Commit graph

293 commits

Author SHA1 Message Date
Miah Johnson
e2fe18028d true should not be a string. (#3043)
Fixes https://github.com/chef/inspec/issues/2786

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-05-16 08:53:37 -04:00
Miah Johnson
988eb9749b AWS resource permission docs (#3036)
* Add documentation about required IAM permissions to AWS Resources.
* Change phrasing.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-05-10 14:57:53 -04:00
Clinton Wolfe
af72574b34 Skeletal aws_ec2_instances resource (#3023)
* Add integration and unit tests for aws_ec2_instances
* Basic docs for aws_ec2_instances
* Add basic aws_ec2_instances resource

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-05-10 14:54:33 -04:00
Jeremy
1407e681fc #2810 - Add check if aws s3 bucket is encrypted. (#2937)
* Add check if aws s3 bucket is encrypted.
Required terraform aws provider >= 1.6
Fix indentation issue in aws_s3_bucket.rb

* Implement most changes recommended by @TrevorBramble, and refactored other methods to align with recommendations (except Terraform nitpick; preference is to keep coding style consistent until full refactor).

Signed-off-by: Jeremy Phillips <github@uranusbytes.com>
2018-05-03 09:55:29 -04:00
Noel Georgi
ffbd6cbfb2 Fixing wrong filesystem size type (#3013)
Signed-off-by: Noel Georgi <noel.georgi@reancloud.com>
2018-05-03 09:16:07 -04:00
Omar J. Irizarry
2495fd8196 extend os_env resource to select between Machine and User vars on Windows (#2945)
Signed-off-by: Omar J Irizarry <irizarry_omar_j@network.lilly.com>
2018-04-26 15:10:14 -04:00
Clinton Wolfe
8934352935 Make names for AWS Config service objects optional (#2928)
* Update tests and docs to assume one recorder per region
* Config recorder supports singleton fetch
* Docs and tests for singleton mode delivery_channel
* Implementation for singleton delivery channel, and some other code cleanup
* Implement some feedback, and fix a bug in traversing the struct in looking for empty results

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-19 13:08:16 -04:00
Axel Kummer
923f5a9e56 Update Resource documentation for Users Resource (#2954)
The `shell` matcher have to be `shells` and expects an array.
Wrong:
`its('shell') { should eq "/sbin/nologin" }`

Got error:
```
     ×  Users with username =~ /stockservice-.*/ shell
     undefined method 'shell' for Users with username =~ /stockservice-.*/:#<Class:0x000055c2471fa900>
     Did you mean?  shells
```

Correct:
its('shells') { should eq ["/sbin/nologin"] }

I think it's an documentation mistake.
-----------------------------------------
$ inspec --version
2.1.43

Signed-off-by: Axel Kummer <axel.kummer@netresearch.de>
2018-04-19 13:06:20 -04:00
Andrii Melekhovskiy
180482d0a7 Fix docs: 404 in URLs for docker resourse (#2974)
Signed-off-by: morkot <melekhovskiy@gmail.com>
2018-04-19 11:02:22 -04:00
Clinton Wolfe
73b7b6942c
Inline and attached policies for aws_iam_user and aws_iam_users (#2947)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-17 13:22:28 -04:00
Clinton Wolfe
745ff32c80 Basic fields for aws_vpcs (#2930)
* Update singular implementation to avoid use of inner object
* Update docs and tests for 3 new filters and properties on aws_vpcs
* Implement new filters and properties; one failing test due to odd FilterTable behavior
* changes to avoid bug 2929

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-12 15:48:55 -04:00
Bj Maldonado
eff4de6784 Fixed Docs asking for instead of (#2933)
Signed-off-by: Bj Maldonado <bj@maldonado.io>
2018-04-12 15:26:32 -04:00
Clinton Wolfe
7130a77c06
Policy Statement Search capability for aws_iam_policy (#2918)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-12 14:31:02 -04:00
Clinton Wolfe
9dee334706 Change its to it in aws root user docs (#2927)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-09 13:40:11 -04:00
borgified
cdccad1de4 typo (#2919)
Signed-off-by: borgified <borgified@gmail.com>
2018-04-06 17:10:13 -04:00
Clinton Wolfe
4200fdd779 AWS Security Group Rules properties and matchers (#2876)
Provides low-, and mid-level properties and matchers for examining rules on aws_security_group.

* Second draft of docs for SG rules interface; need to clarify semantics of reject
* First cut at unit tests
* Cleanup test fixtures
* Implementation for allow, with plausible unit tests
* Doc updates based on reality
* Add integration tests; move allow to allow_ / out; several docs updates
* Add be_open_to_the_world and be_open_to_the_world_on_port
* Update docs to reflect adding allow_only
* Update docs to reflect use of position to allow multiple rules with 'only'
* Implement allow_only with unit tests; still need integration tests
* Add integration tests for allow_only

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-06 14:22:25 -04:00
Matthew Dromazos
b5a0007851 aws_cloudtrail_trail feature: test how many days ago logs were delivered (#2887)
* * Adds new property to test how many days ago the CloudTrail delivered logs to the CloudWatch Logs.

* * Changes query for selected cloud trail in unit test
* Changes uses Time.now explicitly instead of making a variable in the unit test

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-06 14:04:57 -04:00
Matthew Dromazos
74076bc44a aws_iam_group feature: test users in an iam group (#2888)
* Adds new property to test the users in an aws_iam_group
* Adds terraform code to add the recall_hit user to the administrator group

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-06 14:04:13 -04:00
Gary
1677be6d42 Amended Syntax to correct formatting (#2911) 2018-04-06 09:14:41 -04:00
Matthew Dromazos
c04a98c9f8 New Skeletal Resource aws_route_tables (#2643)
* Initial commit of skeletal resource aws_route_tables
* Fixes issues with documentation
* Renames route table terraform resources to be more conventional
* Removes tags terraform resources
* Changes aws_route_table and aws_route_tables integration tests to use new terraform names
* Removes unneeded data given in unit tests

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-05 12:51:22 -04:00
Matthew Dromazos
0df67fc7d0 New Skeletal Resource aws_s3_buckets (#2653)
* Initial commit of skeletal resource aws_s3_buckets
* Add fixes to documents
* Removes property 'creation_date' for there is no use case as of right now
* Rebases on master and moves aws_s3_buckets integration test to the correct location
* Adds test on unit test for false exists

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-05 12:49:30 -04:00
David Alexander
3b97e16b97 New Resource: Chocolatey Package (#2793)
* Adds chocolatey package resource
* Adds docs for chocolatey_package resource
* Differentiate chocolatey package from windows feature

Suggested by @frezbo

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2018-04-05 08:54:27 -04:00
Clinton Wolfe
fe591417f3 Wrong matcher name in example for aws_config_recorder (#2899)
* Wrong matcher name in example
* Remove spurious slash

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-03 09:17:50 -04:00
Paul Welch
27203110cd Add AWS hardware MFA matcher (#2892)
* Add AWS hardware MFA matcher
Adding a hardware as well as a virtual MFA matcher for aws_iam_root_user
resource

* Add New AWS Root Matcher Docs
- Add documentation for new root MFA matchers
- Fix logic for checking MFA devices from feedback on PR

* Add Integration tests for MFA matchers
- Add integration tests for virtual and hardware MFA matchers
- Clean up logic for has_virtual_mfa_enabled? method

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-04-03 09:13:52 -04:00
Franklin Webber
6665555a73 Fixes the two incorrect examples in the YAML doc (#2875)
Signed-off-by: Franklin Webber <franklin@chef.io>
2018-03-28 13:20:56 -04:00
Mo Shark
fc3f1708c4 Porting over the singular rds resource from the aws-inspec git repo (#2866)
Signed-off-by: HackerShark <melsharkawi@mitre.org>
2018-03-28 11:23:44 -04:00
Nathan Haneysmith
002a589871 fix logic in examples for password used (#2874)
Signed-off-by: Nathan Haneysmith <nathan@chef.io>
2018-03-26 15:42:56 -04:00
Matthew Dromazos
0cbe5b60e5 New Skeletal Resource aws_config_delivery_channel (#2641)
* Initial commit of new skeletal resource aws_config_delivery_channel
* Changes delivery_frequency to be an integer and names delivery_frequency_in_hours
* Adds more documentation and clarifies descriptions
* Wraps API call in the aws_catch_errors function
* Changes config bucket name to use dashes instead of underscores
* Updates on master and changes directory location of build and integration files
* Fix integration tests to only create one ConfigRecorder

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-26 14:03:23 -04:00
Matthew Dromazos
603bef6f29 New Skeletal Resource aws_kms_key (#2746)
* Initial commit of skeletal resource aws_kms_key
* * Adds comments to rerun travis
* * Clarifies some parts of the doc.
* Changes matcher have_aws_key_manager to manged_by_aws
* Fixes copypasta
* Adds clarification to property names
* Fixes rescueing exceptions from the api
* raises exceptions in the unit tests

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-23 08:29:45 -04:00
Matthew Dromazos
9077a7b17b New Skeletal Resource aws_sns_subscription (#2697)
* Initial commit of skeletal resource aws_sns_subscription
* Fixes errors in documentation
* Clarifies documentation
* Wraps calls to aws api in catch_aws_errors metho
* Fixes integration tests

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-22 13:38:40 -04:00
Matthew Dromazos
1bb565c708 New Skeletal Resource aws_sns_topics (#2696)
* Initial commit of skeletal resource aws_sns_topics
* Adds clarification in documentation
* Adds functionality for calling the next token returned from aws api.
* Wraps api calls in the catch_aws_errs method

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-22 12:55:23 -04:00
Paul Welch
a32a85eae5 Remove incorrect example from documentation (#2851)
Owner and mode are provided by the file resource, not ssh_config.

Fixes #2471

Co-authored-by: Trevor Bramble tbramble@chef.io
Co-authored-by: Paul Welch pwelch@chef.io

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-03-21 12:52:51 -04:00
Franklin Webber
87a28b56bb The resource is login_defs not login_def (#2845)
The main index is displaying the wrong resource name. The url to the resource
is not correct either. This should generate the correct entry and path in the
docs.

Signed-off-by: Franklin Webber <franklin@chef.io>
2018-03-20 13:01:34 -04:00
eramoto
a687479e6c Fix typo in some docs (#2841)
Also includes fixes such as PostgreSQL, TCPMUX, and etc.

Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
2018-03-20 08:43:30 -04:00
Matthew Dromazos
555de72912 Skelatal resource: aws_s3_bucket_object (#2620)
* Initial commit of new resource
* Makes changes to docs to match changes to the resources.
* Adds clarifications in docs and changes it to be an erb file.
* Simplifies some unit tests
* Wraps calls to the api in a aws_catch_errors method
* Removes provisioner terraform code

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-19 13:10:17 -04:00
Paul Welch
03edd0cd2b Add Info about nginx_conf param (#2831)
Add information about setting the path to the NGINX server configuration
file if it is not in the default path.

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-03-19 12:52:44 -04:00
Thomas Petchel
a48aea53c5 Add additional links to Learn Chef Rally content (#2477)
* Fix under construction page
Previously, the content was hidden behind the banner. The buttons also
did not contain horizontal spacing.

* Add links to Learn Chef Rally content.
I also corrected a few caplitalization issues and edited a few sentences for clarity.

* ssh => SSH
* Update Slack URL
Was pointing to Habitat by mistake.

Signed-off-by: Thomas Petchel <tpetchel@gmail.com>
2018-03-14 11:01:12 -04:00
Franklin Webber
bb538bfb5c Updates the os resource to use dot notation for family (#2807)
The dot notation is supported for family on the os resource. That is
by far easier to type out and use.

Also fixes that the platform names returned are Strings and not Symbols.

Signed-off-by: Franklin Webber <franklin@chef.io>
2018-03-12 13:02:48 -04:00
Miah Johnson
75f39e74f2 Refine deprecated methods to be consisten with supported fields in (#2801)
shadow file.

After much thought the deprecations from #2642 were for the wrong methods.

Plural method names feel much more natural when working with this
resource because you can have more than a single result.

Consider a match like `shadow.user(/^www/)`, this could return multiple
users, so `shadow.users` feels more natural here.

The problem is that the fields we're matching in the shadow file itself
are singular. Each entry is for a user, which has a password, and some
other fields. A user never has `passwords` in the shadow file, only a
`password`.

This is made more obvious when you use the `filter` method.

When we use this filter: `shadow.filter(min_days: 20, max_days: 30)` we
are matching fields in the shadow file and not using our matcher
methods. This means that if there is a discrepancy between our matcher
methods, and the shadow fields the user could end up confused. Like I did =)

This PR changes:

Changed matchers to match shadow fields.
Updated documentation to reflect changes.
Updated tests to reflect changes.
Re-add `filter` method, and add a test for it.
Renamed variable for FilterTable to be less confusing.
Renamed query argument for methods to be consistent.
Cleanup docs based on comments from @jerryaldrichiii
Make Rubocop happy <3

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-03-08 17:26:08 -05:00
Miah Johnson
f6db0e345a Update shadow resource to use FilterTable (#2642)
* Change shadow resource to use FilterTable rather than custom filter
implementation.

Add tests for singluar aliased methods and other minor changes to work
with FilterTable output.
Coverage is at 100%

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* merge master

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-03-07 15:31:30 +01:00
Louis Willcock
cd7f84f5e7 update docs to non-deprecated parameter syntax from name > username as per dep warnings (#2781)
Signed-off-by: JohnVonNeumann <louiswillcock@gmail.com>
2018-03-06 13:16:01 -05:00
Franklin Webber
c2f3dd4c61 Fixes docs for file example (#2552)
* Fixes docs for file example

* The version test should be a string
* There was a missing closing brace in the regex examples
* Some white-spaced got cleaned up
* I added the file name into the variable for the pg examples

Signed-off-by: Franklin Webber <franklin@chef.io>

* Updates docs file to use real postgre path

Signed-off-by: Franklin Webber <franklin@chef.io>

* Moves the 'real' example filepath to the describe

Signed-off-by: Franklin Webber <franklin@chef.io>
2018-03-06 19:00:26 +01:00
Nicholas Duffy
0853e12cc3 Fix AWS IAM access keys example (#2756)
There is no `created_age`. This should
be `created_days_ago`.

Signed-off-by: Nicholas Duffy <duffn@outlook.com>
2018-03-05 16:05:10 -05:00
Kimberly Garmoe
77ee77c557 Removes errant articles (#2775)
Signed-off-by: kagarmoe <kgarmoe@chef.io>
2018-03-02 22:53:01 -05:00
Aleksey Tsalolikhin
50e952701d Add cautionary note to include leading zero in file mode specifications (#2606)
Signed-off-by: Aleksey Tsalolikhin <aleksey@verticalsysadmin.com>
2018-03-02 13:47:46 -05:00
Kimberly Garmoe
01357e1e29 Kg/az fix (#2763)
* Fixes typo
* Remove unclear phrase

Signed-off-by: kagarmoe <kgarmoe@chef.io>
2018-03-02 09:18:01 -05:00
Kimberly Garmoe
d02ae42747 fixes ec2 reference (#2766)
Signed-off-by: kagarmoe <kgarmoe@chef.io>
2018-03-02 09:06:11 -05:00
Kimberly Garmoe
f4ea53c3a5 Kg/k module (#2626)
* Refactors kernel_module

Signed-off-by: kagarmoe <kgarmoe@chef.io>
2018-02-28 17:12:37 -05:00
Kimberly Garmoe
f7d7f63b02 WIP: Docker resource docs first commit (#2521)
* Docker resource docs
Signed-off-by: kgarmoe <kgarmoe@chef.io>
2018-02-28 16:44:11 -05:00
Matthew Dromazos
4394c5efc8 New Resource aws_config_recorder (#2635)
* Initial commit of new resource
* Removes deprecated matcher in example
* Adds a new terraform file for config resources
* Fixes and clarifies documentation
* Wraps calls to api in catch_aws_errors method
* Changes the names of two matchers

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-02-27 13:15:04 -05:00