mirror of
https://github.com/inspec/inspec
synced 2025-01-25 03:15:37 +00:00
02e8e9cc9c
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
82 lines
2.5 KiB
Ruby
82 lines
2.5 KiB
Ruby
require "resource_support/aws/aws_singular_resource_mixin"
|
|
require "resource_support/aws/aws_backend_base"
|
|
require "aws-sdk-sns"
|
|
|
|
class AwsSnsSubscription < Inspec.resource(1)
|
|
name "aws_sns_subscription"
|
|
desc "Verifies settings for an SNS Subscription"
|
|
example <<~EXAMPLE
|
|
describe aws_sns_subscription('arn:aws:sns:us-east-1::test-topic-01:b214aff5-a2c7-438f-a753-8494493f2ff6') do
|
|
it { should_not have_raw_message_delivery }
|
|
it { should be_confirmation_authenticated }
|
|
its('owner') { should cmp '12345678' }
|
|
its('topic_arn') { should cmp 'arn:aws:sns:us-east-1::test-topic-01' }
|
|
its('endpoint') { should cmp 'arn:aws:sqs:us-east-1::test-queue-01' }
|
|
its('protocol') { should cmp 'sqs' }
|
|
end
|
|
EXAMPLE
|
|
|
|
supports platform: "aws"
|
|
|
|
include AwsSingularResourceMixin
|
|
attr_reader :arn, :owner, :raw_message_delivery, :topic_arn, :endpoint, :protocol,
|
|
:confirmation_was_authenticated, :aws_response
|
|
|
|
alias confirmation_authenticated? confirmation_was_authenticated
|
|
alias raw_message_delivery? raw_message_delivery
|
|
|
|
def has_raw_message_delivery?
|
|
raw_message_delivery
|
|
end
|
|
|
|
def to_s
|
|
"SNS Subscription #{@arn}"
|
|
end
|
|
|
|
private
|
|
|
|
def validate_params(raw_params)
|
|
validated_params = check_resource_param_names(
|
|
raw_params: raw_params,
|
|
allowed_params: [:subscription_arn],
|
|
allowed_scalar_name: :subscription_arn,
|
|
allowed_scalar_type: String
|
|
)
|
|
|
|
if validated_params.empty?
|
|
raise ArgumentError, "You must provide a subscription_arn to aws_sns_subscription."
|
|
end
|
|
|
|
validated_params
|
|
end
|
|
|
|
def fetch_from_api
|
|
backend = BackendFactory.create(inspec_runner)
|
|
catch_aws_errors do
|
|
|
|
aws_response = backend.get_subscription_attributes(subscription_arn: @subscription_arn).attributes
|
|
@exists = true
|
|
@owner = aws_response["Owner"]
|
|
@raw_message_delivery = aws_response["RawMessageDelivery"].eql?("true")
|
|
@topic_arn = aws_response["TopicArn"]
|
|
@endpoint = aws_response["Endpoint"]
|
|
@protocol = aws_response["Protocol"]
|
|
@confirmation_was_authenticated = aws_response["ConfirmationWasAuthenticated"].eql?("true")
|
|
rescue Aws::SNS::Errors::NotFound
|
|
@exists = false
|
|
return
|
|
|
|
end
|
|
end
|
|
|
|
class Backend
|
|
class AwsClientApi < AwsBackendBase
|
|
BackendFactory.set_default_backend self
|
|
self.aws_client_class = Aws::SNS::Client
|
|
|
|
def get_subscription_attributes(criteria)
|
|
aws_service_client.get_subscription_attributes(criteria)
|
|
end
|
|
end
|
|
end
|
|
end
|