RubyGems - inspec - Versions diffs - 4.56.19 → 5.12.2 - Mend

inspec 4.56.19 → 5.12.2

Files changed (70) hide show

checksums.yaml +4 -4
data/inspec.gemspec +4 -1
data/lib/plugins/inspec-artifact/inspec-artifact.gemspec +9 -0
data/lib/plugins/inspec-compliance/inspec-compliance.gemspec +9 -0
data/lib/plugins/inspec-habitat/inspec-habitat.gemspec +9 -0
data/lib/plugins/inspec-init/inspec-init.gemspec +9 -0
data/lib/plugins/inspec-init/templates/profiles/aws/inspec.yml +1 -1
data/lib/plugins/inspec-plugin-manager-cli/inspec-plugin-manager-cli.gemspec +10 -0
data/lib/plugins/inspec-reporter-html2/inspec-reporter-html2.gemspec +9 -0
data/lib/plugins/inspec-reporter-json-min/inspec-reporter-json-min.gemspec +9 -0
data/lib/plugins/inspec-reporter-junit/inspec-reporter-junit.gemspec +9 -0
data/lib/plugins/inspec-streaming-reporter-progress-bar/inspec-streaming-reporter-progress-bar.gemspec +9 -0
metadata +28 -62
data/lib/resource_support/aws/aws_backend_base.rb +0 -12
data/lib/resource_support/aws/aws_backend_factory_mixin.rb +0 -12
data/lib/resource_support/aws/aws_plural_resource_mixin.rb +0 -24
data/lib/resource_support/aws/aws_resource_mixin.rb +0 -69
data/lib/resource_support/aws/aws_singular_resource_mixin.rb +0 -27
data/lib/resource_support/aws.rb +0 -76
data/lib/resources/aws/aws_billing_report.rb +0 -105
data/lib/resources/aws/aws_billing_reports.rb +0 -74
data/lib/resources/aws/aws_cloudtrail_trail.rb +0 -97
data/lib/resources/aws/aws_cloudtrail_trails.rb +0 -51
data/lib/resources/aws/aws_cloudwatch_alarm.rb +0 -67
data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +0 -105
data/lib/resources/aws/aws_config_delivery_channel.rb +0 -74
data/lib/resources/aws/aws_config_recorder.rb +0 -99
data/lib/resources/aws/aws_ebs_volume.rb +0 -127
data/lib/resources/aws/aws_ebs_volumes.rb +0 -69
data/lib/resources/aws/aws_ec2_instance.rb +0 -162
data/lib/resources/aws/aws_ec2_instances.rb +0 -69
data/lib/resources/aws/aws_ecs_cluster.rb +0 -87
data/lib/resources/aws/aws_eks_cluster.rb +0 -105
data/lib/resources/aws/aws_elb.rb +0 -85
data/lib/resources/aws/aws_elbs.rb +0 -84
data/lib/resources/aws/aws_flow_log.rb +0 -106
data/lib/resources/aws/aws_iam_access_key.rb +0 -112
data/lib/resources/aws/aws_iam_access_keys.rb +0 -153
data/lib/resources/aws/aws_iam_group.rb +0 -62
data/lib/resources/aws/aws_iam_groups.rb +0 -56
data/lib/resources/aws/aws_iam_password_policy.rb +0 -121
data/lib/resources/aws/aws_iam_policies.rb +0 -57
data/lib/resources/aws/aws_iam_policy.rb +0 -311
data/lib/resources/aws/aws_iam_role.rb +0 -60
data/lib/resources/aws/aws_iam_root_user.rb +0 -82
data/lib/resources/aws/aws_iam_user.rb +0 -145
data/lib/resources/aws/aws_iam_users.rb +0 -160
data/lib/resources/aws/aws_kms_key.rb +0 -100
data/lib/resources/aws/aws_kms_keys.rb +0 -58
data/lib/resources/aws/aws_rds_instance.rb +0 -74
data/lib/resources/aws/aws_route_table.rb +0 -67
data/lib/resources/aws/aws_route_tables.rb +0 -64
data/lib/resources/aws/aws_s3_bucket.rb +0 -141
data/lib/resources/aws/aws_s3_bucket_object.rb +0 -87
data/lib/resources/aws/aws_s3_buckets.rb +0 -52
data/lib/resources/aws/aws_security_group.rb +0 -314
data/lib/resources/aws/aws_security_groups.rb +0 -71
data/lib/resources/aws/aws_sns_subscription.rb +0 -82
data/lib/resources/aws/aws_sns_topic.rb +0 -57
data/lib/resources/aws/aws_sns_topics.rb +0 -60
data/lib/resources/aws/aws_sqs_queue.rb +0 -66
data/lib/resources/aws/aws_subnet.rb +0 -92
data/lib/resources/aws/aws_subnets.rb +0 -56
data/lib/resources/aws/aws_vpc.rb +0 -77
data/lib/resources/aws/aws_vpcs.rb +0 -55
data/lib/resources/azure/azure_backend.rb +0 -379
data/lib/resources/azure/azure_generic_resource.rb +0 -55
data/lib/resources/azure/azure_resource_group.rb +0 -151
data/lib/resources/azure/azure_virtual_machine.rb +0 -262
data/lib/resources/azure/azure_virtual_machine_data_disk.rb +0 -131

data/lib/resources/aws/aws_billing_reports.rb DELETED Viewed

@@ -1,74 +0,0 @@
-require "inspec/utils/filter"
-require "resource_support/aws/aws_plural_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-costandusagereportservice"
-class AwsBillingReports < Inspec.resource(1)
-  name "aws_billing_reports"
-  supports platform: "aws"
-  desc "Verifies settings for AWS Cost and Billing Reports."
-  example <<~EXAMPLE
-    describe aws_billing_reports do
-      its('report_names') { should include 'inspec1' }
-      its('s3_buckets') { should include 'inspec1-s3-bucket' }
-    end
-    describe aws_billing_reports.where { report_name =~ /inspec.*/ } do
-      its ('report_names') { should include ['inspec1'] }
-      its ('time_units') { should include ['DAILY'] }
-      its ('s3_buckets') { should include ['inspec1-s3-bucket'] }
-    end
-  EXAMPLE
-  include AwsPluralResourceMixin
-  filtertable = FilterTable.create
-  filtertable.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-    .register_column(:report_names, field: :report_name)
-    .register_column(:time_units, field: :time_unit, style: :simple)
-    .register_column(:formats, field: :format, style: :simple)
-    .register_column(:compressions, field: :compression, style: :simple)
-    .register_column(:s3_buckets, field: :s3_bucket, style: :simple)
-    .register_column(:s3_prefixes, field: :s3_prefix, style: :simple)
-    .register_column(:s3_regions, field: :s3_region, style: :simple)
-  filtertable.install_filter_methods_on_resource(self, :table)
-  def validate_params(resource_params)
-    unless resource_params.empty?
-      raise ArgumentError, "aws_billing_reports does not accept resource parameters."
-    end
-    resource_params
-  end
-  def to_s
-    "AWS Billing Reports"
-  end
-  def fetch_from_api
-    @table = []
-    pagination_opts = {}
-    backend = BackendFactory.create(inspec_runner)
-    loop do
-      api_result = backend.describe_report_definitions(pagination_opts)
-      api_result.report_definitions.each do |raw_report|
-        report = raw_report.to_h
-        %i{time_unit compression}.each { |field| report[field].downcase! }
-        @table << report
-      end
-      pagination_opts = { next_token: api_result.next_token }
-      break unless api_result.next_token
-    end
-  end
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsBillingReports::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CostandUsageReportService::Client
-      def describe_report_definitions(options = {})
-        aws_service_client.describe_report_definitions(options)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_cloudtrail_trail.rb DELETED Viewed

@@ -1,97 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-cloudtrail"
-class AwsCloudTrailTrail < Inspec.resource(1)
-  name "aws_cloudtrail_trail"
-  desc "Verifies settings for an individual AWS CloudTrail Trail"
-  example <<~EXAMPLE
-    describe aws_cloudtrail_trail('trail-name') do
-      it { should exist }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  include AwsSingularResourceMixin
-  attr_reader :cloud_watch_logs_log_group_arn, :cloud_watch_logs_role_arn, :home_region,
-              :kms_key_id, :s3_bucket_name, :trail_arn
-  def to_s
-    "CloudTrail #{@trail_name}"
-  end
-  def multi_region_trail?
-    @is_multi_region_trail
-  end
-  def log_file_validation_enabled?
-    @log_file_validation_enabled
-  end
-  def encrypted?
-    !kms_key_id.nil?
-  end
-  def delivered_logs_days_ago
-    query = { name: @trail_name }
-    catch_aws_errors do
-      resp = BackendFactory.create(inspec_runner).get_trail_status(query).to_h
-      ((Time.now - resp[:latest_cloud_watch_logs_delivery_time]) / (24 * 60 * 60)).to_i unless resp[:latest_cloud_watch_logs_delivery_time].nil?
-    rescue Aws::CloudTrail::Errors::TrailNotFoundException
-      nil
-    end
-  end
-  private
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:trail_name],
-      allowed_scalar_name: :trail_name,
-      allowed_scalar_type: String
-    )
-    if validated_params.empty?
-      raise ArgumentError, "You must provide the parameter 'trail_name' to aws_cloudtrail_trail."
-    end
-    validated_params
-  end
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-    query = { trail_name_list: [@trail_name] }
-    resp = backend.describe_trails(query)
-    @trail = resp.trail_list[0].to_h
-    @exists = !@trail.empty?
-    @s3_bucket_name = @trail[:s3_bucket_name]
-    @is_multi_region_trail = @trail[:is_multi_region_trail]
-    @trail_arn = @trail[:trail_arn]
-    @log_file_validation_enabled = @trail[:log_file_validation_enabled]
-    @cloud_watch_logs_role_arn = @trail[:cloud_watch_logs_role_arn]
-    @cloud_watch_logs_log_group_arn = @trail[:cloud_watch_logs_log_group_arn]
-    @kms_key_id = @trail[:kms_key_id]
-    @home_region = @trail[:home_region]
-  end
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsCloudTrailTrail::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CloudTrail::Client
-      def describe_trails(query)
-        aws_service_client.describe_trails(query)
-      end
-      def get_trail_status(query)
-        aws_service_client.get_trail_status(query)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_cloudtrail_trails.rb DELETED Viewed

@@ -1,51 +0,0 @@
-require "resource_support/aws/aws_plural_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-cloudtrail"
-class AwsCloudTrailTrails < Inspec.resource(1)
-  name "aws_cloudtrail_trails"
-  desc "Verifies settings for AWS CloudTrail Trails in bulk"
-  example <<~EXAMPLE
-    describe aws_cloudtrail_trails do
-      it { should exist }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  include AwsPluralResourceMixin
-  def validate_params(resource_params)
-    unless resource_params.empty?
-      raise ArgumentError, "aws_cloudtrail_trails does not accept resource parameters."
-    end
-    resource_params
-  end
-  # Underlying FilterTable implementation.
-  filter = FilterTable.create
-  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-  filter.register_column(:trail_arns, field: :trail_arn)
-  filter.register_column(:names, field: :name)
-  filter.install_filter_methods_on_resource(self, :table)
-  def to_s
-    "CloudTrail Trails"
-  end
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-    @table = backend.describe_trails({}).to_h[:trail_list]
-  end
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsCloudTrailTrails::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CloudTrail::Client
-      def describe_trails(query)
-        aws_service_client.describe_trails(query)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_cloudwatch_alarm.rb DELETED Viewed

@@ -1,67 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-cloudwatch"
-class AwsCloudwatchAlarm < Inspec.resource(1)
-  name "aws_cloudwatch_alarm"
-  desc <<~EXAMPLE
-    # Look for a specific alarm
-    aws_cloudwatch_alarm(
-      metric_name: 'my-metric-name',
-      metric_namespace: 'my-metric-namespace',
-    ) do
-      it { should exist }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  include AwsSingularResourceMixin
-  attr_reader :alarm_actions, :alarm_name, :metric_name, :metric_namespace
-  private
-  def validate_params(raw_params)
-    recognized_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: %i{metric_name metric_namespace}
-    )
-    validated_params = {}
-    # Currently you must specify exactly metric_name and metric_namespace
-    %i{metric_name metric_namespace}.each do |param|
-      raise ArgumentError, "Missing resource param #{param}" unless recognized_params.key?(param)
-      validated_params[param] = recognized_params.delete(param)
-    end
-    validated_params
-  end
-  def fetch_from_api
-    aws_alarms = BackendFactory.create(inspec_runner).describe_alarms_for_metric(
-      metric_name: @metric_name,
-      namespace: @metric_namespace
-    )
-    if aws_alarms.metric_alarms.empty?
-      @exists = false
-    elsif aws_alarms.metric_alarms.count > 1
-      alarms = aws_alarms.metric_alarms.map(&:alarm_name)
-      raise "More than one Cloudwatch Alarm was matched. Try using " \
-        "more specific resource parameters. Alarms matched: #{alarms.join(", ")}"
-    else
-      @alarm_actions = aws_alarms.metric_alarms.first.alarm_actions
-      @alarm_name = aws_alarms.metric_alarms.first.alarm_name
-      @exists = true
-    end
-  end
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsCloudwatchAlarm::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CloudWatch::Client
-      def describe_alarms_for_metric(query)
-        aws_service_client.describe_alarms_for_metric(query)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb DELETED Viewed

@@ -1,105 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-cloudwatchlogs"
-class AwsCloudwatchLogMetricFilter < Inspec.resource(1)
-  name "aws_cloudwatch_log_metric_filter"
-  desc "Verifies individual Cloudwatch Log Metric Filters"
-  example <<~EXAMPLE
-    # Look for a LMF by its filter name and log group name.  This combination
-    # will always either find at most one LMF - no duplicates.
-    describe aws_cloudwatch_log_metric_filter(
-      filter_name: 'my-filter',
-      log_group_name: 'my-log-group'
-    ) do
-      it { should exist }
-    end
-    # Search for an LMF by pattern and log group.
-    # This could result in an error if the results are not unique.
-    describe aws_cloudwatch_log_metric_filter(
-      log_group_name:  'my-log-group',
-      pattern: 'my-filter'
-    ) do
-      it { should exist }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  include AwsSingularResourceMixin
-  attr_reader :filter_name, :log_group_name, :metric_name, :metric_namespace, :pattern
-  private
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: %i{filter_name log_group_name pattern}
-    )
-    if validated_params.empty?
-      raise ArgumentError, "You must provide either filter_name, log_group, or pattern to aws_cloudwatch_log_metric_filter."
-    end
-    validated_params
-  end
-  def fetch_from_api
-    # get a backend
-    backend = BackendFactory.create(inspec_runner)
-    # Perform query with remote filtering
-    aws_search_criteria = {}
-    aws_search_criteria[:filter_name] = filter_name if filter_name
-    aws_search_criteria[:log_group_name] = log_group_name if log_group_name
-    begin
-      aws_results = backend.describe_metric_filters(aws_search_criteria)
-    rescue Aws::CloudWatchLogs::Errors::ResourceNotFoundException
-      @exists = false
-      return
-    end
-    # Then perform local filtering
-    if pattern
-      aws_results.select! { |lmf| lmf.filter_pattern == pattern }
-    end
-    # Check result count.  We're a singular resource and can tolerate
-    # 0 or 1 results, not multiple.
-    if aws_results.count > 1
-      raise "More than one result was returned, but aws_cloudwatch_log_metric_filter "\
-            "can only handle a single AWS resource.  Consider passing more resource "\
-            "parameters to narrow down the search."
-    elsif aws_results.empty?
-      @exists = false
-    else
-      @exists = true
-      # Unpack the funny-shaped object we got back from AWS into our instance vars
-      lmf = aws_results.first
-      @filter_name = lmf.filter_name
-      @log_group_name = lmf.log_group_name
-      @pattern = lmf.filter_pattern # Note inconsistent name
-      # AWS SDK returns an array of metric transformations
-      # but only allows one (mandatory) entry, let's flatten that
-      @metric_name = lmf.metric_transformations.first.metric_name
-      @metric_namespace = lmf.metric_transformations.first.metric_namespace
-    end
-  end
-  class Backend
-    # Uses the cloudwatch API to really talk to AWS
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CloudWatchLogs::Client
-      def describe_metric_filters(criteria)
-        query = {}
-        query[:filter_name_prefix] = criteria[:filter_name] if criteria[:filter_name]
-        query[:log_group_name] = criteria[:log_group_name] if criteria[:log_group_name]
-        # 'pattern' is not available as a remote filter,
-        # we filter it after the fact locally
-        # TODO: handle pagination?  Max 50/page.  Maybe you want a plural resource?
-        aws_response = aws_service_client.describe_metric_filters(query)
-        aws_response.metric_filters
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_config_delivery_channel.rb DELETED Viewed

@@ -1,74 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-configservice"
-class AwsConfigDeliveryChannel < Inspec.resource(1)
-  name "aws_config_delivery_channel"
-  desc "Verifies settings for AWS Config Delivery Channel"
-  example <<~EXAMPLE
-    describe aws_config_delivery_channel do
-      it { should exist }
-      its('s3_bucket_name') { should eq 'my_bucket' }
-      its('sns_topic_arn') { should eq arn:aws:sns:us-east-1:721741954427:sns_topic' }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  include AwsSingularResourceMixin
-  attr_reader :channel_name, :s3_bucket_name, :s3_key_prefix, :sns_topic_arn,
-              :delivery_frequency_in_hours
-  def to_s
-    "Config_Delivery_Channel: #{@channel_name}"
-  end
-  private
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:channel_name],
-      allowed_scalar_name: :channel_name,
-      allowed_scalar_type: String
-    )
-    validated_params
-  end
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-    query = @channel_name ? { delivery_channel_names: [@channel_name] } : {}
-    response = backend.describe_delivery_channels(query)
-    @exists = !response.delivery_channels.empty?
-    return unless exists?
-    channel = response.delivery_channels.first.to_h
-    @channel_name = channel[:name]
-    @s3_bucket_name = channel[:s3_bucket_name]
-    @s3_key_prefix = channel[:s3_key_prefix]
-    @sns_topic_arn = channel[:sns_topic_arn]
-    @delivery_frequency_in_hours = channel.dig(:config_snapshot_delivery_properties, :delivery_frequency)
-    frequencies = {
-      "One_Hour" => 1,
-      "TwentyFour_Hours" => 24,
-      "Three_Hours" => 3,
-      "Six_Hours" => 6,
-      "Twelve_Hours" => 12,
-    }
-    @delivery_frequency_in_hours = frequencies[@delivery_frequency_in_hours]
-  rescue Aws::ConfigService::Errors::NoSuchDeliveryChannelException
-    @exists = false
-  end
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::ConfigService::Client
-      def describe_delivery_channels(query = {})
-        aws_service_client.describe_delivery_channels(query)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_config_recorder.rb DELETED Viewed

@@ -1,99 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-configservice"
-class AwsConfigurationRecorder < Inspec.resource(1)
-  name "aws_config_recorder"
-  desc "Verifies settings for AWS Configuration Recorder"
-  example <<~EXAMPLE
-    describe aws_config_recorder('My_Recorder') do
-      it { should exist }
-      it { should be_recording }
-      it { should be_all_supported }
-      it { should have_include_global_resource_types }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  include AwsSingularResourceMixin
-  attr_reader :role_arn, :resource_types, :recorder_name
-  def to_s
-    "Configuration_Recorder: #{@recorder_name}"
-  end
-  def recording_all_resource_types?
-    @recording_all_resource_types
-  end
-  def recording_all_global_types?
-    @recording_all_global_types
-  end
-  def status
-    return {} unless @exists
-    backend = BackendFactory.create(inspec_runner)
-    catch_aws_errors do
-      response = backend.describe_configuration_recorder_status(configuration_recorder_names: [@recorder_name])
-      @status = response.configuration_recorders_status.first.to_h
-    end
-  end
-  def recording?
-    return unless @exists
-    status[:recording]
-  end
-  private
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:recorder_name],
-      allowed_scalar_name: :recorder_name,
-      allowed_scalar_type: String
-    )
-    validated_params
-  end
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-    query = @recorder_name ? { configuration_recorder_names: [@recorder_name] } : {}
-    response = backend.describe_configuration_recorders(query)
-    @exists = !response.configuration_recorders.empty?
-    return unless exists?
-    if response.configuration_recorders.count > 1
-      raise ArgumentError, "Internal error: unexpectedly received multiple AWS Config Recorder objects from API; expected to be singleton per-region.  Please file a bug report at https://github.com/chef/inspec/issues ."
-    end
-    recorder = response.configuration_recorders.first.to_h
-    @recorder_name = recorder[:name]
-    @role_arn = recorder[:role_arn]
-    @recording_all_resource_types = recorder[:recording_group][:all_supported]
-    @recording_all_global_types = recorder[:recording_group][:include_global_resource_types]
-    @resource_types = recorder[:recording_group][:resource_types]
-  rescue Aws::ConfigService::Errors::NoSuchConfigurationRecorderException
-    @exists = false
-    nil
-  end
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::ConfigService::Client
-      def describe_configuration_recorders(query)
-        aws_service_client.describe_configuration_recorders(query)
-      end
-      def describe_configuration_recorder_status(query)
-        aws_service_client.describe_configuration_recorder_status(query)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_ebs_volume.rb DELETED Viewed

@@ -1,127 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-ec2"
-class AwsEbsVolume < Inspec.resource(1)
-  name "aws_ebs_volume"
-  desc "Verifies settings for an EBS volume"
-  example <<~EXAMPLE
-    describe aws_ebs_volume('vol-123456') do
-      it { should be_encrypted }
-      its('size') { should cmp 8 }
-    end
-    describe aws_ebs_volume(name: 'my-volume') do
-      its('encrypted') { should eq true }
-      its('iops') { should cmp 100 }
-    end
-  EXAMPLE
-  supports platform: "aws"
-  # TODO: rewrite to avoid direct injection, match other resources, use AwsSingularResourceMixin
-  def initialize(opts, conn = nil)
-    @opts = opts
-    @display_name = opts.is_a?(Hash) ? @opts[:name] : opts
-    @ec2_client = conn ? conn.ec2_client : inspec_runner.backend.aws_client(Aws::EC2::Client)
-    @ec2_resource = conn ? conn.ec2_resource : inspec_runner.backend.aws_resource(Aws::EC2::Resource, {})
-  end
-  # TODO: DRY up, see https://github.com/chef/inspec/issues/2633
-  # Copied from resource_support/aws/aws_resource_mixin.rb
-  def catch_aws_errors
-    yield
-  rescue Aws::Errors::MissingCredentialsError
-    # The AWS error here is unhelpful:
-    # "unable to sign request without credentials set"
-    Inspec::Log.error "It appears that you have not set your AWS credentials. You may set them using environment variables, or using the 'aws://region/aws_credentials_profile' target. See https://docs.chef.io/inspec/platforms/ for details."
-    fail_resource("No AWS credentials available")
-  rescue Aws::Errors::ServiceError => e
-    fail_resource(e.message)
-  end
-  # TODO: DRY up, see https://github.com/chef/inspec/issues/2633
-  # Copied from resource_support/aws/aws_singular_resource_mixin.rb
-  def inspec_runner
-    # When running under inspec-cli, we have an 'inspec' method that
-    # returns the runner. When running under unit tests, we don't
-    # have that, but we still have to call this to pass something
-    # (nil is OK) to the backend.
-    # TODO: remove with https://github.com/chef/inspec-aws/issues/216
-    # TODO: remove after rewrite to include AwsSingularResource
-    inspec if respond_to?(:inspec)
-  end
-  def id
-    return @volume_id if defined?(@volume_id)
-    catch_aws_errors do
-      if @opts.is_a?(Hash)
-        first = @ec2_resource.volumes(
-          {
-            filters: [{
-              name: "tag:Name",
-              values: [@opts[:name]],
-            }],
-          }
-        ).first
-        # catch case where the volume is not known
-        @volume_id = first.id unless first.nil?
-      else
-        @volume_id = @opts
-      end
-    end
-  end
-  alias volume_id id
-  def exists?
-    !volume.nil?
-  end
-  def encrypted?
-    volume.encrypted
-  end
-  # attributes that we want to expose
-  %w{
-    availability_zone encrypted iops kms_key_id size snapshot_id state volume_type
-  }.each do |attribute|
-    define_method attribute do
-      catch_aws_errors do
-        volume.send(attribute) if volume
-      end
-    end
-  end
-  # Don't document this - it's a bit hard to use.  Our current doctrine
-  # is to use dumb things, like arrays of strings - use security_group_ids instead.
-  def security_groups
-    catch_aws_errors do
-      @security_groups ||= volume.security_groups.map do |sg|
-        { id: sg.group_id, name: sg.group_name }
-      end
-    end
-  end
-  def security_group_ids
-    catch_aws_errors do
-      @security_group_ids ||= volume.security_groups.map(&:group_id)
-    end
-  end
-  def tags
-    catch_aws_errors do
-      @tags ||= volume.tags.map { |tag| { key: tag.key, value: tag.value } }
-    end
-  end
-  def to_s
-    "EBS Volume #{@display_name}"
-  end
-  private
-  def volume
-    catch_aws_errors { @volume ||= @ec2_resource.volume(id) }
-  end
-end