernel_id), its(:key_name), its(:launch_time), its(:monitoring), its(:placement), its(:platform), its(:private_dns_name), its(:private_ip_address), its(:product_codes), its(:public_dns_name), its(:public_ip_address), its(:ramdisk_id), its(:state_transition_reason), its(:subnet_id), its(:vpc_id), its(:architecture), its(:client_token), its(:ebs_optimized), its(:ena_support), its(:hypervisor), its(:instance_lifecycle), its(:elastic_gpu_associations), its(:root_device_name), its(:root_device_type), its(:source_dest_check), its(:spot_instance_request_id), its(:sriov_net_support), its(:state_reason), its(:virtualization_type)
|
858
|
+
### :unlock: Advanced use
|
859
|
+
|
860
|
+
`ec2` can use `Aws::EC2::Instance` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Instance.html).
|
861
|
+
|
862
|
+
```ruby
|
863
|
+
describe ec2('my-ec2') do
|
864
|
+
its('vpc.id') { should eq 'vpc-ab123cde' }
|
865
|
+
end
|
866
|
+
```
|
867
|
+
|
868
|
+
or
|
869
|
+
|
870
|
+
```ruby
|
871
|
+
describe ec2('my-ec2') do
|
872
|
+
its('resource.vpc.id') { should eq 'vpc-ab123cde' }
|
873
|
+
end
|
874
|
+
```
|
875
|
+
|
876
|
+
## <a name="ecr_repository">ecr_repository</a>
|
877
|
+
|
878
|
+
EcrRepository resource type.
|
879
|
+
|
880
|
+
### exist
|
881
|
+
|
882
|
+
|
883
|
+
## <a name="ecs_cluster">ecs_cluster</a>
|
884
|
+
|
885
|
+
ECS Cluster resource type.
|
886
|
+
|
887
|
+
### exist
|
888
|
+
|
889
|
+
```ruby
|
890
|
+
describe ecs_cluster('my-ecs-cluster') do
|
891
|
+
it { should exist }
|
892
|
+
end
|
893
|
+
```
|
894
|
+
|
895
|
+
|
896
|
+
### be_active, be_inactive
|
897
|
+
|
898
|
+
```ruby
|
899
|
+
describe ecs_cluster('my-ecs-cluster') do
|
900
|
+
it { should be_active }
|
901
|
+
end
|
902
|
+
```
|
903
|
+
|
904
|
+
|
905
|
+
### have_container_instance
|
906
|
+
|
907
|
+
```ruby
|
908
|
+
describe ecs_cluster('my-ecs-cluster') do
|
909
|
+
it { have_container_instance('f2756532-8f13-4d53-87c9-aed50dc94cd7') }
|
910
|
+
end
|
911
|
+
```
|
912
|
+
|
913
|
+
### its(:cluster_arn), its(:cluster_name), its(:status), its(:registered_container_instances_count), its(:running_tasks_count), its(:pending_tasks_count), its(:active_services_count)
|
914
|
+
## <a name="ecs_container_instance">ecs_container_instance</a>
|
915
|
+
|
916
|
+
ECS Container Instance resource type.
|
917
|
+
|
918
|
+
### exist
|
919
|
+
|
920
|
+
You can set `cluster` ( default: `default` ).
|
921
|
+
|
922
|
+
```ruby
|
923
|
+
describe ecs_container_instance('my-container-instance'), cluster: 'my-ecs-cluster' do
|
924
|
+
it { should exist }
|
925
|
+
end
|
926
|
+
```
|
927
|
+
|
928
|
+
|
929
|
+
### be_active, be_inactive
|
930
|
+
|
931
|
+
```ruby
|
932
|
+
describe ecs_container_instance('my-container-instance'), cluster: 'my-ecs-cluster' do
|
933
|
+
it { should be_active }
|
934
|
+
end
|
935
|
+
```
|
936
|
+
|
937
|
+
|
938
|
+
### its(:container_instance_arn), its(:ec2_instance_id), its(:version), its(:version_info), its(:status), its(:agent_connected), its(:running_tasks_count), its(:pending_tasks_count), its(:agent_update_status), its(:attributes), its(:registered_at)
|
939
|
+
## <a name="ecs_service">ecs_service</a>
|
940
|
+
|
941
|
+
ECS Service resource type.
|
942
|
+
|
943
|
+
### exist
|
944
|
+
|
945
|
+
```ruby
|
946
|
+
describe ecs_service('my-ecs-service') do
|
947
|
+
it { should exist }
|
948
|
+
end
|
949
|
+
```
|
950
|
+
|
951
|
+
|
952
|
+
### be_active, be_draining, be_inactive
|
953
|
+
|
954
|
+
```ruby
|
955
|
+
describe ecs_service('my-ecs-service') do
|
956
|
+
it { should be_active }
|
957
|
+
end
|
958
|
+
```
|
959
|
+
|
960
|
+
### its(:service_arn), its(:service_name), its(:cluster_arn), its(:load_balancers), its(:status), its(:desired_count), its(:running_count), its(:pending_count), its(:task_definition), its(:role_arn), its(:created_at), its(:placement_constraints), its(:placement_strategy)
|
961
|
+
## <a name="ecs_task_definition">ecs_task_definition</a>
|
962
|
+
|
963
|
+
ECS Task Definition resource type.
|
964
|
+
|
965
|
+
### exist
|
966
|
+
|
967
|
+
```ruby
|
968
|
+
describe ecs_task_definition('my-ecs-task-definition') do
|
969
|
+
it { should exist }
|
970
|
+
end
|
971
|
+
```
|
972
|
+
|
973
|
+
|
974
|
+
### be_active, be_inactive
|
975
|
+
|
976
|
+
```ruby
|
977
|
+
describe ecs_task_definition('my-ecs-task-definition') do
|
978
|
+
it { should be_active }
|
979
|
+
end
|
980
|
+
```
|
981
|
+
|
982
|
+
### its(:task_definition_arn), its(:family), its(:task_role_arn), its(:network_mode), its(:revision), its(:volumes), its(:status), its(:requires_attributes), its(:placement_constraints)
|
983
|
+
## <a name="efs">efs</a>
|
984
|
+
|
985
|
+
EFS resource type.
|
986
|
+
|
987
|
+
### exist
|
988
|
+
|
989
|
+
```ruby
|
990
|
+
describe efs('my-efs') do
|
991
|
+
it { should exist }
|
992
|
+
end
|
993
|
+
```
|
994
|
+
|
995
|
+
|
996
|
+
### have_tag
|
997
|
+
|
998
|
+
```ruby
|
999
|
+
describe efs('my-efs') do
|
1000
|
+
it { should have_tag('my-key').value('my-value') }
|
1001
|
+
end
|
1002
|
+
```
|
1003
|
+
|
1004
|
+
### its(:owner_id), its(:creation_token), its(:file_system_id), its(:creation_time), its(:life_cycle_state), its(:name), its(:number_of_mount_targets), its(:performance_mode), its(:encrypted), its(:kms_key_id)
|
1005
|
+
## <a name="elastic_ip">elastic_ip</a>
|
1006
|
+
|
1007
|
+
Elastic IP resource type.
|
1008
|
+
|
1009
|
+
### exist
|
1010
|
+
|
1011
|
+
```ruby
|
1012
|
+
describe eip('123.0.456.789') do
|
1013
|
+
it { should exist }
|
1014
|
+
end
|
1015
|
+
```
|
1016
|
+
|
1017
|
+
|
1018
|
+
### be_associated_to
|
1019
|
+
|
1020
|
+
```ruby
|
1021
|
+
describe eip('123.0.456.789') do
|
1022
|
+
it { should be_associated_to('i-ec12345a') }
|
1023
|
+
end
|
1024
|
+
```
|
1025
|
+
|
1026
|
+
|
1027
|
+
### belong_to_domain
|
1028
|
+
|
1029
|
+
```ruby
|
1030
|
+
describe eip('123.0.456.789') do
|
1031
|
+
it { should belong_to_domain('vpc') }
|
1032
|
+
end
|
1033
|
+
```
|
1034
|
+
|
1035
|
+
|
1036
|
+
## <a name="elasticache">elasticache</a>
|
1037
|
+
|
1038
|
+
Elasticache resource type.
|
1039
|
+
|
1040
|
+
### exist
|
1041
|
+
|
1042
|
+
```ruby
|
1043
|
+
describe elasticache('my-rep-group-001') do
|
1044
|
+
it { should exist }
|
1045
|
+
end
|
1046
|
+
```
|
1047
|
+
|
1048
|
+
|
1049
|
+
### be_available, be_creating, be_deleted, be_deleting, be_incompatible_network, be_modifying, be_rebooting_cache_cluster_nodes, be_restore_failed, be_snapshotting
|
1050
|
+
|
1051
|
+
```ruby
|
1052
|
+
describe elasticache('my-rep-group-001') do
|
1053
|
+
it { should be_available }
|
1054
|
+
end
|
1055
|
+
```
|
1056
|
+
|
1057
|
+
|
1058
|
+
### have_cache_parameter_group
|
1059
|
+
|
1060
|
+
```ruby
|
1061
|
+
describe elasticache('my-rep-group-001') do
|
1062
|
+
it { should have_cache_parameter_group('my-cache-parameter-group') }
|
1063
|
+
end
|
1064
|
+
```
|
1065
|
+
|
1066
|
+
|
1067
|
+
### have_security_group
|
1068
|
+
|
1069
|
+
```ruby
|
1070
|
+
describe elasticache('my-rep-group-001') do
|
1071
|
+
it { should have_security_group('sg-da1bc2ef') }
|
1072
|
+
it { should have_security_group('group-name-sg') }
|
1073
|
+
it { should have_security_group('my-cache-sg') }
|
1074
|
+
end
|
1075
|
+
```
|
1076
|
+
|
1077
|
+
|
1078
|
+
### belong_to_cache_subnet_group
|
1079
|
+
|
1080
|
+
```ruby
|
1081
|
+
describe elasticache('my-rep-group-001') do
|
1082
|
+
it { should belong_to_cache_subnet_group('my-cache-subnet-group') }
|
1083
|
+
end
|
1084
|
+
```
|
1085
|
+
|
1086
|
+
|
1087
|
+
### belong_to_replication_group
|
1088
|
+
|
1089
|
+
```ruby
|
1090
|
+
describe elasticache('my-rep-group-001') do
|
1091
|
+
it { should belong_to_replication_group('my-rep-group') }
|
1092
|
+
end
|
1093
|
+
```
|
1094
|
+
|
1095
|
+
|
1096
|
+
### belong_to_vpc
|
1097
|
+
|
1098
|
+
```ruby
|
1099
|
+
describe elasticache('my-rep-group-001') do
|
1100
|
+
it { should belong_to_vpc('my-vpc') }
|
1101
|
+
end
|
1102
|
+
```
|
1103
|
+
|
1104
|
+
### its(:cache_cluster_id), its(:configuration_endpoint), its(:client_download_landing_page), its(:cache_node_type), its(:engine), its(:engine_version), its(:cache_cluster_status), its(:num_cache_nodes), its(:preferred_availability_zone), its(:cache_cluster_create_time), its(:preferred_maintenance_window), its(:notification_configuration), its(:cache_security_groups), its(:cache_subnet_group_name), its(:cache_nodes), its(:auto_minor_version_upgrade), its(:replication_group_id), its(:snapshot_retention_limit), its(:snapshot_window)
|
1105
|
+
## <a name="elasticache_cache_parameter_group">elasticache_cache_parameter_group</a>
|
1106
|
+
|
1107
|
+
ElasticacheCacheParameterGroup resource type.
|
1108
|
+
|
1109
|
+
```ruby
|
1110
|
+
describe elasticache_cache_parameter_group('my-cache-parameter-group') do
|
1111
|
+
it { should exist }
|
1112
|
+
its(:activerehashing) { should eq 'yes' }
|
1113
|
+
its(:client_output_buffer_limit_pubsub_hard_limit) { should eq '33554432' }
|
1114
|
+
end
|
1115
|
+
```
|
1116
|
+
|
1117
|
+
|
1118
|
+
### exist
|
1119
|
+
|
1120
|
+
```ruby
|
1121
|
+
describe elasticache_cache_parameter_group('my-cache-parameter-group') do
|
1122
|
+
it { should exist }
|
1123
|
+
end
|
1124
|
+
```
|
1125
|
+
|
1126
|
+
|
1127
|
+
## <a name="elasticsearch">elasticsearch</a>
|
1128
|
+
|
1129
|
+
Elasticsearch resource type.
|
1130
|
+
|
1131
|
+
### exist
|
1132
|
+
|
1133
|
+
```ruby
|
1134
|
+
describe elasticsearch('my-elasticsearch') do
|
1135
|
+
it { should exist }
|
1136
|
+
end
|
1137
|
+
```
|
1138
|
+
|
1139
|
+
|
1140
|
+
### be_created
|
1141
|
+
|
1142
|
+
```ruby
|
1143
|
+
describe elasticsearch('my-elasticsearch') do
|
1144
|
+
it { should be_created }
|
1145
|
+
end
|
1146
|
+
```
|
1147
|
+
|
1148
|
+
|
1149
|
+
### be_deleted
|
1150
|
+
|
1151
|
+
```ruby
|
1152
|
+
describe elasticsearch('my-elasticsearch') do
|
1153
|
+
it { should be_deleted }
|
1154
|
+
end
|
1155
|
+
```
|
1156
|
+
|
1157
|
+
|
1158
|
+
### have_access_policies
|
1159
|
+
|
1160
|
+
```ruby
|
1161
|
+
describe elasticsearch('my-elasticsearch') do
|
1162
|
+
it do
|
1163
|
+
should have_access_policies <<-policy
|
1164
|
+
{
|
1165
|
+
"version": "2012-10-17",
|
1166
|
+
"statement": [
|
1167
|
+
{
|
1168
|
+
"effect": "allow",
|
1169
|
+
"principal": "*",
|
1170
|
+
"action": [
|
1171
|
+
"es:*"
|
1172
|
+
],
|
1173
|
+
"resource": "arn:aws:es:ap-northeast-1:1234567890:domain/my-elasticsearch/*"
|
1174
|
+
}
|
1175
|
+
]
|
1176
|
+
}
|
1177
|
+
policy
|
1178
|
+
end
|
1179
|
+
end
|
1180
|
+
```
|
1181
|
+
|
1182
|
+
|
1183
|
+
### its(:domain_id), its(:domain_name), its(:arn), its(:created), its(:deleted), its(:endpoint), its(:processing), its(:elasticsearch_version), its(:access_policies), its(:snapshot_options), its(:advanced_options)
|
1184
|
+
## <a name="elastictranscoder_pipeline">elastictranscoder_pipeline</a>
|
1185
|
+
|
1186
|
+
ElastictranscoderPipeline resource type.
|
1187
|
+
|
1188
|
+
### exist
|
1189
|
+
|
1190
|
+
### be_active, be_paused
|
1191
|
+
|
1192
|
+
```ruby
|
1193
|
+
describe elastictranscoder_pipeline('my-elastictranscoder-pipeline') do
|
1194
|
+
it { should be_active }
|
1195
|
+
end
|
1196
|
+
```
|
1197
|
+
|
1198
|
+
|
1199
|
+
## <a name="elb">elb</a>
|
1200
|
+
|
1201
|
+
ELB resource type.
|
1202
|
+
|
1203
|
+
### exist
|
1204
|
+
|
1205
|
+
```ruby
|
1206
|
+
describe elb('my-elb') do
|
1207
|
+
it { should exist }
|
1208
|
+
end
|
1209
|
+
```
|
1210
|
+
|
1211
|
+
|
1212
|
+
### have_ec2
|
1213
|
+
|
1214
|
+
```ruby
|
1215
|
+
describe elb('my-elb') do
|
1216
|
+
it { should have_ec2('my-ec2') }
|
1217
|
+
end
|
1218
|
+
```
|
1219
|
+
|
1220
|
+
|
1221
|
+
### have_listener
|
1222
|
+
|
1223
|
+
http://docs.aws.amazon.com/en_us/ElasticLoadBalancing/latest/DeveloperGuide/elb-listener-config.html
|
1224
|
+
|
1225
|
+
```ruby
|
1226
|
+
describe elb('my-elb') do
|
1227
|
+
it { should have_listener(protocol: 'HTTPS', port: 443, instance_protocol: 'HTTP', instance_port: 80) }
|
1228
|
+
end
|
1229
|
+
```
|
1230
|
+
|
1231
|
+
|
1232
|
+
### have_security_group
|
1233
|
+
|
1234
|
+
```ruby
|
1235
|
+
describe elb('my-elb') do
|
1236
|
+
it { should have_security_group('my-lb-security-group-tag-name') }
|
1237
|
+
end
|
1238
|
+
```
|
1239
|
+
|
1240
|
+
|
1241
|
+
### have_subnet
|
1242
|
+
|
1243
|
+
```ruby
|
1244
|
+
describe elb('my-elb') do
|
1245
|
+
it { should have_subnet('my-subnet') }
|
1246
|
+
end
|
1247
|
+
```
|
1248
|
+
|
1249
|
+
|
1250
|
+
### belong_to_vpc
|
1251
|
+
|
1252
|
+
```ruby
|
1253
|
+
describe elb('my-elb') do
|
1254
|
+
it { should belong_to_vpc('my-vpc') }
|
1255
|
+
end
|
1256
|
+
```
|
1257
|
+
|
1258
|
+
### its(:health_check_target), its(:health_check_interval), its(:health_check_timeout), its(:health_check_unhealthy_threshold), its(:health_check_healthy_threshold), its(:load_balancer_name), its(:dns_name), its(:canonical_hosted_zone_name), its(:canonical_hosted_zone_name_id), its(:backend_server_descriptions), its(:availability_zones), its(:subnets), its(:vpc_id), its(:security_groups), its(:created_time), its(:scheme)
|
1259
|
+
## <a name="iam_group">iam_group</a>
|
1260
|
+
|
1261
|
+
IamGroup resource type.
|
1262
|
+
|
1263
|
+
### exist
|
1264
|
+
|
1265
|
+
```ruby
|
1266
|
+
describe iam_group('my-iam-group') do
|
1267
|
+
it { should exist }
|
1268
|
+
end
|
1269
|
+
```
|
1270
|
+
|
1271
|
+
|
1272
|
+
### be_allowed_action
|
1273
|
+
|
1274
|
+
```ruby
|
1275
|
+
describe iam_group('my-iam-group') do
|
1276
|
+
it { should be_allowed_action('ec2:DescribeInstances') }
|
1277
|
+
it { should be_allowed_action('s3:Put*').resource_arn('arn:aws:s3:::my-bucket-name/*') }
|
1278
|
+
end
|
1279
|
+
```
|
1280
|
+
|
1281
|
+
|
1282
|
+
### have_iam_policy
|
1283
|
+
|
1284
|
+
```ruby
|
1285
|
+
describe iam_group('my-iam-group') do
|
1286
|
+
it { should have_iam_policy('ReadOnlyAccess') }
|
1287
|
+
end
|
1288
|
+
```
|
1289
|
+
|
1290
|
+
|
1291
|
+
### have_iam_user
|
1292
|
+
|
1293
|
+
```ruby
|
1294
|
+
describe iam_group('my-iam-group') do
|
1295
|
+
it { should have_iam_user('my-iam-user') }
|
1296
|
+
end
|
1297
|
+
```
|
1298
|
+
|
1299
|
+
|
1300
|
+
### have_inline_policy
|
1301
|
+
|
1302
|
+
### its(:path), its(:group_name), its(:group_id), its(:arn), its(:create_date)
|
1303
|
+
### :unlock: Advanced use
|
1304
|
+
|
1305
|
+
`iam_group` can use `Aws::IAM::Group` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/Group.html).
|
1306
|
+
|
1307
|
+
```ruby
|
1308
|
+
describe iam_group('my-iam-group') do
|
1309
|
+
its('users.count) { should eq 5 }
|
1310
|
+
end
|
1311
|
+
```
|
1312
|
+
|
1313
|
+
or
|
1314
|
+
|
1315
|
+
```ruby
|
1316
|
+
describe iam_group('my-iam-group') do
|
1317
|
+
its('resource.users.count') { should eq 5 }
|
1318
|
+
end
|
1319
|
+
```
|
1320
|
+
|
1321
|
+
## <a name="iam_policy">iam_policy</a>
|
1322
|
+
|
1323
|
+
IamPolicy resource type.
|
1324
|
+
|
1325
|
+
### exist
|
1326
|
+
|
1327
|
+
```ruby
|
1328
|
+
describe iam_policy('my-iam-policy') do
|
1329
|
+
it { should exist }
|
1330
|
+
end
|
1331
|
+
```
|
1332
|
+
|
1333
|
+
|
1334
|
+
### be_attachable
|
1335
|
+
|
1336
|
+
```ruby
|
1337
|
+
describe iam_policy('my-iam-policy') do
|
1338
|
+
it { should be_attachable }
|
1339
|
+
end
|
1340
|
+
```
|
1341
|
+
|
1342
|
+
|
1343
|
+
### be_attached_to_group
|
1344
|
+
|
1345
|
+
```ruby
|
1346
|
+
describe iam_policy('my-iam-policy') do
|
1347
|
+
it { should be_attached_to_group('my-iam-group') }
|
1348
|
+
end
|
1349
|
+
```
|
1350
|
+
|
1351
|
+
|
1352
|
+
### be_attached_to_role
|
1353
|
+
|
1354
|
+
```ruby
|
1355
|
+
describe iam_policy('my-iam-policy') do
|
1356
|
+
it { should be_attached_to_role('HelloIAmGodRole') }
|
1357
|
+
end
|
1358
|
+
```
|
1359
|
+
|
1360
|
+
|
1361
|
+
### be_attached_to_user
|
1362
|
+
|
1363
|
+
```ruby
|
1364
|
+
describe iam_policy('my-iam-user') do
|
1365
|
+
it { should be_attached_to_user('my-iam-user') }
|
1366
|
+
end
|
1367
|
+
```
|
1368
|
+
|
1369
|
+
### its(:policy_name), its(:policy_id), its(:arn), its(:path), its(:default_version_id), its(:attachment_count), its(:is_attachable), its(:description), its(:create_date), its(:update_date)
|
1370
|
+
## <a name="iam_role">iam_role</a>
|
1371
|
+
|
1372
|
+
IamRole resource type.
|
1373
|
+
|
1374
|
+
### exist
|
1375
|
+
|
1376
|
+
```ruby
|
1377
|
+
describe iam_role('my-iam-role') do
|
1378
|
+
it { should exist }
|
1379
|
+
end
|
1380
|
+
```
|
1381
|
+
|
1382
|
+
|
1383
|
+
### be_allowed_action
|
1384
|
+
|
1385
|
+
```ruby
|
1386
|
+
describe iam_role('my-iam-role') do
|
1387
|
+
it { should be_allowed_action('ec2:DescribeInstances') }
|
1388
|
+
it { should be_allowed_action('s3:Put*').resource_arn('arn:aws:s3:::my-bucket-name/*') }
|
1389
|
+
end
|
1390
|
+
```
|
1391
|
+
|
1392
|
+
|
1393
|
+
### have_iam_policy
|
1394
|
+
|
1395
|
+
```ruby
|
1396
|
+
describe iam_role('my-iam-role') do
|
1397
|
+
it { should have_iam_policy('ReadOnlyAccess') }
|
1398
|
+
end
|
1399
|
+
```
|
1400
|
+
|
1401
|
+
|
1402
|
+
### have_inline_policy
|
1403
|
+
|
1404
|
+
```ruby
|
1405
|
+
describe iam_role('my-iam-role') do
|
1406
|
+
it { should have_inline_policy('AllowS3BucketAccess') }
|
1407
|
+
it do
|
1408
|
+
should have_inline_policy('AllowS3BucketAccess').policy_document(<<-'DOC')
|
1409
|
+
{
|
1410
|
+
"Statement": [
|
1411
|
+
{
|
1412
|
+
"Action": [
|
1413
|
+
"s3:ListAllMyBuckets"
|
1414
|
+
],
|
1415
|
+
"Effect": "Allow",
|
1416
|
+
"Resource": "arn:aws:s3:::*"
|
1417
|
+
},
|
1418
|
+
{
|
1419
|
+
"Action": "s3:*",
|
1420
|
+
"Effect": "Allow",
|
1421
|
+
"Resource": ["arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*"]
|
1422
|
+
}
|
1423
|
+
]
|
1424
|
+
}
|
1425
|
+
DOC
|
1426
|
+
end
|
1427
|
+
end
|
1428
|
+
```
|
1429
|
+
|
1430
|
+
|
1431
|
+
### its(:path), its(:role_name), its(:role_id), its(:arn), its(:create_date), its(:assume_role_policy_document), its(:description)
|
1432
|
+
### :unlock: Advanced use
|
1433
|
+
|
1434
|
+
`iam_role` can use `Aws::IAM::Role` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/Role.html).
|
1435
|
+
|
1436
|
+
```ruby
|
1437
|
+
describe iam_role('my-iam-role') do
|
1438
|
+
its('attached_policies.count') { should eq 5 }
|
1439
|
+
end
|
1440
|
+
```
|
1441
|
+
|
1442
|
+
or
|
1443
|
+
|
1444
|
+
```ruby
|
1445
|
+
describe iam_role('my-iam-role') do
|
1446
|
+
its('resource.attached_policies.count') { should eq 5 }
|
1447
|
+
end
|
1448
|
+
```
|
1449
|
+
|
1450
|
+
## <a name="iam_user">iam_user</a>
|
1451
|
+
|
1452
|
+
IamUser resource type.
|
1453
|
+
|
1454
|
+
### exist
|
1455
|
+
|
1456
|
+
```ruby
|
1457
|
+
describe iam_user('my-iam-user') do
|
1458
|
+
it { should exist }
|
1459
|
+
end
|
1460
|
+
```
|
1461
|
+
|
1462
|
+
|
1463
|
+
### be_allowed_action
|
1464
|
+
|
1465
|
+
```ruby
|
1466
|
+
describe iam_user('my-iam-user') do
|
1467
|
+
it { should be_allowed_action('ec2:DescribeInstances') }
|
1468
|
+
it { should be_allowed_action('s3:Put*').resource_arn('arn:aws:s3:::my-bucket-name/*') }
|
1469
|
+
end
|
1470
|
+
```
|
1471
|
+
|
1472
|
+
|
1473
|
+
### have_iam_policy
|
1474
|
+
|
1475
|
+
```ruby
|
1476
|
+
describe iam_user('my-iam-user') do
|
1477
|
+
it { should have_iam_policy('ReadOnlyAccess') }
|
1478
|
+
end
|
1479
|
+
```
|
1480
|
+
|
1481
|
+
|
1482
|
+
### have_inline_policy
|
1483
|
+
|
1484
|
+
```ruby
|
1485
|
+
describe iam_user('my-iam-user') do
|
1486
|
+
it { should have_inline_policy('AllowS3BucketAccess') }
|
1487
|
+
it do
|
1488
|
+
should have_inline_policy('AllowS3BucketAccess').policy_document(<<-'DOC')
|
1489
|
+
{
|
1490
|
+
"Statement": [
|
1491
|
+
{
|
1492
|
+
"Action": [
|
1493
|
+
"s3:ListAllMyBuckets"
|
1494
|
+
],
|
1495
|
+
"Effect": "Allow",
|
1496
|
+
"Resource": "arn:aws:s3:::*"
|
1497
|
+
},
|
1498
|
+
{
|
1499
|
+
"Action": "s3:*",
|
1500
|
+
"Effect": "Allow",
|
1501
|
+
"Resource": ["arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*"]
|
1502
|
+
}
|
1503
|
+
]
|
1504
|
+
}
|
1505
|
+
DOC
|
1506
|
+
end
|
1507
|
+
end
|
1508
|
+
```
|
1509
|
+
|
1510
|
+
|
1511
|
+
### belong_to_iam_group
|
1512
|
+
|
1513
|
+
```ruby
|
1514
|
+
describe iam_user('my-iam-user') do
|
1515
|
+
it { should belong_to_iam_group('my-iam-group') }
|
1516
|
+
end
|
1517
|
+
```
|
1518
|
+
|
1519
|
+
|
1520
|
+
### its(:path), its(:user_name), its(:user_id), its(:arn), its(:create_date), its(:password_last_used)
|
1521
|
+
### :unlock: Advanced use
|
1522
|
+
|
1523
|
+
`iam_user` can use `Aws::IAM::User` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/User.html).
|
1524
|
+
|
1525
|
+
```ruby
|
1526
|
+
describe iam_user('my-iam-user') do
|
1527
|
+
its('login_profile.password_reset_required') { should eq false }
|
1528
|
+
end
|
1529
|
+
```
|
1530
|
+
|
1531
|
+
or
|
1532
|
+
|
1533
|
+
```ruby
|
1534
|
+
describe iam_user('my-iam-user') do
|
1535
|
+
its('resource.login_profile.password_reset_required') { should eq false }
|
1536
|
+
end
|
1537
|
+
```
|
1538
|
+
|
1539
|
+
## <a name="internet_gateway">internet_gateway</a>
|
1540
|
+
|
1541
|
+
InternetGateway resource type.
|
1542
|
+
|
1543
|
+
### exist
|
1544
|
+
|
1545
|
+
```ruby
|
1546
|
+
describe internet_gateway('igw-1ab2cd3e') do
|
1547
|
+
it { should exist }
|
1548
|
+
end
|
1549
|
+
|
1550
|
+
describe internet_gateway('my-internet-gateway') do
|
1551
|
+
it { should exist }
|
1552
|
+
end
|
1553
|
+
```
|
1554
|
+
|
1555
|
+
|
1556
|
+
### be_attached_to
|
1557
|
+
|
1558
|
+
```ruby
|
1559
|
+
describe internet_gateway('igw-1ab2cd3e') do
|
1560
|
+
it { should be_attached_to('vpc-ab123cde') }
|
1561
|
+
end
|
1562
|
+
|
1563
|
+
describe internet_gateway('igw-1ab2cd3e') do
|
1564
|
+
it { should be_attached_to('my-vpc') }
|
1565
|
+
end
|
1566
|
+
```
|
1567
|
+
|
1568
|
+
|
1569
|
+
### have_tag
|
1570
|
+
|
1571
|
+
```ruby
|
1572
|
+
describe internet_gateway('igw-1ab2cd3e') do
|
1573
|
+
it { should have_tag('Name').value('my-internet-gateway') }
|
1574
|
+
end
|
1575
|
+
```
|
1576
|
+
|
1577
|
+
### its(:internet_gateway_id)
|
1578
|
+
## <a name="kms">kms</a>
|
1579
|
+
|
1580
|
+
Kms resource type.
|
1581
|
+
|
1582
|
+
### exist
|
1583
|
+
|
1584
|
+
```ruby
|
1585
|
+
describe kms('my-kms-key') do
|
1586
|
+
it { should exist }
|
1587
|
+
end
|
1588
|
+
```
|
1589
|
+
|
1590
|
+
|
1591
|
+
### be_enabled
|
1592
|
+
|
1593
|
+
```ruby
|
1594
|
+
describe kms('my-kms-key') do
|
1595
|
+
it { should be_enabled }
|
1596
|
+
end
|
1597
|
+
```
|
1598
|
+
|
1599
|
+
|
1600
|
+
### have_key_policy
|
1601
|
+
|
1602
|
+
```ruby
|
1603
|
+
describe kms('my-kms-key') do
|
1604
|
+
it { should exist }
|
1605
|
+
it { should be_enabled }
|
1606
|
+
it do
|
1607
|
+
should have_key_policy('default').policy_document(<<-'DOC')
|
1608
|
+
{
|
1609
|
+
"Version" : "2012-10-17",
|
1610
|
+
"Id" : "key-consolepolicy-2",
|
1611
|
+
"Statement" : [ {
|
1612
|
+
"Sid" : "Enable IAM User Permissions",
|
1613
|
+
"Effect" : "Allow",
|
1614
|
+
"Principal" : {
|
1615
|
+
"AWS" : "arn:aws:iam::1234567890:root"
|
1616
|
+
},
|
1617
|
+
"Action" : "kms:*",
|
1618
|
+
"Resource" : "*"
|
1619
|
+
}, {
|
1620
|
+
"Sid" : "Allow access for Key Administrators",
|
1621
|
+
"Effect" : "Allow",
|
1622
|
+
"Principal" : {
|
1623
|
+
"AWS" : "arn:aws:iam::1234567890:user/test-user"
|
1624
|
+
},
|
1625
|
+
"Action" : [ "kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*", "kms:Update*", "kms:Revoke*", "kms:Disable*", "kms:Get*", "kms:Delete*", "kms:ScheduleKeyDeletion", "kms:CancelKeyDeletion" ],
|
1626
|
+
"Resource" : "*"
|
1627
|
+
}, {
|
1628
|
+
"Sid" : "Allow use of the key",
|
1629
|
+
"Effect" : "Allow",
|
1630
|
+
"Principal" : {
|
1631
|
+
"AWS" : [ "arn:aws:iam::1234567890:user/test-user", "arn:aws:iam::1234567890:role/test-role" ]
|
1632
|
+
},
|
1633
|
+
"Action" : [ "kms:Encrypt", "kms:Decrypt", "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:DescribeKey" ],
|
1634
|
+
"Resource" : "*"
|
1635
|
+
}, {
|
1636
|
+
"Sid" : "Allow attachment of persistent resources",
|
1637
|
+
"Effect" : "Allow",
|
1638
|
+
"Principal" : {
|
1639
|
+
"AWS" : [ "arn:aws:iam::1234567890:user/test-user", "arn:aws:iam::1234567890:role/test-role" ]
|
1640
|
+
},
|
1641
|
+
"Action" : [ "kms:CreateGrant", "kms:ListGrants", "kms:RevokeGrant" ],
|
1642
|
+
"Resource" : "*",
|
1643
|
+
"Condition" : {
|
1644
|
+
"Bool" : {
|
1645
|
+
"kms:GrantIsForAWSResource" : "true"
|
1646
|
+
}
|
1647
|
+
}
|
1648
|
+
} ]
|
1649
|
+
}
|
1650
|
+
DOC
|
1651
|
+
end
|
1652
|
+
end
|
1653
|
+
```
|
1654
|
+
|
1655
|
+
### its(:aws_account_id), its(:key_id), its(:arn), its(:creation_date), its(:enabled), its(:description), its(:key_usage), its(:key_state), its(:deletion_date), its(:valid_to), its(:origin), its(:expiration_model), its(:key_manager)
|
1656
|
+
## <a name="lambda">lambda</a>
|
1657
|
+
|
1658
|
+
Lambda resource type.
|
1659
|
+
|
1660
|
+
### exist
|
1661
|
+
|
1662
|
+
```ruby
|
1663
|
+
describe lambda('my-lambda-function-name') do
|
1664
|
+
it { should exist }
|
1665
|
+
end
|
1666
|
+
```
|
1667
|
+
|
1668
|
+
|
1669
|
+
### have_event_source
|
1670
|
+
|
1671
|
+
This matcher does not support Amazon S3 event sources. ( [See SDK doc](http://docs.aws.amazon.com/sdkforruby/api/Aws/Lambda/Client.html#list_event_source_mappings-instance_method) )
|
1672
|
+
|
1673
|
+
### its(:function_name), its(:function_arn), its(:runtime), its(:role), its(:handler), its(:code_size), its(:description), its(:timeout), its(:memory_size), its(:last_modified), its(:code_sha_256), its(:version), its(:vpc_config), its(:dead_letter_config), its(:environment), its(:kms_key_arn), its(:tracing_config), its(:master_arn)
|
1674
|
+
## <a name="launch_configuration">launch_configuration</a>
|
1675
|
+
|
1676
|
+
LaunchConfiguration resource type.
|
1677
|
+
|
1678
|
+
### exist
|
1679
|
+
|
1680
|
+
```ruby
|
1681
|
+
describe launch_configuration('my-lc') do
|
1682
|
+
it { should exist }
|
1683
|
+
end
|
1684
|
+
```
|
1685
|
+
|
1686
|
+
|
1687
|
+
### have_block_device_mapping
|
1688
|
+
|
1689
|
+
### have_security_group
|
1690
|
+
|
1691
|
+
```ruby
|
1692
|
+
describe launch_configuration('my-lc') do
|
1693
|
+
it { should have_security_group('my-security-group-name') }
|
1694
|
+
end
|
1695
|
+
```
|
1696
|
+
|
1697
|
+
### its(:launch_configuration_name), its(:launch_configuration_arn), its(:image_id), its(:key_name), its(:security_groups), its(:classic_link_vpc_id), its(:classic_link_vpc_security_groups), its(:user_data), its(:instance_type), its(:kernel_id), its(:ramdisk_id), its(:spot_price), its(:iam_instance_profile), its(:created_time), its(:ebs_optimized), its(:associate_public_ip_address), its(:placement_tenancy)
|
1698
|
+
## <a name="nat_gateway">nat_gateway</a>
|
1699
|
+
|
1700
|
+
NatGateway resource type.
|
1701
|
+
|
1702
|
+
### exist
|
1703
|
+
|
1704
|
+
```ruby
|
1705
|
+
describe nat_gateway('nat-7ff7777f') do
|
1706
|
+
it { should exist }
|
1707
|
+
end
|
1708
|
+
```
|
1709
|
+
|
1710
|
+
|
1711
|
+
### be_pending, be_failed, be_available, be_deleting, be_deleted
|
1712
|
+
|
1713
|
+
```ruby
|
1714
|
+
describe nat_gateway('nat-7ff7777f') do
|
1715
|
+
it { should be_available }
|
1716
|
+
end
|
1717
|
+
```
|
1718
|
+
|
1719
|
+
|
1720
|
+
### have_eip
|
1721
|
+
|
1722
|
+
```ruby
|
1723
|
+
describe nat_gateway('nat-7ff7777f') do
|
1724
|
+
it { should have_eip('123.0.456.789') }
|
1725
|
+
end
|
1726
|
+
```
|
1727
|
+
|
1728
|
+
|
1729
|
+
### belong_to_vpc
|
1730
|
+
|
1731
|
+
```ruby
|
1732
|
+
describe nat_gateway('nat-7ff7777f') do
|
1733
|
+
it { should belong_to_vpc('my-vpc') }
|
1734
|
+
end
|
1735
|
+
```
|
1736
|
+
|
1737
|
+
### its(:create_time), its(:delete_time), its(:failure_code), its(:failure_message), its(:nat_gateway_id), its(:provisioned_bandwidth), its(:state), its(:subnet_id), its(:vpc_id), its(:tags)
|
1738
|
+
## <a name="network_acl">network_acl</a>
|
1739
|
+
|
1740
|
+
NetworkAcl resource type.
|
1741
|
+
|
1742
|
+
### exist
|
1743
|
+
|
1744
|
+
```ruby
|
1745
|
+
describe network_acl('my-network-acl') do
|
1746
|
+
it { should exist }
|
1747
|
+
end
|
1748
|
+
```
|
1749
|
+
|
1750
|
+
|
1751
|
+
### have_subnet
|
1752
|
+
|
1753
|
+
```ruby
|
1754
|
+
describe network_acl('my-network-acl') do
|
1755
|
+
it { should have_subnet('my-subnet') }
|
1756
|
+
end
|
1757
|
+
```
|
1758
|
+
|
1759
|
+
|
1760
|
+
### have_tag
|
1761
|
+
|
1762
|
+
```ruby
|
1763
|
+
describe network_acl('my-network-acl') do
|
1764
|
+
it { should have_tag('Name').value('my-network-acl') }
|
1765
|
+
end
|
1766
|
+
```
|
1767
|
+
|
1768
|
+
|
1769
|
+
### belong_to_vpc
|
1770
|
+
|
1771
|
+
```ruby
|
1772
|
+
describe network_acl('my-network-acl') do
|
1773
|
+
it { should belong_to_vpc('my-vpc') }
|
1774
|
+
end
|
1775
|
+
```
|
1776
|
+
|
1777
|
+
|
1778
|
+
### its(:inbound), its(:outbound), its(:inbound_entries_count), its(:outbound_entries_count)
|
1779
|
+
|
1780
|
+
```ruby
|
1781
|
+
describe network_acl('my-network-acl') do
|
1782
|
+
its(:inbound) { should be_allowed(80).protocol('tcp').source('123.0.456.789/32') }
|
1783
|
+
its(:inbound) { should be_denied.rule_number('*').source('0.0.0.0/0') }
|
1784
|
+
its(:outbound) { should be_allowed.protocol('ALL').source('0.0.0.0/0') }
|
1785
|
+
its(:inbound_entries_count) { should eq 3 }
|
1786
|
+
its(:outbound_entries_count) { should eq 2 }
|
1787
|
+
end
|
1788
|
+
```
|
1789
|
+
|
1790
|
+
|
1791
|
+
### its(:inbound_entries_count), its(:outbound_entries_count), its(:is_default), its(:network_acl_id), its(:vpc_id)
|
1792
|
+
### :unlock: Advanced use
|
1793
|
+
|
1794
|
+
`network_acl` can use `Aws::EC2::NetworkAcl` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/NetworkAcl.html).
|
1795
|
+
|
1796
|
+
```ruby
|
1797
|
+
describe network_acl('my-network-acl') do
|
1798
|
+
its('vpc.id') { should eq 'vpc-ab123cde' }
|
1799
|
+
end
|
1800
|
+
```
|
1801
|
+
|
1802
|
+
or
|
1803
|
+
|
1804
|
+
```ruby
|
1805
|
+
describe network_acl('my-network-acl') do
|
1806
|
+
its('resource.vpc.id') { should eq 'vpc-ab123cde' }
|
1807
|
+
end
|
1808
|
+
```
|
1809
|
+
|
1810
|
+
## <a name="network_interface">network_interface</a>
|
1811
|
+
|
1812
|
+
NetworkInterface resource type.
|
1813
|
+
|
1814
|
+
### exist
|
1815
|
+
|
1816
|
+
```ruby
|
1817
|
+
describe network_interface('eni-12ab3cde') do
|
1818
|
+
it { should exist }
|
1819
|
+
end
|
1820
|
+
```
|
1821
|
+
|
1822
|
+
|
1823
|
+
### be_attached_to
|
1824
|
+
|
1825
|
+
```ruby
|
1826
|
+
describe network_interface('eni-12ab3cde') do
|
1827
|
+
it { should be_attached_to('my-ec2') }
|
1828
|
+
it { should be_attached_to('my-ec2').as_eth0 }
|
1829
|
+
end
|
1830
|
+
```
|
1831
|
+
|
1832
|
+
|
1833
|
+
### be_available, be_attaching, be_in_use, be_detaching
|
1834
|
+
|
1835
|
+
```ruby
|
1836
|
+
describe network_interface('eni-12ab3cde') do
|
1837
|
+
it { should be_in_use }
|
1838
|
+
end
|
1839
|
+
```
|
1840
|
+
|
1841
|
+
|
1842
|
+
### have_private_ip_address
|
1843
|
+
|
1844
|
+
```ruby
|
1845
|
+
describe network_interface('eni-12ab3cde') do
|
1846
|
+
it { should have_private_ip_address('10.0.1.1').primary }
|
1847
|
+
it { should have_private_ip_address('10.0.1.2') }
|
1848
|
+
its(:private_ip_addresses_count) { should eq 2 }
|
1849
|
+
end
|
1850
|
+
```
|
1851
|
+
|
1852
|
+
|
1853
|
+
### have_security_group
|
1854
|
+
|
1855
|
+
```ruby
|
1856
|
+
describe network_interface('eni-12ab3cde') do
|
1857
|
+
it { should have_security_group('my-security-group-name') }
|
1858
|
+
end
|
1859
|
+
```
|
1860
|
+
|
1861
|
+
|
1862
|
+
### have_tag
|
1863
|
+
|
1864
|
+
```ruby
|
1865
|
+
describe network_interface('eni-12ab3cde') do
|
1866
|
+
it { should have_tag('Name').value('my-eni') }
|
1867
|
+
end
|
1868
|
+
```
|
1869
|
+
|
1870
|
+
|
1871
|
+
### belong_to_subnet
|
1872
|
+
|
1873
|
+
```ruby
|
1874
|
+
describe network_interface('eni-12ab3cde') do
|
1875
|
+
it { should belong_to_subnet('my-subnet') }
|
1876
|
+
end
|
1877
|
+
```
|
1878
|
+
|
1879
|
+
|
1880
|
+
### belong_to_vpc
|
1881
|
+
|
1882
|
+
```ruby
|
1883
|
+
describe network_interface('eni-12ab3cde') do
|
1884
|
+
it { should belong_to_vpc('my-vpc') }
|
1885
|
+
end
|
1886
|
+
```
|
1887
|
+
|
1888
|
+
### its(:association), its(:availability_zone), its(:description), its(:interface_type), its(:ipv_6_addresses), its(:mac_address), its(:network_interface_id), its(:owner_id), its(:private_dns_name), its(:private_ip_address), its(:requester_id), its(:requester_managed), its(:source_dest_check), its(:status), its(:subnet_id), its(:vpc_id)
|
1889
|
+
## <a name="rds">rds</a>
|
1890
|
+
|
1891
|
+
RDS resource type.
|
1892
|
+
|
1893
|
+
### exist
|
1894
|
+
|
1895
|
+
```ruby
|
1896
|
+
describe rds('my-rds') do
|
1897
|
+
it { should exist }
|
1898
|
+
end
|
1899
|
+
```
|
1900
|
+
|
1901
|
+
|
1902
|
+
### be_available, be_backing_up, be_creating, be_deleting, be_failed, be_inaccessible_encryption_credentials, be_incompatible_credentials, be_incompatible_network, be_incompatible_option_group, be_incompatible_parameters, be_incompatible_restore, be_maintenance, be_modifying, be_rebooting, be_renaming, be_resetting_master_credentials, be_restore_error, be_storage_full, be_upgrading
|
1903
|
+
|
1904
|
+
```ruby
|
1905
|
+
describe rds('my-rds') do
|
1906
|
+
it { should be_available }
|
1907
|
+
end
|
1908
|
+
```
|
1909
|
+
|
1910
|
+
|
1911
|
+
### have_db_parameter_group
|
1912
|
+
|
1913
|
+
```ruby
|
1914
|
+
describe rds('my-rds') do
|
1915
|
+
it { should have_db_parameter_group('my-db-parameter-group') }
|
1916
|
+
end
|
1917
|
+
```
|
1918
|
+
|
1919
|
+
|
1920
|
+
### have_option_group
|
1921
|
+
|
1922
|
+
```ruby
|
1923
|
+
describe rds('my-rds') do
|
1924
|
+
it { should have_option_group('default:mysql-5-6') }
|
1925
|
+
end
|
1926
|
+
```
|
1927
|
+
|
1928
|
+
|
1929
|
+
### have_security_group
|
1930
|
+
|
1931
|
+
```ruby
|
1932
|
+
describe rds('my-rds') do
|
1933
|
+
it { should have_security_group('sg-5a6b7cd8') }
|
1934
|
+
it { should have_security_group('my-db-sg') }
|
1935
|
+
end
|
1936
|
+
```
|
1937
|
+
|
1938
|
+
|
1939
|
+
### have_tag
|
1940
|
+
|
1941
|
+
```ruby
|
1942
|
+
describe rds('my-rds') do
|
1943
|
+
it { should have_tag('Name').value('my-rds') }
|
1944
|
+
end
|
1945
|
+
```
|
1946
|
+
|
1947
|
+
|
1948
|
+
### belong_to_db_subnet_group
|
1949
|
+
|
1950
|
+
```ruby
|
1951
|
+
describe rds('my-rds') do
|
1952
|
+
it { should belong_to_db_subnet_group('my-db-subnet-group') }
|
1953
|
+
end
|
1954
|
+
```
|
1955
|
+
|
1956
|
+
|
1957
|
+
### belong_to_subnet
|
1958
|
+
|
1959
|
+
```ruby
|
1960
|
+
describe rds('my-rds') do
|
1961
|
+
it { should belong_to_subnet('subnet-8901b123') }
|
1962
|
+
it { should belong_to_subnet('db-subnet-a') }
|
1963
|
+
end
|
1964
|
+
```
|
1965
|
+
|
1966
|
+
|
1967
|
+
### belong_to_vpc
|
1968
|
+
|
1969
|
+
```ruby
|
1970
|
+
describe rds('my-rds') do
|
1971
|
+
it { should belong_to_vpc('vpc-ab123cde') }
|
1972
|
+
it { should belong_to_vpc('my-vpc') }
|
1973
|
+
end
|
1974
|
+
```
|
1975
|
+
|
1976
|
+
|
1977
|
+
### its(:vpc_id), its(:db_instance_identifier), its(:db_instance_class), its(:engine), its(:db_instance_status), its(:master_username), its(:db_name), its(:endpoint), its(:allocated_storage), its(:instance_create_time), its(:preferred_backup_window), its(:backup_retention_period), its(:db_security_groups), its(:availability_zone), its(:preferred_maintenance_window), its(:pending_modified_values), its(:latest_restorable_time), its(:multi_az), its(:engine_version), its(:auto_minor_version_upgrade), its(:read_replica_source_db_instance_identifier), its(:read_replica_db_instance_identifiers), its(:read_replica_db_cluster_identifiers), its(:license_model), its(:iops), its(:character_set_name), its(:secondary_availability_zone), its(:publicly_accessible), its(:status_infos), its(:storage_type), its(:tde_credential_arn), its(:db_instance_port), its(:db_cluster_identifier), its(:storage_encrypted), its(:kms_key_id), its(:dbi_resource_id), its(:ca_certificate_identifier), its(:domain_memberships), its(:copy_tags_to_snapshot), its(:monitoring_interval), its(:enhanced_monitoring_resource_arn), its(:monitoring_role_arn), its(:promotion_tier), its(:db_instance_arn), its(:timezone), its(:iam_database_authentication_enabled)
|
1978
|
+
### :unlock: Advanced use
|
1979
|
+
|
1980
|
+
`rds` can use `Aws::RDS::DBInstance` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/RDS/DBInstance.html).
|
1981
|
+
|
1982
|
+
```ruby
|
1983
|
+
describe rds('my-rds') do
|
1984
|
+
its('db_subnet_group.db_subnet_group_name') { should eq 'my-db-subnet-group' }
|
1985
|
+
end
|
1986
|
+
```
|
1987
|
+
|
1988
|
+
or
|
1989
|
+
|
1990
|
+
```ruby
|
1991
|
+
describe rds('my-rds') do
|
1992
|
+
its('resource.db_subnet_group.db_subnet_group_name') { should eq 'my-db-subnet-group' }
|
1993
|
+
end
|
1994
|
+
```
|
1995
|
+
|
1996
|
+
## <a name="rds_db_cluster_parameter_group">rds_db_cluster_parameter_group</a>
|
1997
|
+
|
1998
|
+
RdsDbClusterParameterGroup resource type.
|
1999
|
+
|
2000
|
+
```ruby
|
2001
|
+
describe rds_db_cluster_parameter_group('my-rds-db-cluster-parameter-group') do
|
2002
|
+
its(:time_zone) { should eq 'US/Central' }
|
2003
|
+
its(:binlog_format) { should eq 'ROW' }
|
2004
|
+
its(:character_set_server) { should eq 'utf8mb4' }
|
2005
|
+
end
|
2006
|
+
```
|
2007
|
+
|
2008
|
+
### exist
|
2009
|
+
|
2010
|
+
```ruby
|
2011
|
+
describe rds_db_cluster_parameter_group('my-rds-db-cluster-parameter-group') do
|
2012
|
+
it { should exist }
|
2013
|
+
end
|
2014
|
+
```
|
2015
|
+
|
2016
|
+
|
2017
|
+
## <a name="rds_db_parameter_group">rds_db_parameter_group</a>
|
2018
|
+
|
2019
|
+
RdsDbParameterGroup resource type.
|
2020
|
+
|
2021
|
+
```ruby
|
2022
|
+
describe rds_db_parameter_group('my-rds-db-parameter-group') do
|
2023
|
+
its(:basedir) { should eq '/rdsdbbin/mysql' }
|
2024
|
+
its(:innodb_buffer_pool_size) { '{DBInstanceClassMemory*3/4}' }
|
2025
|
+
end
|
2026
|
+
```
|
2027
|
+
|
2028
|
+
### exist
|
2029
|
+
|
2030
|
+
```ruby
|
2031
|
+
describe rds_db_parameter_group('my-rds-db-parameter-group') do
|
2032
|
+
it { should exist }
|
2033
|
+
end
|
2034
|
+
```
|
2035
|
+
|
2036
|
+
|
2037
|
+
## <a name="route53_hosted_zone">route53_hosted_zone</a>
|
2038
|
+
|
2039
|
+
Route53HostedZone resource type.
|
2040
|
+
|
2041
|
+
### exist
|
2042
|
+
|
2043
|
+
```ruby
|
2044
|
+
describe route53_hosted_zone('example.com.') do
|
2045
|
+
it { should exist }
|
2046
|
+
end
|
2047
|
+
```
|
2048
|
+
|
2049
|
+
|
2050
|
+
### have_record_set
|
2051
|
+
|
2052
|
+
```ruby
|
2053
|
+
describe route53_hosted_zone('example.com.') do
|
2054
|
+
its(:resource_record_set_count) { should eq 6 }
|
2055
|
+
it { should have_record_set('example.com.').a('123.456.7.890') }
|
2056
|
+
it { should have_record_set('*.example.com.').cname('example.com') }
|
2057
|
+
it { should have_record_set('example.com.').mx('10 mail.example.com') }
|
2058
|
+
it { should have_record_set('mail.example.com.').a('123.456.7.890').ttl(3600) }
|
2059
|
+
ns = 'ns-123.awsdns-45.net.
|
2060
|
+
ns-6789.awsdns-01.org.
|
2061
|
+
ns-2345.awsdns-67.co.uk.
|
2062
|
+
ns-890.awsdns-12.com.'
|
2063
|
+
it { should have_record_set('example.com.').ns(ns) }
|
2064
|
+
it { should have_record_set('s3.example.com.').alias('s3-website-us-east-1.amazonaws.com.', 'Z2ABCDEFGHIJKL') }
|
2065
|
+
end
|
2066
|
+
```
|
2067
|
+
|
2068
|
+
### its(:id), its(:name), its(:caller_reference), its(:config), its(:resource_record_set_count)
|
2069
|
+
## <a name="route_table">route_table</a>
|
2070
|
+
|
2071
|
+
RouteTable resource type.
|
2072
|
+
|
2073
|
+
### exist
|
2074
|
+
|
2075
|
+
```ruby
|
2076
|
+
describe route_table('my-route-table') do
|
2077
|
+
it { should exist }
|
2078
|
+
end
|
2079
|
+
```
|
2080
|
+
|
2081
|
+
|
2082
|
+
### have_route
|
2083
|
+
|
2084
|
+
```ruby
|
2085
|
+
describe route_table('my-route-table') do
|
2086
|
+
it { should have_route('10.0.0.0/16').target(gateway: 'local') }
|
2087
|
+
it { should have_route('0.0.0.0/0').target(gateway: 'igw-1ab2345c') }
|
2088
|
+
it { should have_route('192.168.1.0/24').target(instance: 'my-ec2') }
|
2089
|
+
it { should have_route('192.168.2.0/24').target(vpc_peering_connection: 'my-pcx') }
|
2090
|
+
it { should have_route('192.168.3.0/24').target(nat: 'nat-7ff7777f') }
|
2091
|
+
end
|
2092
|
+
```
|
2093
|
+
|
2094
|
+
|
2095
|
+
### have_subnet
|
2096
|
+
|
2097
|
+
```ruby
|
2098
|
+
describe route_table('my-route-table') do
|
2099
|
+
it { should have_subnet('my-subnet') }
|
2100
|
+
end
|
2101
|
+
```
|
2102
|
+
|
2103
|
+
|
2104
|
+
### have_tag
|
2105
|
+
|
2106
|
+
```ruby
|
2107
|
+
describe route_table('my-route-table') do
|
2108
|
+
it { should have_tag('Name').value('my-route-table') }
|
2109
|
+
end
|
2110
|
+
```
|
2111
|
+
|
2112
|
+
|
2113
|
+
### its(:propagating_vgws), its(:route_table_id), its(:vpc_id)
|
2114
|
+
### :unlock: Advanced use
|
2115
|
+
|
2116
|
+
`route_table` can use `Aws::EC2::RouteTable` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/RouteTable.html).
|
2117
|
+
|
2118
|
+
```ruby
|
2119
|
+
describe route_table('my-route-table') do
|
2120
|
+
its('vpc.id') { should eq 'vpc-ab123cde' }
|
2121
|
+
end
|
2122
|
+
```
|
2123
|
+
|
2124
|
+
or
|
2125
|
+
|
2126
|
+
```ruby
|
2127
|
+
describe s3_bucket('my-bucket') do
|
2128
|
+
its('resource.vpc.id') { should eq 'vpc-ab123cde' }
|
2129
|
+
end
|
2130
|
+
```
|
2131
|
+
|
2132
|
+
## <a name="s3_bucket">s3_bucket</a>
|
2133
|
+
|
2134
|
+
S3Bucket resource type.
|
2135
|
+
|
2136
|
+
### exist
|
2137
|
+
|
2138
|
+
```ruby
|
2139
|
+
describe s3_bucket('my-bucket') do
|
2140
|
+
it { should exist }
|
2141
|
+
end
|
2142
|
+
```
|
2143
|
+
|
2144
|
+
|
2145
|
+
### have_acl_grant
|
2146
|
+
|
2147
|
+
```ruby
|
2148
|
+
describe s3_bucket('my-bucket') do
|
2149
|
+
its(:acl_owner) { should eq 'my-bucket-owner' }
|
2150
|
+
its(:acl_grants_count) { should eq 3 }
|
2151
|
+
it { should have_acl_grant(grantee: 'my-bucket-owner', permission: 'FULL_CONTROL') }
|
2152
|
+
it { should have_acl_grant(grantee: 'http://acs.amazonaws.com/groups/s3/LogDelivery', permission: 'WRITE') }
|
2153
|
+
it { should have_acl_grant(grantee: '68f4bb06b094152df53893bfba57760e', permission: 'READ') }
|
2154
|
+
end
|
2155
|
+
```
|
2156
|
+
|
2157
|
+
|
2158
|
+
### have_cors_rule
|
2159
|
+
|
2160
|
+
```ruby
|
2161
|
+
describe s3_bucket('my-bucket') do
|
2162
|
+
it do
|
2163
|
+
should have_cors_rule(
|
2164
|
+
allowed_methods: ['GET'],
|
2165
|
+
allowed_origins: ['*']
|
2166
|
+
)
|
2167
|
+
end
|
2168
|
+
it do
|
2169
|
+
should have_cors_rule(
|
2170
|
+
allowed_headers: ['*'],
|
2171
|
+
allowed_methods: ['GET'],
|
2172
|
+
allowed_origins: ['https://example.org', 'https://example.com'],
|
2173
|
+
expose_headers: ['X-Custom-Header'],
|
2174
|
+
max_age_seconds: 3600
|
2175
|
+
)
|
2176
|
+
end
|
2177
|
+
end
|
2178
|
+
```
|
2179
|
+
|
2180
|
+
|
2181
|
+
### have_lifecycle_rule
|
2182
|
+
|
2183
|
+
```ruby
|
2184
|
+
describe s3_bucket('my-bucket') do
|
2185
|
+
it do
|
2186
|
+
should have_lifecycle_rule(
|
2187
|
+
id: 'MyRuleName',
|
2188
|
+
noncurrent_version_expiration: { noncurrent_days: 1 },
|
2189
|
+
expiration: { days: 2 },
|
2190
|
+
transitions: { days: 3, storage_class: 'GLACIER' },
|
2191
|
+
status: 'Enabled'
|
2192
|
+
)
|
2193
|
+
end
|
2194
|
+
end
|
2195
|
+
```
|
2196
|
+
|
2197
|
+
|
2198
|
+
### have_logging_enabled
|
2199
|
+
|
2200
|
+
```ruby
|
2201
|
+
describe s3_bucket('my-bucket') do
|
2202
|
+
it { should have_logging_enabled(target_bucket: 'my-log-bucket', target_prefix: 'logs/') }
|
2203
|
+
end
|
2204
|
+
```
|
2205
|
+
|
2206
|
+
|
2207
|
+
### have_mfa_delete_enabled
|
2208
|
+
|
2209
|
+
```ruby
|
2210
|
+
describe s3_bucket('my-bucket') do
|
2211
|
+
it { should have_mfa_delete_enabled }
|
2212
|
+
end
|
2213
|
+
```
|
2214
|
+
|
2215
|
+
|
2216
|
+
### have_object
|
2217
|
+
|
2218
|
+
```ruby
|
2219
|
+
describe s3_bucket('my-bucket') do
|
2220
|
+
it { should have_object('path/to/object') }
|
2221
|
+
end
|
2222
|
+
```
|
2223
|
+
|
2224
|
+
|
2225
|
+
### have_policy
|
2226
|
+
|
2227
|
+
```ruby
|
2228
|
+
describe s3_bucket('my-bucket') do
|
2229
|
+
it do
|
2230
|
+
should have_policy <<-POLICY
|
2231
|
+
{
|
2232
|
+
"Version": "2012-10-17",
|
2233
|
+
"Statement": [
|
2234
|
+
{
|
2235
|
+
"Sid": "AllowPublicRead",
|
2236
|
+
"Effect": "Allow",
|
2237
|
+
"Principal": "*",
|
2238
|
+
"Action": "s3:GetObject",
|
2239
|
+
"Resource": "arn:aws:s3:::my-bucket/*"
|
2240
|
+
}
|
2241
|
+
]
|
2242
|
+
}
|
2243
|
+
POLICY
|
2244
|
+
end
|
2245
|
+
end
|
2246
|
+
```
|
2247
|
+
|
2248
|
+
|
2249
|
+
### have_tag
|
2250
|
+
|
2251
|
+
```ruby
|
2252
|
+
describe s3_bucket('my-bucket') do
|
2253
|
+
it { should have_tag('env').value('dev') }
|
2254
|
+
end
|
2255
|
+
```
|
2256
|
+
|
2257
|
+
|
2258
|
+
### have_versioning_enabled
|
2259
|
+
|
2260
|
+
```ruby
|
2261
|
+
describe s3_bucket('my-bucket') do
|
2262
|
+
it { should have_versioning_enabled }
|
2263
|
+
end
|
2264
|
+
```
|
2265
|
+
|
2266
|
+
|
2267
|
+
### its(:acl_grants_count), its(:acl_owner), its(:cors_rules_count), its(:name), its(:creation_date)
|
2268
|
+
### :unlock: Advanced use
|
2269
|
+
|
2270
|
+
`s3_bucket` can use `Aws::S3::Bucket` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/S3/Bucket.html).
|
2271
|
+
|
2272
|
+
```ruby
|
2273
|
+
describe s3_bucket('my-bucket') do
|
2274
|
+
its('acl.owner.display_name') { should eq 'my-bucket-owner' }
|
2275
|
+
end
|
2276
|
+
```
|
2277
|
+
|
2278
|
+
or
|
2279
|
+
|
2280
|
+
```ruby
|
2281
|
+
describe s3_bucket('my-bucket') do
|
2282
|
+
its('resource.acl.owner.display_name') { should eq 'my-bucket-owner' }
|
2283
|
+
end
|
2284
|
+
```
|
2285
|
+
|
2286
|
+
## <a name="security_group">security_group</a>
|
2287
|
+
|
2288
|
+
SecurityGroup resource type.
|
2289
|
+
|
2290
|
+
### exist
|
2291
|
+
|
2292
|
+
```ruby
|
2293
|
+
describe security_group('my-security-group-name') do
|
2294
|
+
it { should exist }
|
2295
|
+
end
|
2296
|
+
```
|
2297
|
+
|
2298
|
+
|
2299
|
+
### be_inbound_opened_only
|
2300
|
+
|
2301
|
+
### be_opened_only
|
2302
|
+
|
2303
|
+
### be_outbound_opened_only
|
2304
|
+
|
2305
|
+
### have_tag
|
2306
|
+
|
2307
|
+
```ruby
|
2308
|
+
describe security_group('my-security-group-name') do
|
2309
|
+
it { should have_tag('env').value('dev') }
|
2310
|
+
end
|
2311
|
+
```
|
2312
|
+
|
2313
|
+
|
2314
|
+
### its(:inbound), its(:outbound)
|
2315
|
+
|
2316
|
+
```ruby
|
2317
|
+
describe security_group('my-security-group-name') do
|
2318
|
+
its(:outbound) { should be_opened }
|
2319
|
+
its(:inbound) { should be_opened(80) }
|
2320
|
+
its(:inbound) { should be_opened(80).protocol('tcp').for('203.0.113.1/32') }
|
2321
|
+
its(:inbound) { should be_opened(22).protocol('tcp').for('sg-5a6b7cd8') }
|
2322
|
+
end
|
2323
|
+
```
|
2324
|
+
|
2325
|
+
|
2326
|
+
### its(:inbound_rule_count), its(:outbound_rule_count), its(:inbound_permissions_count), its(:outbound_permissions_count), its(:description), its(:group_name), its(:owner_id), its(:group_id), its(:vpc_id)
|
2327
|
+
### :unlock: Advanced use
|
2328
|
+
|
2329
|
+
`security_group` can use `Aws::EC2::SecurityGroup` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/SecurityGroup.html).
|
2330
|
+
|
2331
|
+
```ruby
|
2332
|
+
describe security_group('my-security-group-name') do
|
2333
|
+
its('group_name') { should eq 'my-security-group-name' }
|
2334
|
+
end
|
2335
|
+
```
|
2336
|
+
|
2337
|
+
or
|
2338
|
+
|
2339
|
+
```ruby
|
2340
|
+
describe security_group('my-security-group-name') do
|
2341
|
+
its('resource.group_name') { should eq 'my-security-group-name' }
|
2342
|
+
end
|
2343
|
+
```
|
2344
|
+
|
2345
|
+
## <a name="ses_identity">ses_identity</a>
|
2346
|
+
|
2347
|
+
SesIdentity resource type.
|
2348
|
+
|
2349
|
+
### exist
|
2350
|
+
|
2351
|
+
```ruby
|
2352
|
+
describe ses_identity('example.com') do
|
2353
|
+
it { should exist }
|
2354
|
+
end
|
2355
|
+
```
|
2356
|
+
|
2357
|
+
|
2358
|
+
### have_dkim_tokens
|
2359
|
+
|
2360
|
+
|
2361
|
+
### have_identity_policy
|
2362
|
+
|
2363
|
+
```ruby
|
2364
|
+
describe ses_identity('example.com') do
|
2365
|
+
it { should have_identity_policy('my-identity-policy-name') }
|
2366
|
+
end
|
2367
|
+
```
|
2368
|
+
|
2369
|
+
### its(:dkim_enabled), its(:dkim_verification_status), its(:bounce_topic), its(:complaint_topic), its(:delivery_topic), its(:forwarding_enabled), its(:verification_status), its(:verification_token)
|
2370
|
+
## <a name="sqs">sqs</a>
|
2371
|
+
|
2372
|
+
SQS resource type.
|
2373
|
+
|
2374
|
+
### exist
|
2375
|
+
|
2376
|
+
```ruby
|
2377
|
+
describe sqs('my-queue') do
|
2378
|
+
it { should exist }
|
2379
|
+
end
|
2380
|
+
```
|
2381
|
+
|
2382
|
+
### its(:queue_arn), its(:approximate_number_of_messages), its(:approximate_number_of_messages_not_visible), its(:approximate_number_of_messages_delayed), its(:created_timestamp), its(:last_modified_timestamp), its(:visibility_timeout), its(:maximum_message_size), its(:message_retention_period), its(:delay_seconds), its(:receive_message_wait_time_seconds), its(:queue_url)
|
2383
|
+
## <a name="subnet">subnet</a>
|
2384
|
+
|
2385
|
+
Subnet resource type.
|
2386
|
+
|
2387
|
+
### exist
|
2388
|
+
|
2389
|
+
```ruby
|
2390
|
+
describe subnet('my-subnet') do
|
2391
|
+
it { should exist }
|
2392
|
+
end
|
2393
|
+
```
|
2394
|
+
|
2395
|
+
|
2396
|
+
### be_associated_to
|
2397
|
+
|
2398
|
+
### be_available, be_pending
|
2399
|
+
|
2400
|
+
```ruby
|
2401
|
+
describe subnet('my-subnet') do
|
2402
|
+
it { should be_available }
|
2403
|
+
end
|
2404
|
+
```
|
2405
|
+
|
2406
|
+
|
2407
|
+
### have_tag
|
2408
|
+
|
2409
|
+
```ruby
|
2410
|
+
describe subnet('my-subnet') do
|
2411
|
+
it { should have_tag('Environment').value('QA') }
|
2412
|
+
end
|
2413
|
+
```
|
2414
|
+
|
2415
|
+
|
2416
|
+
### its(:availability_zone), its(:available_ip_address_count), its(:cidr_block), its(:default_for_az), its(:map_public_ip_on_launch), its(:state), its(:subnet_id), its(:vpc_id), its(:assign_ipv_6_address_on_creation), its(:ipv_6_cidr_block_association_set)
|
2417
|
+
### :unlock: Advanced use
|
2418
|
+
|
2419
|
+
`subnet` can use `Aws::EC2::Subnet` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Subnet.html).
|
2420
|
+
|
2421
|
+
```ruby
|
2422
|
+
describe subnet('my-subnet') do
|
2423
|
+
its('vpc.id') { should eq 'vpc-ab123cde' }
|
2424
|
+
end
|
2425
|
+
```
|
2426
|
+
|
2427
|
+
or
|
2428
|
+
|
2429
|
+
```ruby
|
2430
|
+
describe subnet('my-subnet') do
|
2431
|
+
its('resource.vpc.id') { should eq 'vpc-ab123cde' }
|
2432
|
+
end
|
2433
|
+
```
|
2434
|
+
|
2435
|
+
## <a name="vpc">vpc</a>
|
2436
|
+
|
2437
|
+
VPC resource type.
|
2438
|
+
|
2439
|
+
### exist
|
2440
|
+
|
2441
|
+
```ruby
|
2442
|
+
describe vpc('my-vpc') do
|
2443
|
+
it { should exist }
|
2444
|
+
end
|
2445
|
+
```
|
2446
|
+
|
2447
|
+
|
2448
|
+
### be_available, be_pending
|
2449
|
+
|
2450
|
+
```ruby
|
2451
|
+
describe vpc('vpc-ab123cde') do
|
2452
|
+
it { should be_available }
|
2453
|
+
end
|
2454
|
+
```
|
2455
|
+
|
2456
|
+
|
2457
|
+
### have_network_acl
|
2458
|
+
|
2459
|
+
```ruby
|
2460
|
+
describe vpc('vpc-ab123cde') do
|
2461
|
+
it { should have_network_acl('acl-1abc2d3e') }
|
2462
|
+
it { should have_network_acl('my-network-acl') }
|
2463
|
+
end
|
2464
|
+
```
|
2465
|
+
|
2466
|
+
|
2467
|
+
### have_route_table
|
2468
|
+
|
2469
|
+
```ruby
|
2470
|
+
describe vpc('vpc-ab123cde') do
|
2471
|
+
it { should have_route_table('rtb-ab123cde') }
|
2472
|
+
it { should have_route_table('my-route-table') }
|
2473
|
+
end
|
2474
|
+
```
|
2475
|
+
|
2476
|
+
|
2477
|
+
### have_tag
|
2478
|
+
|
2479
|
+
```ruby
|
2480
|
+
describe vpc('vpc-ab123cde') do
|
2481
|
+
it { should have_tag('Stack').value('Networking') }
|
2482
|
+
end
|
2483
|
+
```
|
2484
|
+
|
2485
|
+
|
2486
|
+
### its(:cidr_block), its(:dhcp_options_id), its(:state), its(:vpc_id), its(:instance_tenancy), its(:ipv_6_cidr_block_association_set), its(:cidr_block_association_set), its(:is_default)
|
2487
|
+
### :unlock: Advanced use
|
2488
|
+
|
2489
|
+
`vpc` can use `Aws::EC2::Vpc` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Vpc.html).
|
2490
|
+
|
2491
|
+
```ruby
|
2492
|
+
describe vpc('my-vpc') do
|
2493
|
+
its('route_tables.first.route_table_id') { should eq 'rtb-a12bcd34' }
|
2494
|
+
end
|
2495
|
+
```
|
2496
|
+
|
2497
|
+
or
|
2498
|
+
|
2499
|
+
```ruby
|
2500
|
+
describe vpc('my-vpc') do
|
2501
|
+
its('resource.route_tables.first.route_table_id') { should eq 'rtb-a12bcd34' }
|
2502
|
+
end
|
2503
|
+
```
|
2504
|
+
|
2505
|
+
## <a name="vpn_connection">vpn_connection</a>
|
2506
|
+
|
2507
|
+
VpnConnection resource type.
|
2508
|
+
|
2509
|
+
### exist
|
2510
|
+
|
2511
|
+
```ruby
|
2512
|
+
describe vpn_connection('my-vpn-connection') do
|
2513
|
+
it { should exist }
|
2514
|
+
end
|
2515
|
+
```
|
2516
|
+
|
2517
|
+
|
2518
|
+
### be_pending, be_available, be_deleting, be_deleted
|
2519
|
+
|
2520
|
+
```ruby
|
2521
|
+
describe vpn_connection('my-vpn-connection') do
|
2522
|
+
it { should be_running }
|
2523
|
+
end
|
2524
|
+
```
|
2525
|
+
|
2526
|
+
|
2527
|
+
### have_tag
|
2528
|
+
|
2529
|
+
```ruby
|
2530
|
+
describe vpn_connection('my-vpn-connection') do
|
2531
|
+
it { should have_tag('Name').value('my-vpn-connection') }
|
2532
|
+
end
|
2533
|
+
```
|
2534
|
+
|
2535
|
+
|
2536
|
+
### its(:customer_gateway_configuration), its(:customer_gateway_id), its(:state), its(:type), its(:vpn_connection_id), its(:vpn_gateway_id), its(:options), its(:routes), its(:vgw_telemetry)
|
2537
|
+
## <a name="vpn_gateway">vpn_gateway</a>
|
2538
|
+
|
2539
|
+
VpnGateway resource type.
|
2540
|
+
|
2541
|
+
### exist
|
2542
|
+
|
2543
|
+
```ruby
|
2544
|
+
describe vpn_gateway('my-vpn-gateway') do
|
2545
|
+
it { should exist }
|
2546
|
+
end
|
2547
|
+
```
|
2548
|
+
|
2549
|
+
|
2550
|
+
### be_pending, be_available, be_deleting, be_deleted
|
2551
|
+
|
2552
|
+
```ruby
|
2553
|
+
describe vpn_gateway('my-vpn-gateway') do
|
2554
|
+
it { should be_running }
|
2555
|
+
end
|
2556
|
+
```
|
2557
|
+
|
2558
|
+
|
2559
|
+
### have_tag
|
2560
|
+
|
2561
|
+
```ruby
|
2562
|
+
describe vpn_gateway('my-vpn-gateway') do
|
2563
|
+
it { should have_tag('Name').value('my-vpn-gateway') }
|
2564
|
+
end
|
2565
|
+
```
|
2566
|
+
|
2567
|
+
|
2568
|
+
### its(:availability_zone), its(:state), its(:type), its(:vpc_attachments), its(:vpn_gateway_id), its(:tags)
|
2569
|
+
## <a name="waf_web_acl">waf_web_acl</a>
|
2570
|
+
|
2571
|
+
WafWebAcl resource type.
|
2572
|
+
|
2573
|
+
### exist
|
2574
|
+
|
2575
|
+
```ruby
|
2576
|
+
describe waf_web_acl('my-waf-web-acl') do
|
2577
|
+
it { should exist }
|
2578
|
+
its(:default_action) { should eq 'BLOCK' }
|
2579
|
+
it { should have_rule('my-waf-web-acl-allowed-ips') }
|
2580
|
+
it { should have_rule('my-waf-web-acl-allowed-ips').order(2).action('BLOCK') }
|
2581
|
+
end
|
2582
|
+
```
|
2583
|
+
|
2584
|
+
|
2585
|
+
### have_rule
|
2586
|
+
|
2587
|
+
```ruby
|
2588
|
+
describe waf_web_acl('my-waf-web-acl') do
|
2589
|
+
it { should have_rule('my-waf-web-acl-allowed-ips') }
|
2590
|
+
it { should have_rule('my-waf-web-acl-allowed-ips').order(2).action('BLOCK') }
|
2591
|
+
end
|
2592
|
+
```
|
2593
|
+
|
2594
|
+
|
2595
|
+
### its(:default_action), its(:web_acl_id), its(:name), its(:metric_name)
|
2596
|
+
# Account and Attributes
|
2597
|
+
|
2598
|
+
## <a name="account">account</a>
|
2599
|
+
|
2600
|
+
Account resource type.
|
2601
|
+
|
2602
|
+
```ruby
|
2603
|
+
describe account do
|
2604
|
+
its(:user_id) { should eq 'AKIAI44QH8DHBEXAMPLE' }
|
2605
|
+
its(:account) { should eq '123456789012' }
|
2606
|
+
its(:arn) { should eq 'arn:aws:iam::123456789012:user/Alice' }
|
2607
|
+
its('ec2.supported_platforms') { should eq ["EC2", "VPC"] }
|
2608
|
+
its('ec2.vpc_max_security_groups_per_interface') { should eq 5 }
|
2609
|
+
its('ec2.max_elastic_ips') { should eq 5 }
|
2610
|
+
its('ec2.max_instances') { should eq 20 }
|
2611
|
+
its('ec2.vpc_max_elastic_ips') { should eq 5 }
|
2612
|
+
its('ec2.default_vpc') { should eq 'none' }
|
2613
|
+
its('rds.DBInstances.used') { should eq 0 }
|
2614
|
+
its('rds.DBInstances.max') { should eq 40 }
|
2615
|
+
its('rds.ReservedDBInstances.used') { should eq 0 }
|
2616
|
+
its('rds.ReservedDBInstances.max') { should eq 40 }
|
2617
|
+
its('rds.AllocatedStorage.used') { should eq 0 }
|
2618
|
+
its('rds.AllocatedStorage.max') { should eq 100000 }
|
2619
|
+
its('rds.DBSecurityGroups.used') { should eq 0 }
|
2620
|
+
its('rds.DBSecurityGroups.max') { should eq 25 }
|
2621
|
+
its('rds.AuthorizationsPerDBSecurityGroup.used') { should eq 0 }
|
2622
|
+
its('rds.AuthorizationsPerDBSecurityGroup.max') { should eq 20 }
|
2623
|
+
its('rds.DBParameterGroups.used') { should eq 1 }
|
2624
|
+
its('rds.DBParameterGroups.max') { should eq 50 }
|
2625
|
+
its('rds.ManualSnapshots.used') { should eq 0 }
|
2626
|
+
its('rds.ManualSnapshots.max') { should eq 100 }
|
2627
|
+
its('rds.EventSubscriptions.used') { should eq 0 }
|
2628
|
+
its('rds.EventSubscriptions.max') { should eq 20 }
|
2629
|
+
its('rds.DBSubnetGroups.used') { should eq 1 }
|
2630
|
+
its('rds.DBSubnetGroups.max') { should eq 50 }
|
2631
|
+
its('rds.OptionGroups.used') { should eq 0 }
|
2632
|
+
its('rds.OptionGroups.max') { should eq 20 }
|
2633
|
+
its('rds.SubnetsPerDBSubnetGroup.used') { should eq 2 }
|
2634
|
+
its('rds.SubnetsPerDBSubnetGroup.max') { should eq 20 }
|
2635
|
+
its('rds.ReadReplicasPerMaster.used') { should eq 0 }
|
2636
|
+
its('rds.ReadReplicasPerMaster.max') { should eq 5 }
|
2637
|
+
its('rds.DBClusters.used') { should eq 0 }
|
2638
|
+
its('rds.DBClusters.max') { should eq 40 }
|
2639
|
+
its('rds.DBClusterParameterGroups.used') { should eq 0 }
|
2640
|
+
its('rds.DBClusterParameterGroups.max') { should eq 50 }
|
2641
|
+
its('rds.DBClusterRoles.used') { should eq 0 }
|
2642
|
+
its('rds.DBClusterRoles.max') { should eq 5 }
|
2643
|
+
its('lambda.total_code_size.limit') { should eq 80530636800 }
|
2644
|
+
its('lambda.total_code_size.usage') { should eq 2034651562 }
|
2645
|
+
its('lambda.code_size_unzipped.limit') { should eq 262144000 }
|
2646
|
+
its('lambda.code_size_zipped.limit') { should eq 52428800 }
|
2647
|
+
its('lambda.concurrent_executions.limit') { should eq 200 }
|
2648
|
+
its('lambda.function_count.usage') { should eq 8 }
|
2649
|
+
its('ses.max_24_hour_send') { should eq 200.0 }
|
2650
|
+
its('ses.max_send_rate') { should eq 1.0 }
|
2651
|
+
its('ses.sent_last_24_hours') { should eq 1.0 }
|
2652
|
+
end
|
2653
|
+
```
|
2654
|
+
|
2655
|
+
|
2656
|
+
## :unlock: Another way: Test with account_attribute type
|
2657
|
+
|
2658
|
+
## <a name="account_attribute">account_attribute</a>
|
2659
|
+
|
2660
|
+
Account Attribute resource type.
|
2661
|
+
|
2662
|
+
```ruby
|
2663
|
+
describe account_attribute('ec2') do
|
2664
|
+
its('supported_platforms') { should eq ["EC2", "VPC"] }
|
2665
|
+
its('vpc_max_security_groups_per_interface') { should eq 5 }
|
2666
|
+
its('max_elastic_ips') { should eq 5 }
|
2667
|
+
its('max_instances') { should eq 20 }
|
2668
|
+
its('vpc_max_elastic_ips') { should eq 5 }
|
2669
|
+
its('default_vpc') { should eq 'none' }
|
2670
|
+
end
|
2671
|
+
|
2672
|
+
describe account_attribute('rds') do
|
2673
|
+
its('DBInstances.used') { should eq 0 }
|
2674
|
+
its('DBInstances.max') { should eq 40 }
|
2675
|
+
its('ReservedDBInstances.used') { should eq 0 }
|
2676
|
+
its('ReservedDBInstances.max') { should eq 40 }
|
2677
|
+
its('AllocatedStorage.used') { should eq 0 }
|
2678
|
+
its('AllocatedStorage.max') { should eq 100000 }
|
2679
|
+
its('DBSecurityGroups.used') { should eq 0 }
|
2680
|
+
its('DBSecurityGroups.max') { should eq 25 }
|
2681
|
+
its('AuthorizationsPerDBSecurityGroup.used') { should eq 0 }
|
2682
|
+
its('AuthorizationsPerDBSecurityGroup.max') { should eq 20 }
|
2683
|
+
its('DBParameterGroups.used') { should eq 1 }
|
2684
|
+
its('DBParameterGroups.max') { should eq 50 }
|
2685
|
+
its('ManualSnapshots.used') { should eq 0 }
|
2686
|
+
its('ManualSnapshots.max') { should eq 100 }
|
2687
|
+
its('EventSubscriptions.used') { should eq 0 }
|
2688
|
+
its('EventSubscriptions.max') { should eq 20 }
|
2689
|
+
its('DBSubnetGroups.used') { should eq 1 }
|
2690
|
+
its('DBSubnetGroups.max') { should eq 50 }
|
2691
|
+
its('OptionGroups.used') { should eq 0 }
|
2692
|
+
its('OptionGroups.max') { should eq 20 }
|
2693
|
+
its('SubnetsPerDBSubnetGroup.used') { should eq 2 }
|
2694
|
+
its('SubnetsPerDBSubnetGroup.max') { should eq 20 }
|
2695
|
+
its('ReadReplicasPerMaster.used') { should eq 0 }
|
2696
|
+
its('ReadReplicasPerMaster.max') { should eq 5 }
|
2697
|
+
its('DBClusters.used') { should eq 0 }
|
2698
|
+
its('DBClusters.max') { should eq 40 }
|
2699
|
+
its('DBClusterParameterGroups.used') { should eq 0 }
|
2700
|
+
its('DBClusterParameterGroups.max') { should eq 50 }
|
2701
|
+
its('DBClusterRoles.used') { should eq 0 }
|
2702
|
+
its('DBClusterRoles.max') { should eq 5 }
|
2703
|
+
end
|
2704
|
+
|
2705
|
+
describe account_attribute('lambda') do
|
2706
|
+
its('total_code_size.limit') { should eq 80530636800 }
|
2707
|
+
its('total_code_size.usage') { should eq 2034651562 }
|
2708
|
+
its('code_size_unzipped.limit') { should eq 262144000 }
|
2709
|
+
its('code_size_zipped.limit') { should eq 52428800 }
|
2710
|
+
its('concurrent_executions.limit') { should eq 200 }
|
2711
|
+
its('function_count.usage') { should eq 8 }
|
2712
|
+
end
|
2713
|
+
|
2714
|
+
describe account_attribute('ses') do
|
2715
|
+
its('max_24_hour_send') { should eq 200.0 }
|
2716
|
+
its('max_send_rate') { should eq 1.0 }
|
2717
|
+
its('sent_last_24_hours') { should eq 1.0 }
|
2718
|
+
end
|
2719
|
+
|
2720
|
+
```
|
2721
|
+
|
2722
|
+
|
2723
|
+
## :unlock: Another way: Test with separated resource types
|
2724
|
+
|
2725
|
+
[ec2_account_attributes](#ec2_account_attributes)
|
2726
|
+
| [rds_account_attributes](#rds_account_attributes)
|
2727
|
+
| [lambda_account_settings](#lambda_account_settings)
|
2728
|
+
| [ses_send_quota](#ses_send_quota)
|
2729
|
+
## <a name="ec2_account_attributes">ec2_account_attributes</a>
|
2730
|
+
|
2731
|
+
Ec2AccountAttributes account attributes.
|
2732
|
+
|
2733
|
+
```ruby
|
2734
|
+
describe ec2_account_attributes do
|
2735
|
+
its(:supported_platforms) { should include 'VPC' }
|
2736
|
+
its(:max_instances) { should eq 20 }
|
2737
|
+
end
|
2738
|
+
```
|
2739
|
+
|
2740
|
+
### its(:supported_platforms), its(:vpc_max_security_groups_per_interface), its(:max_elastic_ips), its(:max_instances), its(:vpc_max_elastic_ips), its(:default_vpc)
|
2741
|
+
## <a name="rds_account_attributes">rds_account_attributes</a>
|
2742
|
+
|
2743
|
+
RdsAccountAttributes account attributes.
|
2744
|
+
|
2745
|
+
```ruby
|
2746
|
+
describe rds_account_attributes do
|
2747
|
+
its('DBInstances.used') { should eq 0 }
|
2748
|
+
its('DBInstances.max') { should eq 40 }
|
2749
|
+
end
|
2750
|
+
```
|
2751
|
+
|
2752
|
+
|
2753
|
+
## <a name="lambda_account_settings">lambda_account_settings</a>
|
2754
|
+
|
2755
|
+
LambdaAccountSettings account attributes.
|
2756
|
+
|
2757
|
+
```ruby
|
2758
|
+
describe lambda_account_settings do
|
2759
|
+
its('total_code_size.limit') { should eq 80_530_636_800 }
|
2760
|
+
its('total_code_size.usage') { should eq 2_034_651_562 }
|
2761
|
+
its('function_count.usage') { should eq 8 }
|
2762
|
+
end
|
2763
|
+
```
|
2764
|
+
|
2765
|
+
|
2766
|
+
|
2767
|
+
## <a name="ses_send_quota">ses_send_quota</a>
|
2768
|
+
|
2769
|
+
SesSendQuota account attributes.
|
2770
|
+
|
2771
|
+
```ruby
|
2772
|
+
describe ses_send_quota do
|
2773
|
+
its(:max_24_hour_send) { should eq 200.0 }
|
2774
|
+
its(:max_send_rate) { should eq 1.0 }
|
2775
|
+
its(:sent_last_24_hours) { should eq 1.0 }
|
2776
|
+
end
|
2777
|
+
```
|
2778
|
+
|
2779
|
+
### its(:max_24_hour_send), its(:max_send_rate), its(:sent_last_24_hours)
|