Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 13:13:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Spelling and punctuation check on Azure and AWS (#2657)

Browse source 
* Spelling and punctuation check

Signed-off-by: kagarmoe <kgarmoe@chef.io>
This commit is contained in:
Kimberly Garmoe 2018-02-19 19:09:51 -08:00 committed by Jared Quick
parent f9452b022a
commit bd7327b91c
16 changed files with 46 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docs/resources/aws_cloudtrail_trail.md.erb
View file

@ -45,7 +45,7 @@ The following examples show how to use this InSpec audit resource.
it { should be_encrypted }
end
### Test that the specified trail is a multi region trail
### Test that the specified trail is a multi-region trail
describe aws_cloudtrail_trail('trail-name') do
it { should be_multi_region_trail }
@ -117,7 +117,7 @@ This InSpec audit resource has the following special matchers. For a full list o
### be\_multi\_region\_trail
The test will pass if the identified trail is a multi region trail.
The test will pass if the identified trail is a multi-region trail.
describe aws_cloudtrail_trail('trail-name') do
it { should be_multi_region_trail }

2
docs/resources/aws_cloudtrail_trails.md.erb
View file

@ -41,7 +41,7 @@ As this is the initial release of `aws_cloudtrail_trails`, its limited functiona
### entries
Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
# Allow at most 100 CloudTrail Trails on the account
describe aws_cloudtrail_trails do

6
docs/resources/aws_cloudwatch_alarm.md.erb
View file

@ -7,13 +7,13 @@ platform: aws
Use the `aws_cloudwatch_alarm` InSpec audit resource to test properties of a single Cloudwatch Alarm.
Cloudwatch Alarms are currently identified using the metric name and metric namespace. Future work may allow other approaches to identifying alarms.
Cloudwatch Alarms are currently identified using the metric name and metric namespace. Future work may allow other approaches to identifying alarms.
<br>
## Syntax
An `aws_cloudwatch_alarm` resource block searches for a Cloudwatch Alarm, specified by several search options. If more than one Alarm matches, an error occurs.
An `aws_cloudwatch_alarm` resource block searches for a Cloudwatch Alarm, specified by several search options. If more than one Alarm matches, an error occurs.
# Look for a specific alarm
aws_cloudwatch_alarm(
@ -48,7 +48,7 @@ The following examples show how to use this InSpec audit resource.
### alarm\_actions
`alarm_actions` returns a list of strings. Each string is the ARN of an action that will be taken should the alarm be triggered.
`alarm_actions` returns a list of strings. Each string is the ARN of an action that will be taken should the alarm be triggered.
# Ensure that the alarm has at least one action
describe aws_cloudwatch_alarm(

4
docs/resources/aws_cloudwatch_log_metric_filter.md.erb
View file

@ -7,7 +7,7 @@ platform: aws
Use the `aws_cloudwatch_log_metric_filter` InSpec audit resource to search for and test properties of individual AWS Cloudwatch Log Metric Filters.
A Log Metric Filter (LMF) is an AWS resource that observes log traffic, looks for a specified pattern, and updates a metric about the number times the match occurs. The metric can also be connected to AWS Cloudwatch Alarms, so that actions can be taken when a match occurs.
A Log Metric Filter (LMF) is an AWS resource that observes log traffic, looks for a specified pattern, and then updates a metric about the number times the match occurs. The metric can also be connected to AWS Cloudwatch Alarms, so that actions can be taken when a match occurs.
<br>
@ -15,7 +15,7 @@ A Log Metric Filter (LMF) is an AWS resource that observes log traffic, looks fo
An `aws_cloudwatch_log_metric_filter` resource block searches for an LMF, specified by several search options. If more than one log metric filter matches, an error occurs.
# Look for a LMF by its filter name and log group name. This combination
# Look for an LMF by its filter name and log group name. This combination
# will always either find at most one LMF - no duplicates.
describe aws_cloudwatch_log_metric_filter(
filter_name: 'my-filter',

4
docs/resources/aws_ec2_instance.md.erb
View file

@ -89,13 +89,13 @@ The `be_stopped` matcher tests if the described EC2 instance state is `stopped`.
### be\_stopping
The `be_stopping` matcher tests if the described EC2 instance state is `stopping`. This indicates that an AWS stop command has been issued, which will suspend the instance in an OS-unaware manner. This state should be temporary.
The `be_stopping` matcher tests if the described EC2 instance state is `stopping`. This indicates that an AWS stop command has been issued, which will suspend the instance in an OS-unaware manner. This state should be temporary.
it { should be_stopping }
### be\_terminated
The `be_terminated` matcher tests if the described EC2 instance state is `terminated`. This indicates the instance is permanently halted and will be removed from the instance listing in a short period. This state should be temporary.
The `be_terminated` matcher tests if the described EC2 instance state is `terminated`. This indicates the instance is permanently halted and will be removed from the instance listing in a short period. This state should be temporary.
it { should be_terminated }

6
docs/resources/aws_iam_access_key.md.erb
View file

@ -11,7 +11,7 @@ Use the `aws_iam_access_key` InSpec audit resource to test properties of a singl
## Syntax
An `aws_iam_access_key` resource block declares the tests for a single AWS IAM access key. An access key is uniquely identified by its access key id.
An `aws_iam_access_key` resource block declares the tests for a single AWS IAM access key. An access key is uniquely identified by its access key id.
# This is unique - the key will either exist or it won't, but it will never be an error.
describe aws_iam_access_key(access_key_id: 'AKIA12345678ABCD') do
@ -27,9 +27,9 @@ An `aws_iam_access_key` resource block declares the tests for a single AWS IAM a
end
Access keys are associated with IAM users, who may have zero, one or two access keys. You may also lookup an access key by username. If the user has more than one access key, an error occurs (You may use `aws_iam_access_keys` with the `username` resource parameter to access a user's keys when they have multiple keys.)
Access keys are associated with IAM users, who may have zero, one or two access keys. You may also lookup an access key by username. If the user has more than one access key, an error occurs (You may use `aws_iam_access_keys` with the `username` resource parameter to access a user's keys when they have multiple keys.)
# This is not unique. If the user has zero or one keys, it is not an error.
# This is not unique. If the user has zero or one keys, it is not an error.
# If they have two, it is an error.
describe aws_iam_access_key(username: 'roderick') do
it { should exist }

10
docs/resources/aws_iam_access_keys.md.erb
View file

@ -7,10 +7,10 @@ platform: aws
Use the `aws_iam_access_keys` InSpec audit resource to test properties of some or all IAM Access Keys.
To test properties of a single Access Key, use the `aws_iam_access_key` resource instead.
To test properties of a single Access Key, use the `aws_iam_access_key` resource instead.
To test properties of an individual user's access keys, use the `aws_iam_user` resource.
Access Keys are closely related to AWS User resources. Use this resource to perform audits of all keys or of keys specified by criteria unrelated to any particular user.
Access Keys are closely related to AWS User resources. Use this resource to perform audits of all keys or of keys specified by criteria unrelated to any particular user.
<br>
@ -56,7 +56,7 @@ The following examples show how to use this InSpec audit resource.
### active
A true / false value indicating if an Access Key is currently "Active" (the normal state) in the AWS console. See also: `inactive`.
A true / false value indicating if an Access Key is currently "Active" (the normal state) in the AWS console. See also: `inactive`.
# Check if a particular key is enabled
describe aws_iam_access_keys.where { active } do
@ -65,7 +65,7 @@ A true / false value indicating if an Access Key is currently "Active" (the norm
### create\_date
A DateTime identifying when the Access Key was created. See also `created_days_ago` and `created_hours_ago`.
A DateTime identifying when the Access Key was created. See also `created_days_ago` and `created_hours_ago`.
# Detect keys older than 2017
describe aws_iam_access_keys.where { create_date < DateTime.parse('2017-01-01') } do
@ -170,7 +170,7 @@ Provides a list of all access key IDs matched.
### entries
Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
# Allow at most 100 access keys on the account
describe aws_iam_access_keys do

4
docs/resources/aws_iam_password_policy.md.erb
View file

@ -11,7 +11,7 @@ Use the `aws_iam_password_policy` InSpec audit resource to test properties of th
## Syntax
An `aws_iam_password_policy` resource block takes no parameters. Several properties and matchers are available.
An `aws_iam_password_policy` resource block takes no parameters. Several properties and matchers are available.
describe aws_iam_password_policy do
it { should require_lowercase_characters }
@ -21,7 +21,7 @@ An `aws_iam_password_policy` resource block takes no parameters. Several proper
## Properties
* `max_password_age_in_days`, `minimum_password_length`, `number_of_passwords_to_remember`
* `max_password_age_in_days`, `minimum_password_length`, `number_of_passwords_to_remember`
## Examples

2
docs/resources/aws_iam_policies.md.erb
View file

@ -58,7 +58,7 @@ Provides a list of policy arns for all IAM Policies in the AWS account.
### entries
Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
# Allow at most 100 IAM Policies on the account
describe aws_iam_policies do

2
docs/resources/aws_s3_bucket.md.erb
View file

@ -103,7 +103,7 @@ If there is no bucket policy, this property returns an empty array.
bucket_policy = aws_s3_bucket('my-bucket')
# Look for statements that allow the general public to do things
# This may be a false positive; it's possible these statements
# This may be a false positive; it is possible these statements
# could be protected by conditions, such as IP restrictions.
public_statements = bucket_policy.select do |s|
s.effect == 'Allow' && s.principal == '*'

2
docs/resources/aws_vpc.md.erb
View file

@ -9,7 +9,7 @@ Use the `aws_vpc` InSpec audit resource to test properties of a single AWS Virtu
To test properties of all or multiple VPCs, use the `aws_vpcs` resource.
A VPC is a networking construct that provides an isolated environment. A VPC is contained in a geographic region, but spans availability zones in that region. A VPC may have multiple subnets, internet gateways, and other networking resources. Computing resources--such as EC2 instances--reside on subnets within the VPC.
A VPC is a networking construct that provides an isolated environment. A VPC is contained in a geographic region, but spans availability zones in that region. A VPC may have multiple subnets, internet gateways, and other networking resources. Computing resources--such as EC2 instances--reside on subnets within the VPC.
Each VPC is uniquely identified by its VPC ID. In addition, each VPC has a non-unique CIDR IP Address range (such as 10.0.0.0/16) which it manages.

2
docs/resources/aws_vpcs.md.erb
View file

@ -7,7 +7,7 @@ platform: aws
Use the `aws_vpcs` InSpec audit resource to test properties of some or all AWS Virtual Private Clouds (VPCs).
A VPC is a networking construct that provides an isolated environment. A VPC is contained in a geographic region, but spans availability zones in that region. A VPC may have multiple subnets, internet gateways, and other networking resources. Computing resources--such as EC2 instances--reside on subnets within the VPC.
A VPC is a networking construct that provides an isolated environment. A VPC is contained in a geographic region, but spans availability zones in that region. A VPC may have multiple subnets, internet gateways, and other networking resources. Computing resources--such as EC2 instances--reside on subnets within the VPC.
Each VPC is uniquely identified by its VPC ID. In addition, each VPC has a non-unique CIDR IP Address range (such as 10.0.0.0/16) which it manages.

6
docs/resources/azure_generic_resource.md.erb
View file

@ -63,8 +63,6 @@ Use this parameter to define the type of resources to test.
...
end
These options can also be set using the environment variables:
* `AZURE_RESOURCE_GROUP_NAME`
@ -76,7 +74,7 @@ When the options have been set as well as the environment variables, the environ
<br>
## Example
## Parameter Example
describe azure_generic_resource(group_name: 'Inspec-Azure', name: 'Linux-Internal-VM', apiversion: '2.0') do
its('location') { should eq 'westeurope' }
@ -162,7 +160,7 @@ The following examples show how to use some of the InSpec audit properties:
## Matchers
For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
<br>

8
docs/resources/azure_resource_group.md.erb
View file

@ -68,7 +68,7 @@ Use this parameter to define the name of the Azure resource to test.
...
end
If both `group_name` and `name` is set then `name` will take priority.
If both `group_name` and `name` is set then `name` takes priority
These options can also be set using the environment variables:
@ -164,7 +164,7 @@ Tests the number of Public IP Addresses in the resource group.
Tests the number of managed disk images that are in the resource group.
These are the items from which managed disks are created which are attached to machines. Generally the images are created from a base image or a custom image (e.g. Packer).
Managed disks are created from disk images and then attached to the machines. Generally, the images are created from a base image or a custom image (e.g., Packer)
its('managed_disk_image_count') { should eq 5 }
@ -240,7 +240,7 @@ Use this matcher to test that public ips exist.
## Tags
It is possible to test the tags that have been assigned to the resource. There are a number of properties that can be called to check that it has tags, that it has the correct number and that the correct ones are assigned.
It is possible to test the tags that have been assigned to the resource. There are some properties for checking that a resource has tags, that it has the correct number of tags, and that the correct tags are assigned.
### have\_tags
@ -262,7 +262,7 @@ It is possible to check if a specific tag has been set on the resource.
### xxx\_tag
To get the value of the tag, a number of preoprties have been created from the tags that are set.
To get the value of the tag, some properties are created from the tags themselves.
For example, if the following tag is set on a resource:

22
docs/resources/azure_virtual_machine.md.erb
View file

@ -5,11 +5,11 @@ platform: azure
# azure\_virtual\_machine
Use the `azure_virtual_machine` InSpec audit resource to ensure that a Virtual Machine has been provisionned correctly.
Use the `azure_virtual_machine` InSpec audit resource to ensure that a Virtual Machine has been provisioned correctly.
## Syntax
The name of the machine and the resourece group are required as properties to the resource.
The name of the machine and the resource group are required as properties to the resource.
describe azure_virtual_machine(group_name: 'MyResourceGroup', name: 'MyVM') do
its('property') { should eq 'value' }
@ -17,9 +17,9 @@ The name of the machine and the resourece group are required as properties to th
where
* `MyVm` is the name of the virtual machine as seen in Azure. (It is **not** the hostname of the machine)
* `MyResourceGroup` is the name of the resource group that the machine is in.
* `property` is one of
* `MyVm` is the name of the virtual machine as seen in Azure; it is **not** the hostname of the machine
* `MyResourceGroup` is the name of the machine's resource group
* `property` is one of the resource properties
* `value` is the expected output from the matcher
## Examples
@ -106,9 +106,9 @@ Name of the Virtual Machine in Azure. Be aware that this is not the computer nam
### publisher
The publisher of the image from which this machine was built.
The publisher of this machine's build image.
This will be `nil` if the machine was created from a custom image.
`nil` if the machine was created from a custom image.
its('publisher') { should cmp 'MicrosoftWindowsServer' }
@ -116,7 +116,7 @@ This will be `nil` if the machine was created from a custom image.
The offer from the publisher of the build image.
This will be `nil` if the machine was created from a custom image.
`nil` if the machine was created from a custom image.
its('offer') { should cmp 'WindowsServer' }
@ -124,13 +124,13 @@ This will be `nil` if the machine was created from a custom image.
The item from the publisher that was used to create the image.
This will be `nil` if the machine was created from a custom image.
`nil` if the machine was created from a custom image.
its('sku') { should cmp '2016-Datacenter' }
### os\_type
Test that returns the classification in Azure of the operating system type. Ostensibly this will be either `Linux` or `Windows`.
Test that returns the classification in Azure of the operating system type. Usually either `Linux` or `Windows`.
its('os_type') { should cmp 'Windows' }
@ -148,7 +148,7 @@ Returns the type of caching that has been set on the operating system disk.
### create\_option
When the operating system disk is created, how it was created is set as an property. This property returns how the disk was created.
When the operating system disk is created, how it was created is set as a property. This property returns how the disk was created.
its('create_option') { should cmp 'FromImage' }

10
docs/resources/azure_virtual_machine_data_disk.md.erb
View file

@ -130,7 +130,7 @@ Returns an integer of size of this disk in GB.
### lun
The disk number as reported by Azure. This is a zero based index value.
The disk number as reported by Azure. Has a zero-based index value.
its('lun') { should cmp 0 }
@ -142,7 +142,7 @@ String stating the caching that has been set on the disk.
### create\_option
How the disk was created. Typically for data disks this will be the string value 'Empty'.
How the disk was created. Typically for data disks, this will be the string value 'Empty'.
its('create_option') { should cmp 'Empty' }
@ -154,7 +154,7 @@ Boolean stating if the disk is a managed disk or not. If it is not a managed dis
### vhd\_uri
If this _not_ a managed disk then the `vhd_uri` will be the full URI to the disk in the storage account.
If this _not_ a managed disk, then the `vhd_uri` will be the full URI to the disk in the storage account.
its('vhd_uri') { should cmp '
https://primary_storage.blob.core.windows.net/container_name/vm_name.vhd' }
@ -169,7 +169,7 @@ This derived from the `vhd_uri`.
### storage\_account\_type
If this is a managed disk this is the storage account type, e.g. `Standard_LRS`
If this is a managed disk this is the storage account type, e.g. `Standard_LRS`.
its('storage_account_type') { should cmp 'Standard_LRS' }
@ -221,4 +221,4 @@ Returns a boolean stating if the machine has Managed Disks for data disks.
* [Azure Ruby SDK - Compute](https://github.com/Azure/azure-sdk-for-ruby/tree/master/management/azure_mgmt_compute)
* [Linux Internal Data Disks](https://github.com/chef/inspec/blob/master/test/azure/verify/controls/virtual_machine_linux_external_vm_datadisk.rb)
* [Windows Internal Data Disk](https://github.com/chef/inspec/blob/master/test/azure/verify/controls/virtual_machine_windows_internal_vm_datadisk.rb)
* [Windows Internal Data Disk](https://github.com/chef/inspec/blob/master/test/azure/verify/controls/virtual_machine_windows_internal_vm_datadisk.rb)