inspec/test/integration/verify/controls/aws_iam_user.rb

mfa_not_enabled_user = attribute(
  'mfa_not_enabled_user',
  default: 'default.mfa_not_enabled_user',
  description: 'Name of IAM user mfa_not_enabled_user')

console_password_enabled_user = attribute(
  'console_password_enabled_user',
  default: 'default.console_password_enabled_user',
  description: 'Name of IAM user console_password_enabled_user')

describe aws_iam_user(mfa_not_enabled_user) do
  it { should_not have_mfa_enabled }
  it { should_not have_console_password }
end

describe aws_iam_user(console_password_enabled_user) do
  it { should have_console_password }
end
Use terraform environments to avoid integration test collisions * When running integration tests with Rakefile use terraform environment based on environment variable INSPEC_TERRAFORM_ENV ** If INSPEC_TERRAFORM_ENV is not provided, a random string will be used * Use terraform environment as a namespace for AWS artifacts * Use attribute file for inspec to be aware of the terraform environment used Signed-off-by: Miles Tjandrawidjaja <miles@tjandrawidjaja.com> 2017-04-29 23:46:53 +00:00			`mfa_not_enabled_user = attribute(`
			`'mfa_not_enabled_user',`
			`default: 'default.mfa_not_enabled_user',`
			`description: 'Name of IAM user mfa_not_enabled_user')`

			`console_password_enabled_user = attribute(`
			`'console_password_enabled_user',`
			`default: 'default.console_password_enabled_user',`
			`description: 'Name of IAM user console_password_enabled_user')`

Re-work unit tests for user and users (#125) * Constructor unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Constructor tests pass, all others gutted Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Basic 'where' test in place, no criteria Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Wired up filter table to backend list users Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Unit testing for has_mfa_enabled and has_console_password Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Simple AWS client implementation for Users Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Rework resource parameters and validation; copy in code from #121 Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Add constructor tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Add search/recall tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Recall unit tests pass Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Failing unit tests for username and has_console_password Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * has_console_password works in unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * has_mfa_enabled failing unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * has_mfa_enabled passes unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Failing unit tests for Access Keys Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * CLean up bad rebase commit Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Access keys property works, as an uncooked AWS response Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * De-linting Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Integration tests work Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Remove provider support libraries Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Integration tests pass for users resource Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * De-lint Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Remove aws connection load from user Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Adapt aws_iam_user to rely on AwsResourceMixin Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> 2017-12-08 18:34:09 +00:00			`describe aws_iam_user(mfa_not_enabled_user) do`
Add access_keys method to aws_iam_user (#44) * Add access_keys method to aws_iam_user Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit test that accessed AWS Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Incorporate PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Update tests based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Rebase to master Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-06-13 05:36:43 +00:00			`it { should_not have_mfa_enabled }`
			`it { should_not have_console_password }`
Use terraform environments to avoid integration test collisions * When running integration tests with Rakefile use terraform environment based on environment variable INSPEC_TERRAFORM_ENV ** If INSPEC_TERRAFORM_ENV is not provided, a random string will be used * Use terraform environment as a namespace for AWS artifacts * Use attribute file for inspec to be aware of the terraform environment used Signed-off-by: Miles Tjandrawidjaja <miles@tjandrawidjaja.com> 2017-04-29 23:46:53 +00:00			`end`

Re-work unit tests for user and users (#125) * Constructor unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Constructor tests pass, all others gutted Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Basic 'where' test in place, no criteria Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Wired up filter table to backend list users Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Unit testing for has_mfa_enabled and has_console_password Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Simple AWS client implementation for Users Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Rework resource parameters and validation; copy in code from #121 Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Add constructor tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Add search/recall tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Recall unit tests pass Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Failing unit tests for username and has_console_password Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * has_console_password works in unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * has_mfa_enabled failing unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * has_mfa_enabled passes unit tests Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Failing unit tests for Access Keys Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * CLean up bad rebase commit Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Access keys property works, as an uncooked AWS response Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * De-linting Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Integration tests work Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Remove provider support libraries Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Integration tests pass for users resource Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * De-lint Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Remove aws connection load from user Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Adapt aws_iam_user to rely on AwsResourceMixin Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> 2017-12-08 18:34:09 +00:00			`describe aws_iam_user(console_password_enabled_user) do`
Add access_keys method to aws_iam_user (#44) * Add access_keys method to aws_iam_user Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit test that accessed AWS Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Incorporate PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix unit tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Update tests based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Rebase to master Signed-off-by: Chris Redekop <chris.redekop@d2l.com> 2017-06-13 05:36:43 +00:00			`it { should have_console_password }`
			`end`