This repository has been archived by the owner on Jan 8, 2024. It is now read-only.
forked from inspec/inspec-aws
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaws_nat_gateways.rb
36 lines (31 loc) · 2.05 KB
/
aws_nat_gateways.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
aws_nat_gateway_name = attribute(:aws_nat_gateway_name, value: "", description: "The value of the name tag of the nat gateway.")
aws_nat_gateway_id = attribute(:aws_nat_gateway_id, value: "", description: "The ID of the nat gateway.")
aws_nat_gateway_subnet_id = attribute(:aws_nat_gateway_subnet_id, value: "", description: "The subnet ID of the subnet in which the nat gateway is placed.")
aws_nat_gateway_allocation_id = attribute(:aws_nat_gateway_allocation_id, value: "", description: "The allocation ID of the elastic IP address for the gateway.")
aws_nat_gateway_vpc_id = attribute(:aws_nat_gateway_vpc_id, value: "", description: "The ID of the VPC in which the nat gateway is located.")
aws_nat_gateway_private_ip = attribute(:aws_nat_gateway_private_ip, value: "", description: "The private Ip address of the nat gateway.")
aws_nat_gateway_public_ip = attribute(:aws_nat_gateway_public_ip, value: "", description: "The public Ip address of the nat gateway.")
title "Test multiple AWS NAT Gateways"
control "aws-nat-gateways-1.0" do
impact 1.0
title "Check AWS NAT gateways have the correct properties."
describe aws_nat_gateways do
it { should exist }
its('count') { should be >= 1 }
its('states') { should include('available') }
its('names') { should include(aws_nat_gateway_name) }
its('vpc_ids') { should include(aws_nat_gateway_vpc_id) }
its('subnet_ids') { should include(aws_nat_gateway_subnet_id) }
end
# Same test with using the singular resource
aws_nat_gateways.where(name: aws_nat_gateway_name).ids.each do |id|
describe aws_nat_gateway(id: id) do
its('id') { should eq aws_nat_gateway_id }
its('vpc_id') { should eq aws_nat_gateway_vpc_id }
its('subnet_id') { should eq aws_nat_gateway_subnet_id }
its('nat_gateway_address_set') { should include(:allocation_id => aws_nat_gateway_allocation_id) }
its('nat_gateway_address_set') { should include(:private_ip => aws_nat_gateway_private_ip) }
its('nat_gateway_address_set') { should include(:public_ip => aws_nat_gateway_public_ip) }
end
end
end