inspec/test/integration/verify/controls/aws_iam_user.rb

mfa_not_enabled_user = attribute(
  'mfa_not_enabled_user',
  default: 'default.mfa_not_enabled_user',
  description: 'Name of IAM user mfa_not_enabled_user')

console_password_enabled_user = attribute(
  'console_password_enabled_user',
  default: 'default.console_password_enabled_user',
  description: 'Name of IAM user console_password_enabled_user')

access_key_user = attribute(
  'access_key_user',
  default: 'default.access_key_user',
  description: 'Name of IAM user access_key_user')

describe aws_iam_user(name: mfa_not_enabled_user) do
  it { should_not have_mfa_enabled }
  it { should_not have_console_password }
end

describe aws_iam_user(name: console_password_enabled_user) do
  it { should have_console_password }
end

aws_iam_user(name: access_key_user).access_keys.each { |access_key|
  describe access_key do
   it { should be_active }
  end
}
Use terraform environments to avoid integration test collisions * When running integration tests with Rakefile use terraform environment based on environment variable INSPEC_TERRAFORM_ENV ** If INSPEC_TERRAFORM_ENV is not provided, a random string will be used * Use terraform environment as a namespace for AWS artifacts * Use attribute file for inspec to be aware of the terraform environment used Signed-off-by: Miles Tjandrawidjaja <miles@tjandrawidjaja.com> 2017-04-29 23:46:53 +00:00			`mfa_not_enabled_user = attribute(`
			`'mfa_not_enabled_user',`
			`default: 'default.mfa_not_enabled_user',`
			`description: 'Name of IAM user mfa_not_enabled_user')`

			`console_password_enabled_user = attribute(`
			`'console_password_enabled_user',`
			`default: 'default.console_password_enabled_user',`
			`description: 'Name of IAM user console_password_enabled_user')`

Add access_keys method to aws_iam_user (#44) * Add access_keys method to aws_iam_user Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit test that accessed AWS Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Incorporate PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Update tests based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Rebase to master Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-06-13 05:36:43 +00:00			`access_key_user = attribute(`
			`'access_key_user',`
			`default: 'default.access_key_user',`
			`description: 'Name of IAM user access_key_user')`

A real-world working AwsIamUsers (#71) * Add aws_iam_users Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Get an aws_iam_users integration test to pass Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix RuboCop issues and tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Improving code based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-08-08 13:50:35 +00:00			`describe aws_iam_user(name: mfa_not_enabled_user) do`
Add access_keys method to aws_iam_user (#44) * Add access_keys method to aws_iam_user Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit test that accessed AWS Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Incorporate PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Update tests based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Rebase to master Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-06-13 05:36:43 +00:00			`it { should_not have_mfa_enabled }`
			`it { should_not have_console_password }`
Use terraform environments to avoid integration test collisions * When running integration tests with Rakefile use terraform environment based on environment variable INSPEC_TERRAFORM_ENV ** If INSPEC_TERRAFORM_ENV is not provided, a random string will be used * Use terraform environment as a namespace for AWS artifacts * Use attribute file for inspec to be aware of the terraform environment used Signed-off-by: Miles Tjandrawidjaja <miles@tjandrawidjaja.com> 2017-04-29 23:46:53 +00:00			`end`

A real-world working AwsIamUsers (#71) * Add aws_iam_users Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Get an aws_iam_users integration test to pass Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix RuboCop issues and tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Improving code based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-08-08 13:50:35 +00:00			`describe aws_iam_user(name: console_password_enabled_user) do`
Add access_keys method to aws_iam_user (#44) * Add access_keys method to aws_iam_user Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit test that accessed AWS Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Incorporate PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Update tests based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Rebase to master Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-06-13 05:36:43 +00:00			`it { should have_console_password }`
			`end`

A real-world working AwsIamUsers (#71) * Add aws_iam_users Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Get an aws_iam_users integration test to pass Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix RuboCop issues and tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Improving code based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-08-08 13:50:35 +00:00			`aws_iam_user(name: access_key_user).access_keys.each { \|access_key\|`
Add access_keys method to aws_iam_user (#44) * Add access_keys method to aws_iam_user Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit test that accessed AWS Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Incorporate PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Update tests based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Rebase to master Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-06-13 05:36:43 +00:00			`describe access_key do`
			`it { should be_active }`
			`end`
			`}`