inspec 2.0.32 → 2.0.45

data/lib/resources/aws/aws_security_groups.rb

@@ -1,68 +1,68 @@
-class AwsSecurityGroups < Inspec.resource(1)
-  name 'aws_security_groups'
-  desc 'Verifies settings for AWS Security Groups in bulk'
-  example <<-EOX
-    # Verify that you have security groups defined
-    describe aws_security_groups do
-      it { should exist }
-    end
-
-    # Verify you have more than the default security group
-    describe aws_security_groups do
-      its('entries.count') { should be > 1 }
-    end
-EOX
-  supports platform: 'aws'
-
-  include AwsPluralResourceMixin
-
-  # Underlying FilterTable implementation.
-  filter = FilterTable.create
-  filter.add_accessor(:where)
-        .add_accessor(:entries)
-        .add(:exists?) { |x| !x.entries.empty? }
-        .add(:group_ids, field: :group_id)
-  filter.connect(self, :table)
-
-  def to_s
-    'EC2 Security Groups'
-  end
-
-  private
-
-  def validate_params(raw_criteria)
-    unless raw_criteria.is_a? Hash
-      raise 'Unrecognized criteria for fetching Security Groups. ' \
-            "Use 'criteria: value' format."
-    end
-
-    # No criteria yet
-    unless raw_criteria.empty?
-      raise ArgumentError, 'aws_ec2_security_groups does not currently accept resource parameters.'
-    end
-    raw_criteria
-  end
-
-  def fetch_from_api
-    @table = []
-    backend = BackendFactory.create(inspec_runner)
-    backend.describe_security_groups({}).security_groups.each do |sg_info|
-      @table.push({
-                    group_id: sg_info.group_id,
-        group_name: sg_info.group_name,
-        vpc_id: sg_info.vpc_id,
-                  })
-    end
-  end
-
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend self
-      self.aws_client_class = Aws::EC2::Client
-
-      def describe_security_groups(query)
-        aws_service_client.describe_security_groups(query)
-      end
-    end
-  end
-end
+class AwsSecurityGroups < Inspec.resource(1)
+  name 'aws_security_groups'
+  desc 'Verifies settings for AWS Security Groups in bulk'
+  example <<-EOX
+    # Verify that you have security groups defined
+    describe aws_security_groups do
+      it { should exist }
+    end
+
+    # Verify you have more than the default security group
+    describe aws_security_groups do
+      its('entries.count') { should be > 1 }
+    end
+EOX
+  supports platform: 'aws'
+
+  include AwsPluralResourceMixin
+
+  # Underlying FilterTable implementation.
+  filter = FilterTable.create
+  filter.add_accessor(:where)
+        .add_accessor(:entries)
+        .add(:exists?) { |x| !x.entries.empty? }
+        .add(:group_ids, field: :group_id)
+  filter.connect(self, :table)
+
+  def to_s
+    'EC2 Security Groups'
+  end
+
+  private
+
+  def validate_params(raw_criteria)
+    unless raw_criteria.is_a? Hash
+      raise 'Unrecognized criteria for fetching Security Groups. ' \
+            "Use 'criteria: value' format."
+    end
+
+    # No criteria yet
+    unless raw_criteria.empty?
+      raise ArgumentError, 'aws_ec2_security_groups does not currently accept resource parameters.'
+    end
+    raw_criteria
+  end
+
+  def fetch_from_api
+    @table = []
+    backend = BackendFactory.create(inspec_runner)
+    backend.describe_security_groups({}).security_groups.each do |sg_info|
+      @table.push({
+                    group_id: sg_info.group_id,
+        group_name: sg_info.group_name,
+        vpc_id: sg_info.vpc_id,
+                  })
+    end
+  end
+
+  class Backend
+    class AwsClientApi < AwsBackendBase
+      BackendFactory.set_default_backend self
+      self.aws_client_class = Aws::EC2::Client
+
+      def describe_security_groups(query)
+        aws_service_client.describe_security_groups(query)
+      end
+    end
+  end
+end

data/lib/resources/aws/aws_sns_topic.rb

@@ -1,53 +1,53 @@
-class AwsSnsTopic < Inspec.resource(1)
-  name 'aws_sns_topic'
-  desc 'Verifies settings for an SNS Topic'
-  example "
-    describe aws_sns_topic('arn:aws:sns:us-east-1:123456789012:some-topic') do
-      it { should exist }
-      its('confirmed_subscription_count') { should_not be_zero }
-    end
-  "
-  supports platform: 'aws'
-
-  include AwsSingularResourceMixin
-  attr_reader :arn, :confirmed_subscription_count
-
-  private
-
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:arn],
-      allowed_scalar_name: :arn,
-      allowed_scalar_type: String,
-    )
-    # Validate the ARN
-    unless validated_params[:arn] =~ /^arn:aws:sns:[\w\-]+:\d{12}:[\S]+$/
-      raise ArgumentError, 'Malformed ARN for SNS topics.  Expected an ARN of the form ' \
-                           "'arn:aws:sns:REGION:ACCOUNT-ID:TOPIC-NAME'"
-    end
-    validated_params
-  end
-
-  def fetch_from_api
-    aws_response = BackendFactory.create(inspec_runner).get_topic_attributes(topic_arn: @arn).attributes
-    @exists = true
-
-    # The response has a plain hash with CamelCase plain string keys and string values
-    @confirmed_subscription_count = aws_response['SubscriptionsConfirmed'].to_i
-  rescue Aws::SNS::Errors::NotFound
-    @exists = false
-  end
-
-  # Uses the SDK API to really talk to AWS
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::SNS::Client
-
-      def get_topic_attributes(criteria)
-        aws_service_client.get_topic_attributes(criteria)
-      end
-    end
-  end
-end
+class AwsSnsTopic < Inspec.resource(1)
+  name 'aws_sns_topic'
+  desc 'Verifies settings for an SNS Topic'
+  example "
+    describe aws_sns_topic('arn:aws:sns:us-east-1:123456789012:some-topic') do
+      it { should exist }
+      its('confirmed_subscription_count') { should_not be_zero }
+    end
+  "
+  supports platform: 'aws'
+
+  include AwsSingularResourceMixin
+  attr_reader :arn, :confirmed_subscription_count
+
+  private
+
+  def validate_params(raw_params)
+    validated_params = check_resource_param_names(
+      raw_params: raw_params,
+      allowed_params: [:arn],
+      allowed_scalar_name: :arn,
+      allowed_scalar_type: String,
+    )
+    # Validate the ARN
+    unless validated_params[:arn] =~ /^arn:aws:sns:[\w\-]+:\d{12}:[\S]+$/
+      raise ArgumentError, 'Malformed ARN for SNS topics.  Expected an ARN of the form ' \
+                           "'arn:aws:sns:REGION:ACCOUNT-ID:TOPIC-NAME'"
+    end
+    validated_params
+  end
+
+  def fetch_from_api
+    aws_response = BackendFactory.create(inspec_runner).get_topic_attributes(topic_arn: @arn).attributes
+    @exists = true
+
+    # The response has a plain hash with CamelCase plain string keys and string values
+    @confirmed_subscription_count = aws_response['SubscriptionsConfirmed'].to_i
+  rescue Aws::SNS::Errors::NotFound
+    @exists = false
+  end
+
+  # Uses the SDK API to really talk to AWS
+  class Backend
+    class AwsClientApi < AwsBackendBase
+      BackendFactory.set_default_backend(self)
+      self.aws_client_class = Aws::SNS::Client
+
+      def get_topic_attributes(criteria)
+        aws_service_client.get_topic_attributes(criteria)
+      end
+    end
+  end
+end

data/lib/resources/aws/aws_subnet.rb

@@ -1,88 +1,88 @@
-class AwsSubnet < Inspec.resource(1)
-  name 'aws_subnet'
-  desc 'This resource is used to test the attributes of a VPC subnet'
-  example "
-    describe aws_subnet(subnet_id: 'subnet-12345678') do
-      it { should exist }
-      its('cidr_block') { should eq '10.0.1.0/24' }
-    end
-  "
-  supports platform: 'aws'
-
-  include AwsSingularResourceMixin
-  attr_reader :assigning_ipv_6_address_on_creation, :availability_zone, :available_ip_address_count,
-              :available, :cidr_block, :default_for_az, :ipv_6_cidr_block_association_set,
-              :mapping_public_ip_on_launch, :subnet_id, :vpc_id
-  alias available? available
-  alias default_for_az? default_for_az
-  alias mapping_public_ip_on_launch? mapping_public_ip_on_launch
-  alias assigning_ipv_6_address_on_creation? assigning_ipv_6_address_on_creation
-
-  def to_s
-    "VPC Subnet #{@subnet_id}"
-  end
-
-  private
-
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:subnet_id],
-      allowed_scalar_name: :subnet_id,
-      allowed_scalar_type: String,
-    )
-
-    # Make sure the subnet_id parameter was specified and in the correct form.
-    if validated_params.key?(:subnet_id) && validated_params[:subnet_id] !~ /^subnet\-[0-9a-f]{8}/
-      raise ArgumentError, 'aws_subnet Subnet ID must be in the format "subnet-" followed by 8 hexadecimal characters.'
-    end
-
-    if validated_params.empty?
-      raise ArgumentError, 'You must provide a subnet_id to aws_subnet.'
-    end
-
-    validated_params
-  end
-
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-
-    # Transform into filter format expected by AWS
-    filters = []
-    filters.push({ name: 'subnet-id', values: [@subnet_id] })
-    ds_response = backend.describe_subnets(filters: filters)
-
-    # If no subnets exist in the VPC, exist is false.
-    if ds_response.subnets.empty?
-      @exists = false
-      return
-    end
-    @exists = true
-    assign_properties(ds_response)
-  end
-
-  def assign_properties(ds_response)
-    @vpc_id                              = ds_response.subnets[0].vpc_id
-    @subnet_id                           = ds_response.subnets[0].subnet_id
-    @cidr_block                          = ds_response.subnets[0].cidr_block
-    @availability_zone                   = ds_response.subnets[0].availability_zone
-    @available_ip_address_count          = ds_response.subnets[0].available_ip_address_count
-    @default_for_az                      = ds_response.subnets[0].default_for_az
-    @mapping_public_ip_on_launch         = ds_response.subnets[0].map_public_ip_on_launch
-    @available                           = ds_response.subnets[0].state == 'available'
-    @ipv_6_cidr_block_association_set    = ds_response.subnets[0].ipv_6_cidr_block_association_set
-    @assigning_ipv_6_address_on_creation = ds_response.subnets[0].assign_ipv_6_address_on_creation
-  end
-
-  # Uses the SDK API to really talk to AWS
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::EC2::Client
-
-      def describe_subnets(query)
-        aws_service_client.describe_subnets(query)
-      end
-    end
-  end
-end
+class AwsSubnet < Inspec.resource(1)
+  name 'aws_subnet'
+  desc 'This resource is used to test the attributes of a VPC subnet'
+  example "
+    describe aws_subnet(subnet_id: 'subnet-12345678') do
+      it { should exist }
+      its('cidr_block') { should eq '10.0.1.0/24' }
+    end
+  "
+  supports platform: 'aws'
+
+  include AwsSingularResourceMixin
+  attr_reader :assigning_ipv_6_address_on_creation, :availability_zone, :available_ip_address_count,
+              :available, :cidr_block, :default_for_az, :ipv_6_cidr_block_association_set,
+              :mapping_public_ip_on_launch, :subnet_id, :vpc_id
+  alias available? available
+  alias default_for_az? default_for_az
+  alias mapping_public_ip_on_launch? mapping_public_ip_on_launch
+  alias assigning_ipv_6_address_on_creation? assigning_ipv_6_address_on_creation
+
+  def to_s
+    "VPC Subnet #{@subnet_id}"
+  end
+
+  private
+
+  def validate_params(raw_params)
+    validated_params = check_resource_param_names(
+      raw_params: raw_params,
+      allowed_params: [:subnet_id],
+      allowed_scalar_name: :subnet_id,
+      allowed_scalar_type: String,
+    )
+
+    # Make sure the subnet_id parameter was specified and in the correct form.
+    if validated_params.key?(:subnet_id) && validated_params[:subnet_id] !~ /^subnet\-[0-9a-f]{8}/
+      raise ArgumentError, 'aws_subnet Subnet ID must be in the format "subnet-" followed by 8 hexadecimal characters.'
+    end
+
+    if validated_params.empty?
+      raise ArgumentError, 'You must provide a subnet_id to aws_subnet.'
+    end
+
+    validated_params
+  end
+
+  def fetch_from_api
+    backend = BackendFactory.create(inspec_runner)
+
+    # Transform into filter format expected by AWS
+    filters = []
+    filters.push({ name: 'subnet-id', values: [@subnet_id] })
+    ds_response = backend.describe_subnets(filters: filters)
+
+    # If no subnets exist in the VPC, exist is false.
+    if ds_response.subnets.empty?
+      @exists = false
+      return
+    end
+    @exists = true
+    assign_properties(ds_response)
+  end
+
+  def assign_properties(ds_response)
+    @vpc_id                              = ds_response.subnets[0].vpc_id
+    @subnet_id                           = ds_response.subnets[0].subnet_id
+    @cidr_block                          = ds_response.subnets[0].cidr_block
+    @availability_zone                   = ds_response.subnets[0].availability_zone
+    @available_ip_address_count          = ds_response.subnets[0].available_ip_address_count
+    @default_for_az                      = ds_response.subnets[0].default_for_az
+    @mapping_public_ip_on_launch         = ds_response.subnets[0].map_public_ip_on_launch
+    @available                           = ds_response.subnets[0].state == 'available'
+    @ipv_6_cidr_block_association_set    = ds_response.subnets[0].ipv_6_cidr_block_association_set
+    @assigning_ipv_6_address_on_creation = ds_response.subnets[0].assign_ipv_6_address_on_creation
+  end
+
+  # Uses the SDK API to really talk to AWS
+  class Backend
+    class AwsClientApi < AwsBackendBase
+      BackendFactory.set_default_backend(self)
+      self.aws_client_class = Aws::EC2::Client
+
+      def describe_subnets(query)
+        aws_service_client.describe_subnets(query)
+      end
+    end
+  end
+end

data/lib/resources/aws/aws_subnets.rb

@@ -1,53 +1,53 @@
-class AwsSubnets < Inspec.resource(1)
-  name 'aws_subnets'
-  desc 'Verifies settings for VPC Subnets in bulk'
-  example "
-    # you should be able to test the cidr_block of a subnet
-    describe aws_subnets.where(vpc_id: 'vpc-123456789') do
-      its('subnet_ids') { should eq ['subnet-12345678', 'subnet-87654321'] }
-      its('cidr_blocks') { should eq ['172.31.96.0/20'] }
-      its('states') { should_not include 'pending' }
-    end
-  "
-  supports platform: 'aws'
-
-  include AwsPluralResourceMixin
-
-  def validate_params(resource_params)
-    unless resource_params.empty?
-      raise ArgumentError, 'aws_vpc_subnets does not accept resource parameters.'
-    end
-    resource_params
-  end
-
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-    @table = backend.describe_subnets.subnets.map(&:to_h)
-  end
-
-  # Underlying FilterTable implementation.
-  filter = FilterTable.create
-  filter.add_accessor(:where)
-        .add_accessor(:entries)
-        .add(:exists?) { |x| !x.entries.empty? }
-        .add(:vpc_ids, field: :vpc_id)
-        .add(:subnet_ids, field: :subnet_id)
-        .add(:cidr_blocks, field: :cidr_block)
-        .add(:states, field: :state)
-  filter.connect(self, :table)
-
-  def to_s
-    'EC2 VPC Subnets'
-  end
-
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend self
-      self.aws_client_class = Aws::EC2::Client
-
-      def describe_subnets(query = {})
-        aws_service_client.describe_subnets(query)
-      end
-    end
-  end
-end
+class AwsSubnets < Inspec.resource(1)
+  name 'aws_subnets'
+  desc 'Verifies settings for VPC Subnets in bulk'
+  example "
+    # you should be able to test the cidr_block of a subnet
+    describe aws_subnets.where(vpc_id: 'vpc-123456789') do
+      its('subnet_ids') { should eq ['subnet-12345678', 'subnet-87654321'] }
+      its('cidr_blocks') { should eq ['172.31.96.0/20'] }
+      its('states') { should_not include 'pending' }
+    end
+  "
+  supports platform: 'aws'
+
+  include AwsPluralResourceMixin
+
+  def validate_params(resource_params)
+    unless resource_params.empty?
+      raise ArgumentError, 'aws_vpc_subnets does not accept resource parameters.'
+    end
+    resource_params
+  end
+
+  def fetch_from_api
+    backend = BackendFactory.create(inspec_runner)
+    @table = backend.describe_subnets.subnets.map(&:to_h)
+  end
+
+  # Underlying FilterTable implementation.
+  filter = FilterTable.create
+  filter.add_accessor(:where)
+        .add_accessor(:entries)
+        .add(:exists?) { |x| !x.entries.empty? }
+        .add(:vpc_ids, field: :vpc_id)
+        .add(:subnet_ids, field: :subnet_id)
+        .add(:cidr_blocks, field: :cidr_block)
+        .add(:states, field: :state)
+  filter.connect(self, :table)
+
+  def to_s
+    'EC2 VPC Subnets'
+  end
+
+  class Backend
+    class AwsClientApi < AwsBackendBase
+      BackendFactory.set_default_backend self
+      self.aws_client_class = Aws::EC2::Client
+
+      def describe_subnets(query = {})
+        aws_service_client.describe_subnets(query)
+      end
+    end
+  end
+end