This repository has been archived by the owner on Jan 8, 2024. It is now read-only.
forked from inspec/inspec-aws
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaws_nat_gateway.rb
46 lines (39 loc) · 2.21 KB
/
aws_nat_gateway.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
aws_nat_gateway_name = attribute(:aws_nat_gateway_name, value: "", description: "The value of the name tag of the nat gateway.")
aws_nat_gateway_id = attribute(:aws_nat_gateway_id, value: "", description: "The ID of the nat gateway.")
aws_nat_gateway_subnet_id = attribute(:aws_nat_gateway_subnet_id, value: "", description: "The subnet ID of the subnet in which the nat gateway is placed.")
aws_nat_gateway_allocation_id = attribute(:aws_nat_gateway_allocation_id, value: "", description: "The allocation ID of the elastic IP address for the gateway.")
aws_nat_gateway_vpc_id = attribute(:aws_nat_gateway_vpc_id, value: "", description: "The ID of the VPC in which the nat gateway is located.")
aws_nat_gateway_private_ip = attribute(:aws_nat_gateway_private_ip, value: "", description: "The private Ip address of the nat gateway.")
aws_nat_gateway_public_ip = attribute(:aws_nat_gateway_public_ip, value: "", description: "The public Ip address of the nat gateway.")
title "Test single AWS Nat Gateway"
control "aws-nat-gateway-1.0" do
impact 1.0
title "Check AWS nat gateway has the correct properties."
describe aws_nat_gateway(name: aws_nat_gateway_name) do
it { should exist }
its('id') { should eq aws_nat_gateway_id }
its('vpc_id') { should eq aws_nat_gateway_vpc_id }
its('subnet_id') { should eq aws_nat_gateway_subnet_id }
its('nat_gateway_address_set') { should include(:allocation_id => aws_nat_gateway_allocation_id) }
its('nat_gateway_address_set') { should include(:private_ip => aws_nat_gateway_private_ip) }
its('nat_gateway_address_set') { should include(:public_ip => aws_nat_gateway_public_ip) }
end
# Multiple valid params are OK.
describe aws_nat_gateway(
id: aws_nat_gateway_id,
vpc_id: aws_nat_gateway_vpc_id,
subnet_id: aws_nat_gateway_subnet_id,
name: aws_nat_gateway_name,
) do
it { should exist }
end
# Not OK if any of the params does not exist.
describe aws_nat_gateway(
id: aws_nat_gateway_id,
vpc_id: aws_nat_gateway_vpc_id,
subnet_id: aws_nat_gateway_subnet_id,
name: 'rubbish',
) do
it { should_not exist }
end
end