inspec 2.1.68 → 2.1.72
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -8
- data/docs/resources/aws_ec2_instances.md.erb +79 -0
- data/lib/inspec/reporters/json.rb +1 -0
- data/lib/inspec/version.rb +1 -1
- data/lib/resource_support/aws.rb +1 -0
- data/lib/resources/aws/aws_ec2_instances.rb +64 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 534b2e87a2c65b5c196e7af32599623cd4033a4d
|
|
4
|
+
data.tar.gz: 7f2a83fe85d5bf848f1d7747eecd65257ce3502e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9359c6eb7b7fd9920d25307d99d237d93e8fb3f47c66e16e86c858b1522edfba0a0e2787e9038a7eee2fbbd04a2514cac91b4486d5d3ab292f5e8b6636aba734
|
|
7
|
+
data.tar.gz: 87d990b0be675e94be9c9a327e379ab77c382fd55e82ef8cfe1eadb7f572eab309e2e4dbebb53c4c58fe53ef73918ce7dfb51d264121fcc1f8a5f456855d2f76
|
data/CHANGELOG.md
CHANGED
|
@@ -1,20 +1,35 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
<!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
|
|
3
|
-
<!-- latest_release 2.1.
|
|
4
|
-
## [v2.1.
|
|
3
|
+
<!-- latest_release 2.1.72 -->
|
|
4
|
+
## [v2.1.72](https://github.com/chef/inspec/tree/v2.1.72) (2018-05-10)
|
|
5
5
|
|
|
6
|
-
####
|
|
7
|
-
-
|
|
6
|
+
#### New Resources
|
|
7
|
+
- Skeletal aws_ec2_instances resource [#3023](https://github.com/chef/inspec/pull/3023) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
|
8
8
|
<!-- latest_release -->
|
|
9
9
|
|
|
10
|
-
<!-- release_rollup since=2.1.
|
|
11
|
-
### Changes since 2.1.
|
|
10
|
+
<!-- release_rollup since=2.1.68 -->
|
|
11
|
+
### Changes since 2.1.68 release
|
|
12
|
+
|
|
13
|
+
#### New Resources
|
|
14
|
+
- Skeletal aws_ec2_instances resource [#3023](https://github.com/chef/inspec/pull/3023) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.1.72 -->
|
|
15
|
+
|
|
16
|
+
#### Enhancements
|
|
17
|
+
- Add git dependency to habitat plan. [#3037](https://github.com/chef/inspec/pull/3037) ([phiggins](https://github.com/phiggins)) <!-- 2.1.71 -->
|
|
18
|
+
|
|
19
|
+
#### Bug Fixes
|
|
20
|
+
- Allow the depends key to be exposed in json profiles report [#3033](https://github.com/chef/inspec/pull/3033) ([jquick](https://github.com/jquick)) <!-- 2.1.70 -->
|
|
12
21
|
|
|
13
22
|
#### Merged Pull Requests
|
|
14
|
-
- Fix
|
|
23
|
+
- Fix typo in os_env_spec [#3028](https://github.com/chef/inspec/pull/3028) ([Happycoil](https://github.com/Happycoil)) <!-- 2.1.69 -->
|
|
15
24
|
<!-- release_rollup -->
|
|
16
25
|
|
|
17
26
|
<!-- latest_stable_release -->
|
|
27
|
+
## [v2.1.68](https://github.com/chef/inspec/tree/v2.1.68) (2018-05-04)
|
|
28
|
+
|
|
29
|
+
#### Merged Pull Requests
|
|
30
|
+
- Fix the A2 vendoring with depends on the A2 server [#3022](https://github.com/chef/inspec/pull/3022) ([jquick](https://github.com/jquick))
|
|
31
|
+
<!-- latest_stable_release -->
|
|
32
|
+
|
|
18
33
|
## [v2.1.67](https://github.com/chef/inspec/tree/v2.1.67) (2018-05-03)
|
|
19
34
|
|
|
20
35
|
#### New Features
|
|
@@ -32,7 +47,6 @@
|
|
|
32
47
|
- Update Habitat plan [#3000](https://github.com/chef/inspec/pull/3000) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
|
|
33
48
|
- cmp should recognise a string being a negative int [#3007](https://github.com/chef/inspec/pull/3007) ([james-stocks](https://github.com/james-stocks))
|
|
34
49
|
- Add inspec-core gem to expeditor release [#3018](https://github.com/chef/inspec/pull/3018) ([jquick](https://github.com/jquick))
|
|
35
|
-
<!-- latest_stable_release -->
|
|
36
50
|
|
|
37
51
|
## [v2.1.59](https://github.com/chef/inspec/tree/v2.1.59) (2018-04-26)
|
|
38
52
|
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: About the aws_ec2_instances Resource
|
|
3
|
+
platform: aws
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# aws\_ec2\_instances
|
|
7
|
+
|
|
8
|
+
Use the `aws_ec2_instances` InSpec audit resource to test properties of some or all AWS EC2 instances. To audit a single EC2 instance, use `aws_ec2_instance` (singular).
|
|
9
|
+
|
|
10
|
+
EC2 instances are the basic unit of computing within AWS. An instance is a virtual machine that contains a running OS, and may be created or destroyed by code.
|
|
11
|
+
|
|
12
|
+
Each EC2 instance is uniquely identified by its ID.
|
|
13
|
+
|
|
14
|
+
<br>
|
|
15
|
+
|
|
16
|
+
## Syntax
|
|
17
|
+
|
|
18
|
+
An `aws_ec2_instances` resource block collects a group of EC2 Instances and then tests that group.
|
|
19
|
+
|
|
20
|
+
# Ensure you have exactly 3 instances
|
|
21
|
+
describe aws_ec2_instances do
|
|
22
|
+
its('instance_ids.count') { should cmp 3 }
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
# Use the InSpec resource to enumerate IDs, then test in-depth using `aws_ec2_instance`.
|
|
26
|
+
aws_ec2_instances.instance_ids.each do |instance_id|
|
|
27
|
+
describe aws_ec2_instance(instance_id) do
|
|
28
|
+
its('key_name') { should cmp 'admin-ssh-key' }
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
<br>
|
|
33
|
+
|
|
34
|
+
## Examples
|
|
35
|
+
|
|
36
|
+
As this is the initial release of `aws_ec2_instances`, its limited functionality precludes examples.
|
|
37
|
+
|
|
38
|
+
<br>
|
|
39
|
+
|
|
40
|
+
## Filter Criteria
|
|
41
|
+
|
|
42
|
+
This resource currently does not support any filter criteria; it will always fetch all instances in the region.
|
|
43
|
+
|
|
44
|
+
## Properties
|
|
45
|
+
|
|
46
|
+
### entries
|
|
47
|
+
|
|
48
|
+
Provides access to the raw results of the query, which can be treated as an array of hashes. This can be useful for checking counts and other advanced operations.
|
|
49
|
+
|
|
50
|
+
# Allow at most 100 EC2 Instances on the account
|
|
51
|
+
describe aws_ec2_instances do
|
|
52
|
+
its('entries.count') { should be <= 100}
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
### instance_ids
|
|
57
|
+
|
|
58
|
+
Provides a list of the instance ids that were found in the query.
|
|
59
|
+
|
|
60
|
+
describe aws_ec2_instances do
|
|
61
|
+
its('instance_ids') { should include('i-12345678') }
|
|
62
|
+
its('instance_ids.count') { should cmp 3) }
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
<br>
|
|
66
|
+
|
|
67
|
+
## Matchers
|
|
68
|
+
|
|
69
|
+
For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
|
|
70
|
+
|
|
71
|
+
### exist
|
|
72
|
+
|
|
73
|
+
The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
|
|
74
|
+
|
|
75
|
+
# Verify that at least one EC2 Instance exists.
|
|
76
|
+
describe aws_ec2_instances
|
|
77
|
+
it { should exist }
|
|
78
|
+
end
|
|
79
|
+
|
data/lib/inspec/version.rb
CHANGED
data/lib/resource_support/aws.rb
CHANGED
|
@@ -19,6 +19,7 @@ require 'resources/aws/aws_cloudwatch_log_metric_filter'
|
|
|
19
19
|
require 'resources/aws/aws_config_delivery_channel'
|
|
20
20
|
require 'resources/aws/aws_config_recorder'
|
|
21
21
|
require 'resources/aws/aws_ec2_instance'
|
|
22
|
+
require 'resources/aws/aws_ec2_instances'
|
|
22
23
|
require 'resources/aws/aws_iam_access_key'
|
|
23
24
|
require 'resources/aws/aws_iam_access_keys'
|
|
24
25
|
require 'resources/aws/aws_iam_group'
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
class AwsEc2Instances < Inspec.resource(1)
|
|
2
|
+
name 'aws_ec2_instances'
|
|
3
|
+
desc 'Verifies settings for AWS EC2 Instances in bulk'
|
|
4
|
+
example '
|
|
5
|
+
describe aws_ec2_instances do
|
|
6
|
+
it { should exist }
|
|
7
|
+
end
|
|
8
|
+
'
|
|
9
|
+
supports platform: 'aws'
|
|
10
|
+
|
|
11
|
+
include AwsPluralResourceMixin
|
|
12
|
+
def validate_params(resource_params)
|
|
13
|
+
unless resource_params.empty?
|
|
14
|
+
raise ArgumentError, 'aws_ec2_instances does not accept resource parameters.'
|
|
15
|
+
end
|
|
16
|
+
resource_params
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Underlying FilterTable implementation.
|
|
20
|
+
filter = FilterTable.create
|
|
21
|
+
filter.add_accessor(:entries)
|
|
22
|
+
.add(:exists?) { |x| !x.entries.empty? }
|
|
23
|
+
.add(:instance_ids, field: :instance_id)
|
|
24
|
+
filter.connect(self, :table)
|
|
25
|
+
|
|
26
|
+
def to_s
|
|
27
|
+
'EC2 Instances'
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def fetch_from_api
|
|
31
|
+
backend = BackendFactory.create(inspec_runner)
|
|
32
|
+
@table = []
|
|
33
|
+
pagination_opts = {}
|
|
34
|
+
loop do
|
|
35
|
+
api_result = backend.describe_instances(pagination_opts)
|
|
36
|
+
@table += unpack_describe_instances_response(api_result.reservations)
|
|
37
|
+
break unless api_result.next_token
|
|
38
|
+
pagination_opts = { next_token: api_result.next_token }
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def unpack_describe_instances_response(reservations)
|
|
43
|
+
instance_rows = []
|
|
44
|
+
reservations.each do |res|
|
|
45
|
+
instance_rows += res.instances.map do |instance_struct|
|
|
46
|
+
{
|
|
47
|
+
instance_id: instance_struct.instance_id,
|
|
48
|
+
}
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
instance_rows
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
class Backend
|
|
55
|
+
class AwsClientApi < AwsBackendBase
|
|
56
|
+
BackendFactory.set_default_backend(self)
|
|
57
|
+
self.aws_client_class = Aws::EC2::Client
|
|
58
|
+
|
|
59
|
+
def describe_instances(query)
|
|
60
|
+
aws_service_client.describe_instances(query)
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.72
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dominik Richter
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-05-
|
|
11
|
+
date: 2018-05-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: train
|
|
@@ -316,6 +316,7 @@ files:
|
|
|
316
316
|
- docs/resources/aws_config_delivery_channel.md.erb
|
|
317
317
|
- docs/resources/aws_config_recorder.md.erb
|
|
318
318
|
- docs/resources/aws_ec2_instance.md.erb
|
|
319
|
+
- docs/resources/aws_ec2_instances.md.erb
|
|
319
320
|
- docs/resources/aws_iam_access_key.md.erb
|
|
320
321
|
- docs/resources/aws_iam_access_keys.md.erb
|
|
321
322
|
- docs/resources/aws_iam_group.md.erb
|
|
@@ -638,6 +639,7 @@ files:
|
|
|
638
639
|
- lib/resources/aws/aws_config_delivery_channel.rb
|
|
639
640
|
- lib/resources/aws/aws_config_recorder.rb
|
|
640
641
|
- lib/resources/aws/aws_ec2_instance.rb
|
|
642
|
+
- lib/resources/aws/aws_ec2_instances.rb
|
|
641
643
|
- lib/resources/aws/aws_iam_access_key.rb
|
|
642
644
|
- lib/resources/aws/aws_iam_access_keys.rb
|
|
643
645
|
- lib/resources/aws/aws_iam_group.rb
|