Skip to content

Latest commit

 

History

History
58 lines (37 loc) · 1.47 KB

aws_iam_account_alias.md

File metadata and controls

58 lines (37 loc) · 1.47 KB
title platform
About the aws_iam_account_alias Resource
aws

aws_iam_account_alias

Use the aws_iam_account_alias InSpec audit resource to test properties of the AWS IAM account alias.

Syntax

An aws_iam_account_alias resource block may be used to perform tests on details of the AWS account alias.

describe aws_iam_account_alias do
  it { should exist }
end

Parameters

This resource does not expect any parameters.

See also the AWS documentation on Account Aliases.

Properties

Property Description
alias String containing the Alias of the account.

Examples

Check that the account alias has not be set
  describe aws_iam_account_alias do
    it { should_not exist }
  end
Test if the account alias starts with expected prefix
  describe aws_iam_account_alias do
    it           { should exist }
    its('alias') { should match /^chef-/ }
  end

Matchers

exist

The control will pass if the describe returns at least one result.

Use should_not to test the entity should not exist.

describe aws_iam_account_alias do
  it { should exist }
end

AWS Permissions

Your Principal will need the IAM:Client:ListAccountAliasesResponse action with Effect set to Allow.