mirror of
https://github.com/inspec/inspec
synced 2024-11-23 21:23:29 +00:00
033bc13aa0
* Add aws_iam_users Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Adding Filter table and Collect User Details to aws_iam_users.rb Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Get an aws_iam_users integration test to pass Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Fix RuboCop issues and tests Signed-off-by: Chris Redekop <chris.redekop@d2l.com> * Improving code based on PR feedback Signed-off-by: Chris Redekop <chris.redekop@d2l.com>
51 lines
1.2 KiB
Ruby
51 lines
1.2 KiB
Ruby
# author: Alex Bedley
|
|
# author: Steffanie Freeman
|
|
# author: Simon Varlow
|
|
# author: Chris Redekop
|
|
class AwsIamUsers < Inspec.resource(1)
|
|
name 'aws_iam_users'
|
|
desc 'Verifies settings for AWS IAM users'
|
|
example '
|
|
describe aws_iam_users.where(has_mfa_enabled?: false) do
|
|
it { should_not exist }
|
|
end
|
|
|
|
describe aws_iam_users.where(has_console_password?: true) do
|
|
it { should exist }
|
|
end
|
|
'
|
|
|
|
filter = FilterTable.create
|
|
filter.add_accessor(:where)
|
|
.add_accessor(:entries)
|
|
.add(:exists?) { |x| !x.entries.empty? }
|
|
filter.connect(self, :collect_user_details)
|
|
|
|
def initialize(aws_user_provider = AwsIam::UserProvider.new,
|
|
user_factory = AwsIamUserFactory.new)
|
|
@user_provider = aws_user_provider
|
|
@user_factory = user_factory
|
|
end
|
|
|
|
def collect_user_details
|
|
@users_cache ||= @user_provider.list_users unless @user_provider.nil?
|
|
end
|
|
|
|
def users
|
|
users = []
|
|
users ||= @user_provider.list_users unless @user_provider.nil?
|
|
users.map { |user|
|
|
@user_factory.create_user(user)
|
|
}
|
|
end
|
|
|
|
def to_s
|
|
'IAM Users'
|
|
end
|
|
|
|
class AwsIamUserFactory
|
|
def create_user(user)
|
|
AwsIamUser.new(user: user)
|
|
end
|
|
end
|
|
end
|