title | platform |
---|---|
About the aws_ec2_vpc_peering_connections Resource |
aws |
Use the aws_ec2_vpc_peering_connections
InSpec audit resource to test properties of a plural AWS EC2 Network Interface Attachment.
The AWS::EC2::VPCPeeringConnection resource requests a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection.
Ensure that VPC Peering Connection ID exists.
describe aws_ec2_vpc_peering_connections do
it { should exist }
end
For additional information, see the AWS documentation on AWS EC2 VPC Peering Connection..
Property | Description | Field |
---|---|---|
accepter_vpc_infos | Information about the accepter VPC. CIDR block information is only returned when describing an active VPC peering connection. | accepter_vpc_info |
expiration_times | The time that an unaccepted VPC peering connection will expire. | expiration_time |
requester_vpc_infos | Information about the requester VPC. CIDR block information is only returned when describing an active VPC peering connection. | requester_vpc_info |
statuses | The status of the VPC peering connection. | status |
tags | Any tags assigned to the resource. | tags |
vpc_peering_connection_ids | The ID of the VPC peering connection. | vpc_peering_connection_id |
describe aws_ec2_vpc_peering_connections do
its('vpc_peering_connection_ids') { should include 'VPCPeeringConnectionID' }
end
describe aws_ec2_vpc_peering_connections do
its('statuses') { should_not be_empty }
end
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.
The controls will pass if the describe
method returns at least one result.
Use should
to test that the entity exists.
describe aws_ec2_vpc_peering_connections do
it { should exist }
end
Use should_not
to test the entity does not exist.
describe aws_ec2_vpc_peering_connections do
it { should_not exist }
end
Your Principal will need the EC2:Client:DescribeVpcPeeringConnectionsResult
action with Effect
set to Allow
.