inspec 4.56.19 → 5.7.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bf8b1bf89a3cef88568c705289f9771437f432f2607db1ca3ed31af7859326ee
-  data.tar.gz: a779ebc5a246436ab4351f61de840e7d64595f9900af778971ef4e5872fe9ff6
+  metadata.gz: a30df9c0391282f1af069e5ab333a3ddc86d22a12bedea87fb876a9c4f3f4c5c
+  data.tar.gz: f9fd2d8abe6e68c323bfdabb1e0f3667fe7ff74891f05073804dbc7f40f72b22
 SHA512:
-  metadata.gz: ea93608dd97aecc852c20110a414e11609f180ab18d27826eeaba25f706f56b51c2e49d397c1c2e77394f50281016865382f05f2c141a51a9e242c0758ce5409
-  data.tar.gz: 18e76d65325db439c4431312487d3bc5336a1e59c8fa0a8e2b0d51bca80811deb43a1b7eec52d6489275eadd3b16977daec5aebc40d74c4965b6040e14a801ca
+  metadata.gz: 618cfe6a3a0ba579def0ee22ec8da35240b25178c85f84dcdfcce4a44a29406a063be12eb692b99b9861d8b3bf9e848a57cefc50174b755bde5460fdceff654d
+  data.tar.gz: a7814c7ea180a55c83521d998fdc5bd6678c48cd4b810c8eabcab14f4c035f1942853070f32016702fba4a76aa3ea1cdd12e426e8fdea4a08bff9ed976550248

data/inspec.gemspec

@@ -13,7 +13,7 @@ Gem::Specification.new do |spec|
   spec.license       = "Apache-2.0"
   spec.require_paths = ["lib"]
 
-  spec.required_ruby_version = ">= 2.6"
+  spec.required_ruby_version = ">= 2.7"
 
   # ONLY the aws/azure/gcp files. The rest will come in from inspec-core
   # the gemspec is necessary for appbundler so don't remove it
@@ -31,6 +31,9 @@ Gem::Specification.new do |spec|
   spec.add_dependency "cookstyle"
   spec.add_dependency "rake"
 
+  # progress bar streaming reporter plugin support
+  spec.add_dependency "progress_bar", "~> 1.3.3"
+
   # Used for Azure profile until integrated into train
   spec.add_dependency "faraday_middleware", ">= 0.12.2", "< 1.1"
 

data/lib/plugins/inspec-init/templates/profiles/aws/inspec.yml

@@ -6,7 +6,7 @@ copyright_email: you@example.com
 license: Apache-2.0
 summary: An InSpec Compliance Profile For AWS
 version: 0.1.0
-inspec_version: '~> 4'
+inspec_version: '~> 5'
 inputs:
 - name: aws_vpc_id
   required: false

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 4.56.19
+  version: 5.7.9
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-03-23 00:00:00.000000000 Z
+date: 2022-03-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inspec-core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.56.19
+        version: 5.7.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.56.19
+        version: 5.7.9
 - !ruby/object:Gem::Dependency
   name: train
   requirement: !ruby/object:Gem::Requirement
@@ -66,6 +66,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: progress_bar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.3.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.3.3
 - !ruby/object:Gem::Dependency
   name: faraday_middleware
   requirement: !ruby/object:Gem::Requirement
@@ -167,63 +181,6 @@ files:
 - lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb
 - lib/plugins/inspec-init/templates/profiles/gcp/inputs.yml
 - lib/plugins/inspec-init/templates/profiles/gcp/inspec.yml
-- lib/resource_support/aws.rb
-- lib/resource_support/aws/aws_backend_base.rb
-- lib/resource_support/aws/aws_backend_factory_mixin.rb
-- lib/resource_support/aws/aws_plural_resource_mixin.rb
-- lib/resource_support/aws/aws_resource_mixin.rb
-- lib/resource_support/aws/aws_singular_resource_mixin.rb
-- lib/resources/aws/aws_billing_report.rb
-- lib/resources/aws/aws_billing_reports.rb
-- lib/resources/aws/aws_cloudtrail_trail.rb
-- lib/resources/aws/aws_cloudtrail_trails.rb
-- lib/resources/aws/aws_cloudwatch_alarm.rb
-- lib/resources/aws/aws_cloudwatch_log_metric_filter.rb
-- lib/resources/aws/aws_config_delivery_channel.rb
-- lib/resources/aws/aws_config_recorder.rb
-- lib/resources/aws/aws_ebs_volume.rb
-- lib/resources/aws/aws_ebs_volumes.rb
-- lib/resources/aws/aws_ec2_instance.rb
-- lib/resources/aws/aws_ec2_instances.rb
-- lib/resources/aws/aws_ecs_cluster.rb
-- lib/resources/aws/aws_eks_cluster.rb
-- lib/resources/aws/aws_elb.rb
-- lib/resources/aws/aws_elbs.rb
-- lib/resources/aws/aws_flow_log.rb
-- lib/resources/aws/aws_iam_access_key.rb
-- lib/resources/aws/aws_iam_access_keys.rb
-- lib/resources/aws/aws_iam_group.rb
-- lib/resources/aws/aws_iam_groups.rb
-- lib/resources/aws/aws_iam_password_policy.rb
-- lib/resources/aws/aws_iam_policies.rb
-- lib/resources/aws/aws_iam_policy.rb
-- lib/resources/aws/aws_iam_role.rb
-- lib/resources/aws/aws_iam_root_user.rb
-- lib/resources/aws/aws_iam_user.rb
-- lib/resources/aws/aws_iam_users.rb
-- lib/resources/aws/aws_kms_key.rb
-- lib/resources/aws/aws_kms_keys.rb
-- lib/resources/aws/aws_rds_instance.rb
-- lib/resources/aws/aws_route_table.rb
-- lib/resources/aws/aws_route_tables.rb
-- lib/resources/aws/aws_s3_bucket.rb
-- lib/resources/aws/aws_s3_bucket_object.rb
-- lib/resources/aws/aws_s3_buckets.rb
-- lib/resources/aws/aws_security_group.rb
-- lib/resources/aws/aws_security_groups.rb
-- lib/resources/aws/aws_sns_subscription.rb
-- lib/resources/aws/aws_sns_topic.rb
-- lib/resources/aws/aws_sns_topics.rb
-- lib/resources/aws/aws_sqs_queue.rb
-- lib/resources/aws/aws_subnet.rb
-- lib/resources/aws/aws_subnets.rb
-- lib/resources/aws/aws_vpc.rb
-- lib/resources/aws/aws_vpcs.rb
-- lib/resources/azure/azure_backend.rb
-- lib/resources/azure/azure_generic_resource.rb
-- lib/resources/azure/azure_resource_group.rb
-- lib/resources/azure/azure_virtual_machine.rb
-- lib/resources/azure/azure_virtual_machine_data_disk.rb
 homepage: https://github.com/inspec/inspec
 licenses:
 - Apache-2.0
@@ -236,7 +193,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.6'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/lib/resource_support/aws/aws_backend_base.rb

@@ -1,12 +0,0 @@
-class AwsBackendBase
-  attr_reader :aws_transport
-  class << self; attr_accessor :aws_client_class end
-
-  def initialize(inspec = nil)
-    @aws_transport = inspec ? inspec.backend : nil
-  end
-
-  def aws_service_client
-    aws_transport.aws_client(self.class.aws_client_class)
-  end
-end

data/lib/resource_support/aws/aws_backend_factory_mixin.rb

@@ -1,12 +0,0 @@
-# Intended to be pulled in via extend, not include
-module AwsBackendFactoryMixin
-  def create(inspec)
-    @selected_backend.new(inspec)
-  end
-
-  def select(klass)
-    @selected_backend = klass
-  end
-
-  alias set_default_backend select
-end

data/lib/resource_support/aws/aws_plural_resource_mixin.rb

@@ -1,24 +0,0 @@
-require "resource_support/aws/aws_resource_mixin"
-require "resource_support/aws/aws_backend_factory_mixin"
-
-module AwsPluralResourceMixin
-  include AwsResourceMixin
-  attr_reader :table
-
-  # This sets up a class, AwsSomeResource::BackendFactory, that
-  # provides a mechanism to create and use backends without
-  # having to know which is selected.  This is mainly used for
-  # unit testing.
-  # TODO: DRY up.  This code exists in both the Singular and Plural mixins.
-  # We'd like to put it in AwsResourceMixin, but included only sees the
-  # directly-including class - we can't see second-order includers.
-  def self.included(base)
-    # Create a new class, whose body is simply to extend the
-    # backend factory mixin
-    resource_backend_factory_class = Class.new(Object) do
-      extend AwsBackendFactoryMixin
-    end
-    # Name that class
-    base.const_set("BackendFactory", resource_backend_factory_class)
-  end
-end

data/lib/resource_support/aws/aws_resource_mixin.rb

@@ -1,69 +0,0 @@
-module AwsResourceMixin
-  def initialize(resource_params = {})
-    Inspec.deprecate(:aws_resources_in_resource_pack,
-                     "Resource '#{@__resource_name__ ||= self.class.to_s}'")
-    validate_params(resource_params).each do |param, value|
-      instance_variable_set(:"@#{param}", value)
-    end
-    catch_aws_errors do
-      fetch_from_api
-    end
-  rescue ArgumentError => e
-    # continue with ArgumentError if testing
-    raise unless respond_to?(:inspec) && inspec
-
-    raise Inspec::Exceptions::ResourceFailed, e.message
-  end
-
-  # Default implementation of validate params accepts everything.
-  def validate_params(resource_params)
-    resource_params
-  end
-
-  def check_resource_param_names(raw_params: {}, allowed_params: [], allowed_scalar_name: nil, allowed_scalar_type: nil)
-    # Some resources allow passing in a single ID value.  Check and convert to hash if so.
-    if allowed_scalar_name && !raw_params.is_a?(Hash)
-      value_seen = raw_params
-      if value_seen.is_a?(allowed_scalar_type)
-        raw_params = { allowed_scalar_name => value_seen }
-      else
-        raise ArgumentError, "If you pass a single value to the resource, it must " \
-                             "be a #{allowed_scalar_type}, not an #{value_seen.class}."
-      end
-    end
-
-    # Remove all expected params from the raw param hash
-    recognized_params = {}
-    allowed_params.each do |expected_param|
-      recognized_params[expected_param] = raw_params.delete(expected_param) if raw_params.key?(expected_param)
-    end
-
-    # Any leftovers are unwelcome
-    unless raw_params.empty?
-      raise ArgumentError, "Unrecognized resource param '#{raw_params.keys.first}'. Expected parameters: #{allowed_params.join(", ")}"
-    end
-
-    recognized_params
-  end
-
-  def inspec_runner
-    # When running under inspec-cli, we have an 'inspec' method that
-    # returns the runner. When running under unit tests, we don't
-    # have that, but we still have to call this to pass something
-    # (nil is OK) to the backend.
-    # TODO: remove with https://github.com/chef/inspec-aws/issues/216
-    inspec if respond_to?(:inspec)
-  end
-
-  # Intercept AWS exceptions
-  def catch_aws_errors
-    yield
-  rescue Aws::Errors::MissingCredentialsError
-    # The AWS error here is unhelpful:
-    # "unable to sign request without credentials set"
-    Inspec::Log.error "It appears that you have not set your AWS credentials.  You may set them using environment variables, or using the 'aws://region/aws_credentials_profile' target.  See https://docs.chef.io/inspec/platforms/ for details."
-    fail_resource("No AWS credentials available")
-  rescue Aws::Errors::ServiceError => e
-    fail_resource e.message
-  end
-end

data/lib/resource_support/aws/aws_singular_resource_mixin.rb

@@ -1,27 +0,0 @@
-require "resource_support/aws/aws_resource_mixin"
-require "resource_support/aws/aws_backend_factory_mixin"
-
-module AwsSingularResourceMixin
-  include AwsResourceMixin
-
-  def exists?
-    @exists
-  end
-
-  # This sets up a class, AwsSomeResource::BackendFactory, that
-  # provides a mechanism to create and use backends without
-  # having to know which is selected.  This is mainly used for
-  # unit testing.
-  # TODO: DRY up.  This code exists in both the Singular and Plural mixins.
-  # We'd like to put it in AwsResourceMixin, but included only sees the
-  # directly-including class - we can't see second-order includers.
-  def self.included(base)
-    # Create a new class, whose body is simply to extend the
-    # backend factory mixin
-    resource_backend_factory_class = Class.new(Object) do
-      extend AwsBackendFactoryMixin
-    end
-    # Name that class
-    base.const_set("BackendFactory", resource_backend_factory_class)
-  end
-end

data/lib/resource_support/aws.rb

@@ -1,76 +0,0 @@
-# Main AWS loader file.  The intent is for this to be
-# loaded only if AWS resources are needed.
-
-require "aws-sdk-core"
-
-require "aws-sdk-cloudtrail"
-require "aws-sdk-cloudwatch"
-require "aws-sdk-cloudwatchlogs"
-require "aws-sdk-costandusagereportservice"
-require "aws-sdk-configservice"
-require "aws-sdk-ec2"
-require "aws-sdk-ecs"
-require "aws-sdk-eks"
-require "aws-sdk-elasticloadbalancing"
-require "aws-sdk-iam"
-require "aws-sdk-kms"
-require "aws-sdk-rds"
-require "aws-sdk-s3"
-require "aws-sdk-sqs"
-require "aws-sdk-sns"
-
-require "resource_support/aws/aws_backend_factory_mixin"
-require "resource_support/aws/aws_resource_mixin"
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_plural_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-
-# Load all AWS resources
-# TODO: loop over and load entire directory
-# for f in ls lib/resources/aws/*; do t=$(echo $f | cut -c 5- | cut -f1 -d. ); echo "require '${t}'"; done
-require "resources/aws/aws_billing_report"
-require "resources/aws/aws_billing_reports"
-require "resources/aws/aws_cloudtrail_trail"
-require "resources/aws/aws_cloudtrail_trails"
-require "resources/aws/aws_cloudwatch_alarm"
-require "resources/aws/aws_cloudwatch_log_metric_filter"
-require "resources/aws/aws_config_delivery_channel"
-require "resources/aws/aws_config_recorder"
-require "resources/aws/aws_ec2_instance"
-require "resources/aws/aws_ebs_volume"
-require "resources/aws/aws_ebs_volumes"
-require "resources/aws/aws_flow_log"
-require "resources/aws/aws_ec2_instances"
-require "resources/aws/aws_ecs_cluster"
-require "resources/aws/aws_eks_cluster"
-require "resources/aws/aws_elb"
-require "resources/aws/aws_elbs"
-require "resources/aws/aws_iam_access_key"
-require "resources/aws/aws_iam_access_keys"
-require "resources/aws/aws_iam_group"
-require "resources/aws/aws_iam_groups"
-require "resources/aws/aws_iam_password_policy"
-require "resources/aws/aws_iam_policies"
-require "resources/aws/aws_iam_policy"
-require "resources/aws/aws_iam_role"
-require "resources/aws/aws_iam_root_user"
-require "resources/aws/aws_iam_user"
-require "resources/aws/aws_iam_users"
-require "resources/aws/aws_kms_key"
-require "resources/aws/aws_kms_keys"
-require "resources/aws/aws_rds_instance"
-require "resources/aws/aws_route_table"
-require "resources/aws/aws_route_tables"
-require "resources/aws/aws_s3_bucket"
-require "resources/aws/aws_s3_bucket_object"
-require "resources/aws/aws_s3_buckets"
-require "resources/aws/aws_security_group"
-require "resources/aws/aws_security_groups"
-require "resources/aws/aws_sns_subscription"
-require "resources/aws/aws_sns_topic"
-require "resources/aws/aws_sns_topics"
-require "resources/aws/aws_sqs_queue"
-require "resources/aws/aws_subnet"
-require "resources/aws/aws_subnets"
-require "resources/aws/aws_vpc"
-require "resources/aws/aws_vpcs"

data/lib/resources/aws/aws_billing_report.rb

@@ -1,105 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-
-require "aws-sdk-costandusagereportservice"
-
-class AwsBillingReport < Inspec.resource(1)
-  name "aws_billing_report"
-  supports platform: "aws"
-  desc "Verifies settings for AWS Cost and Billing Reports."
-  example <<~EXAMPLE
-    describe aws_billing_report('inspec1') do
-      its('report_name') { should cmp 'inspec1' }
-      its('time_unit') { should cmp 'hourly' }
-    end
-
-    describe aws_billing_report(report: 'inspec1') do
-      it { should exist }
-    end
-  EXAMPLE
-
-  include AwsSingularResourceMixin
-
-  attr_reader :report_name, :time_unit, :format, :compression, :s3_bucket,
-              :s3_prefix, :s3_region
-
-  def to_s
-    "AWS Billing Report #{report_name}"
-  end
-
-  def hourly?
-    exists? ? time_unit.eql?("hourly") : nil
-  end
-
-  def daily?
-    exists? ? time_unit.eql?("daily") : nil
-  end
-
-  def zip?
-    exists? ? compression.eql?("zip") : nil
-  end
-
-  def gzip?
-    exists? ? compression.eql?("gzip") : nil
-  end
-
-  private
-
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:report_name],
-      allowed_scalar_name: :report_name,
-      allowed_scalar_type: String
-    )
-
-    if validated_params.empty?
-      raise ArgumentError, "You must provide the parameter 'report_name' to aws_billing_report."
-    end
-
-    validated_params
-  end
-
-  def fetch_from_api
-    report = find_report(report_name)
-    @exists = !report.nil?
-    if exists?
-      @time_unit = report.time_unit.downcase
-      @format = report.format.downcase
-      @compression = report.compression.downcase
-      @s3_bucket = report.s3_bucket
-      @s3_prefix = report.s3_prefix
-      @s3_region = report.s3_region
-    end
-  end
-
-  def find_report(report_name)
-    pagination_opts = {}
-    found_report_def = nil
-    while found_report_def.nil?
-      api_result = backend.describe_report_definitions(pagination_opts)
-      next_token = api_result.next_token
-      found_report_def = api_result.report_definitions.find { |report_def| report_def.report_name == report_name }
-      pagination_opts = { next_token: next_token }
-
-      next if found_report_def.nil? && next_token        # Loop again: didn't find it, but there are more results
-      break if found_report_def.nil? && next_token.nil?  # Give up: didn't find it, no more results
-    end
-    found_report_def
-  end
-
-  def backend
-    @backend ||= BackendFactory.create(inspec_runner)
-  end
-
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsBillingReport::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CostandUsageReportService::Client
-
-      def describe_report_definitions(query = {})
-        aws_service_client.describe_report_definitions(query)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_billing_reports.rb

@@ -1,74 +0,0 @@
-require "inspec/utils/filter"
-require "resource_support/aws/aws_plural_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-costandusagereportservice"
-
-class AwsBillingReports < Inspec.resource(1)
-  name "aws_billing_reports"
-  supports platform: "aws"
-  desc "Verifies settings for AWS Cost and Billing Reports."
-  example <<~EXAMPLE
-    describe aws_billing_reports do
-      its('report_names') { should include 'inspec1' }
-      its('s3_buckets') { should include 'inspec1-s3-bucket' }
-    end
-
-    describe aws_billing_reports.where { report_name =~ /inspec.*/ } do
-      its ('report_names') { should include ['inspec1'] }
-      its ('time_units') { should include ['DAILY'] }
-      its ('s3_buckets') { should include ['inspec1-s3-bucket'] }
-    end
-  EXAMPLE
-
-  include AwsPluralResourceMixin
-
-  filtertable = FilterTable.create
-  filtertable.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-    .register_column(:report_names, field: :report_name)
-    .register_column(:time_units, field: :time_unit, style: :simple)
-    .register_column(:formats, field: :format, style: :simple)
-    .register_column(:compressions, field: :compression, style: :simple)
-    .register_column(:s3_buckets, field: :s3_bucket, style: :simple)
-    .register_column(:s3_prefixes, field: :s3_prefix, style: :simple)
-    .register_column(:s3_regions, field: :s3_region, style: :simple)
-  filtertable.install_filter_methods_on_resource(self, :table)
-
-  def validate_params(resource_params)
-    unless resource_params.empty?
-      raise ArgumentError, "aws_billing_reports does not accept resource parameters."
-    end
-
-    resource_params
-  end
-
-  def to_s
-    "AWS Billing Reports"
-  end
-
-  def fetch_from_api
-    @table = []
-    pagination_opts = {}
-    backend = BackendFactory.create(inspec_runner)
-    loop do
-      api_result = backend.describe_report_definitions(pagination_opts)
-      api_result.report_definitions.each do |raw_report|
-        report = raw_report.to_h
-        %i{time_unit compression}.each { |field| report[field].downcase! }
-        @table << report
-      end
-      pagination_opts = { next_token: api_result.next_token }
-      break unless api_result.next_token
-    end
-  end
-
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsBillingReports::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CostandUsageReportService::Client
-
-      def describe_report_definitions(options = {})
-        aws_service_client.describe_report_definitions(options)
-      end
-    end
-  end
-end

data/lib/resources/aws/aws_cloudtrail_trail.rb

@@ -1,97 +0,0 @@
-require "resource_support/aws/aws_singular_resource_mixin"
-require "resource_support/aws/aws_backend_base"
-require "aws-sdk-cloudtrail"
-
-class AwsCloudTrailTrail < Inspec.resource(1)
-  name "aws_cloudtrail_trail"
-  desc "Verifies settings for an individual AWS CloudTrail Trail"
-  example <<~EXAMPLE
-    describe aws_cloudtrail_trail('trail-name') do
-      it { should exist }
-    end
-  EXAMPLE
-
-  supports platform: "aws"
-
-  include AwsSingularResourceMixin
-  attr_reader :cloud_watch_logs_log_group_arn, :cloud_watch_logs_role_arn, :home_region,
-              :kms_key_id, :s3_bucket_name, :trail_arn
-
-  def to_s
-    "CloudTrail #{@trail_name}"
-  end
-
-  def multi_region_trail?
-    @is_multi_region_trail
-  end
-
-  def log_file_validation_enabled?
-    @log_file_validation_enabled
-  end
-
-  def encrypted?
-    !kms_key_id.nil?
-  end
-
-  def delivered_logs_days_ago
-    query = { name: @trail_name }
-    catch_aws_errors do
-
-      resp = BackendFactory.create(inspec_runner).get_trail_status(query).to_h
-      ((Time.now - resp[:latest_cloud_watch_logs_delivery_time]) / (24 * 60 * 60)).to_i unless resp[:latest_cloud_watch_logs_delivery_time].nil?
-    rescue Aws::CloudTrail::Errors::TrailNotFoundException
-      nil
-
-    end
-  end
-
-  private
-
-  def validate_params(raw_params)
-    validated_params = check_resource_param_names(
-      raw_params: raw_params,
-      allowed_params: [:trail_name],
-      allowed_scalar_name: :trail_name,
-      allowed_scalar_type: String
-    )
-
-    if validated_params.empty?
-      raise ArgumentError, "You must provide the parameter 'trail_name' to aws_cloudtrail_trail."
-    end
-
-    validated_params
-  end
-
-  def fetch_from_api
-    backend = BackendFactory.create(inspec_runner)
-
-    query = { trail_name_list: [@trail_name] }
-    resp = backend.describe_trails(query)
-
-    @trail = resp.trail_list[0].to_h
-    @exists = !@trail.empty?
-    @s3_bucket_name = @trail[:s3_bucket_name]
-    @is_multi_region_trail = @trail[:is_multi_region_trail]
-    @trail_arn = @trail[:trail_arn]
-    @log_file_validation_enabled = @trail[:log_file_validation_enabled]
-    @cloud_watch_logs_role_arn = @trail[:cloud_watch_logs_role_arn]
-    @cloud_watch_logs_log_group_arn = @trail[:cloud_watch_logs_log_group_arn]
-    @kms_key_id = @trail[:kms_key_id]
-    @home_region = @trail[:home_region]
-  end
-
-  class Backend
-    class AwsClientApi < AwsBackendBase
-      AwsCloudTrailTrail::BackendFactory.set_default_backend(self)
-      self.aws_client_class = Aws::CloudTrail::Client
-
-      def describe_trails(query)
-        aws_service_client.describe_trails(query)
-      end
-
-      def get_trail_status(query)
-        aws_service_client.get_trail_status(query)
-      end
-    end
-  end
-end