title | platform |
---|---|
About the aws_iam_account_alias Resource |
aws |
Use the aws_iam_account_alias
InSpec audit resource to test properties of the AWS IAM account alias.
An aws_iam_account_alias
resource block may be used to perform tests on details of the AWS account alias.
describe aws_iam_account_alias do
it { should exist }
end
This resource does not expect any parameters.
See also the AWS documentation on Account Aliases.
Property | Description |
---|---|
alias | String containing the Alias of the account. |
describe aws_iam_account_alias do
it { should_not exist }
end
describe aws_iam_account_alias do
it { should exist }
its('alias') { should match /^chef-/ }
end
The control will pass if the describe returns at least one result.
Use should_not
to test the entity should not exist.
describe aws_iam_account_alias do
it { should exist }
end
Your Principal will need the IAM:Client:ListAccountAliasesResponse
action with Effect set to Allow.