mattray/scratch.md

## scratch.md

      
    Raw
  

              scratch.md
            
          
    $ ./bin/build_demo.sh aws a2 'Tuesday' mattray-apac 12 'mray' 'Sales' 'APAC'
Creating aws a2 demo...
{
"StackId": "arn:aws:cloudformation:us-west-2:496323866215:stack/mray-Tuesday-Chef-Demo-20180626T052147Z/d373c260-7900-11e8-8f50-02fa8eda759c"
}
$ cd -
/Users/mray/ws/inspec-iggy
$ inspec cloudformation generate -t test/bjc-demo-aws-a2.json -s mray-Tuesday-Chef-Demo-20180626T052147Z
encoding: utf-8


awsclient = Aws::CloudFormation::Client.new()
cfn = awsclient.list_stack_resources({ stack_name: "mray-Tuesday-Chef-Demo-20180626T052147Z" }).to_hash
resources = {}
cfn[:stack_resource_summaries].each { |r| resources[r[:logical_resource_id]] = r[:physical_resource_id] }
title "/Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json controls generated by Iggy v0.2.0"
control "aws_subnet::SubnetAutomate" do
title "Iggy bjc-demo-aws-a2.json aws_subnet::SubnetAutomate"
desc  "
aws_subnet::SubnetAutomate from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_subnet(resources["SubnetAutomate"]) do
it { should exist }
its("vpc_id") { should eq resources["VPC"] }
its("cidr_block") { should eq "172.31.54.0/24" }
end
end
control "aws_subnet::SubnetProd" do
title "Iggy bjc-demo-aws-a2.json aws_subnet::SubnetProd"
desc  "
aws_subnet::SubnetProd from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_subnet(resources["SubnetProd"]) do
it { should exist }
its("vpc_id") { should eq resources["VPC"] }
its("cidr_block") { should eq "172.31.62.0/24" }
end
end
control "aws_subnet::SubnetWorkstations" do
title "Iggy bjc-demo-aws-a2.json aws_subnet::SubnetWorkstations"
desc  "
aws_subnet::SubnetWorkstations from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_subnet(resources["SubnetWorkstations"]) do
it { should exist }
its("vpc_id") { should eq resources["VPC"] }
its("cidr_block") { should eq "172.31.10.0/24" }
end
end
control "aws_route_table::RouteTable" do
title "Iggy bjc-demo-aws-a2.json aws_route_table::RouteTable"
desc  "
aws_route_table::RouteTable from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_route_table(resources["RouteTable"]) do
it { should exist }
end
end
control "aws_ec2_instance::WindowsWorkstation1" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::WindowsWorkstation1"
desc  "
aws_ec2_instance::WindowsWorkstation1 from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["WindowsWorkstation1"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "c4.large" }
its("image_id") { should eq "ami-ba6e1bc2" }
end
end
control "aws_ec2_instance::BuildNode1" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::BuildNode1"
desc  "
aws_ec2_instance::BuildNode1 from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["BuildNode1"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-cb6f1ab3" }
end
end
control "aws_ec2_instance::BuildNode2" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::BuildNode2"
desc  "
aws_ec2_instance::BuildNode2 from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["BuildNode2"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-3c6d1844" }
end
end
control "aws_ec2_instance::BuildNode3" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::BuildNode3"
desc  "
aws_ec2_instance::BuildNode3 from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["BuildNode3"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-4b6f1a33" }
end
end
control "aws_ec2_instance::delivered" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::delivered"
desc  "
aws_ec2_instance::delivered from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["delivered"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-676f1a1f" }
end
end
control "aws_ec2_instance::ecomacceptance" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::ecomacceptance"
desc  "
aws_ec2_instance::ecomacceptance from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["ecomacceptance"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-de6c19a6" }
end
end
control "aws_ec2_instance::rehearsal" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::rehearsal"
desc  "
aws_ec2_instance::rehearsal from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["rehearsal"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-846c19fc" }
end
end
control "aws_ec2_instance::union" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::union"
desc  "
aws_ec2_instance::union from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["union"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "m4.large" }
its("image_id") { should eq "ami-1f621767" }
end
end
control "aws_ec2_instance::Chef" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::Chef"
desc  "
aws_ec2_instance::Chef from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["Chef"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "c4.xlarge" }
its("image_id") { should eq "ami-3e6f1a46" }
end
end
control "aws_ec2_instance::Automate" do
title "Iggy bjc-demo-aws-a2.json aws_ec2_instance::Automate"
desc  "
aws_ec2_instance::Automate from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_ec2_instance(resources["Automate"]) do
it { should exist }
it { should be_running }
its("instance_type") { should eq "c4.xlarge" }
its("image_id") { should eq "ami-437f0e3b" }
end
end
control "aws_security_group::DemoSecurityGroup" do
title "Iggy bjc-demo-aws-a2.json aws_security_group::DemoSecurityGroup"
desc  "
aws_security_group::DemoSecurityGroup from the source file /Users/mray/ws/inspec-iggy/test/bjc-demo-aws-a2.json
Generated by Iggy v0.2.0
"
impact 1.0
describe aws_security_group(resources["DemoSecurityGroup"]) do
it { should exist }
its("vpc_id") { should eq resources["VPC"] }
end
end
$ inspec cloudformation generate -t test/bjc-demo-aws-a2.json -s mray-Tuesday-Chef-Demo-20180626T052147Z > test.rb
$ inspec exec test.rb -t aws://us-west-2
Profile: tests from test.rb (tests from test.rb)
Version: (not specified)
Target:  aws://us-west-2
✔  aws_subnet::SubnetAutomate: Iggy bjc-demo-aws-a2.json aws_subnet::SubnetAutomate
✔  VPC Subnet subnet-54dc910e should exist
✔  VPC Subnet subnet-54dc910e vpc_id should eq "vpc-58342a21"
✔  VPC Subnet subnet-54dc910e cidr_block should eq "172.31.54.0/24"
✔  aws_subnet::SubnetProd: Iggy bjc-demo-aws-a2.json aws_subnet::SubnetProd
✔  VPC Subnet subnet-b0c18cea should exist
✔  VPC Subnet subnet-b0c18cea vpc_id should eq "vpc-58342a21"
✔  VPC Subnet subnet-b0c18cea cidr_block should eq "172.31.62.0/24"
✔  aws_subnet::SubnetWorkstations: Iggy bjc-demo-aws-a2.json aws_subnet::SubnetWorkstations
✔  VPC Subnet subnet-dac38e80 should exist
✔  VPC Subnet subnet-dac38e80 vpc_id should eq "vpc-58342a21"
✔  VPC Subnet subnet-dac38e80 cidr_block should eq "172.31.10.0/24"
✔  aws_route_table::RouteTable: Iggy bjc-demo-aws-a2.json aws_route_table::RouteTable
✔  Route Table rtb-34ca3e4f should exist
✔  aws_ec2_instance::WindowsWorkstation1: Iggy bjc-demo-aws-a2.json aws_ec2_instance::WindowsWorkstation1
✔  EC2 Instance i-0f3984806582700af should exist
✔  EC2 Instance i-0f3984806582700af should be running
✔  EC2 Instance i-0f3984806582700af instance_type should eq "c4.large"
✔  EC2 Instance i-0f3984806582700af image_id should eq "ami-ba6e1bc2"
✔  aws_ec2_instance::BuildNode1: Iggy bjc-demo-aws-a2.json aws_ec2_instance::BuildNode1
✔  EC2 Instance i-000a76d71c7820af4 should exist
✔  EC2 Instance i-000a76d71c7820af4 should be running
✔  EC2 Instance i-000a76d71c7820af4 instance_type should eq "m4.large"
✔  EC2 Instance i-000a76d71c7820af4 image_id should eq "ami-cb6f1ab3"
✔  aws_ec2_instance::BuildNode2: Iggy bjc-demo-aws-a2.json aws_ec2_instance::BuildNode2
✔  EC2 Instance i-072b717aaf19269c5 should exist
✔  EC2 Instance i-072b717aaf19269c5 should be running
✔  EC2 Instance i-072b717aaf19269c5 instance_type should eq "m4.large"
✔  EC2 Instance i-072b717aaf19269c5 image_id should eq "ami-3c6d1844"
✔  aws_ec2_instance::BuildNode3: Iggy bjc-demo-aws-a2.json aws_ec2_instance::BuildNode3
✔  EC2 Instance i-0bddceb1f4b0d40bd should exist
✔  EC2 Instance i-0bddceb1f4b0d40bd should be running
✔  EC2 Instance i-0bddceb1f4b0d40bd instance_type should eq "m4.large"
✔  EC2 Instance i-0bddceb1f4b0d40bd image_id should eq "ami-4b6f1a33"
✔  aws_ec2_instance::delivered: Iggy bjc-demo-aws-a2.json aws_ec2_instance::delivered
✔  EC2 Instance i-0d62db121665171ce should exist
✔  EC2 Instance i-0d62db121665171ce should be running
✔  EC2 Instance i-0d62db121665171ce instance_type should eq "m4.large"
✔  EC2 Instance i-0d62db121665171ce image_id should eq "ami-676f1a1f"
✔  aws_ec2_instance::ecomacceptance: Iggy bjc-demo-aws-a2.json aws_ec2_instance::ecomacceptance
✔  EC2 Instance i-0ac29cdf3a5f1b272 should exist
✔  EC2 Instance i-0ac29cdf3a5f1b272 should be running
✔  EC2 Instance i-0ac29cdf3a5f1b272 instance_type should eq "m4.large"
✔  EC2 Instance i-0ac29cdf3a5f1b272 image_id should eq "ami-de6c19a6"
✔  aws_ec2_instance::rehearsal: Iggy bjc-demo-aws-a2.json aws_ec2_instance::rehearsal
✔  EC2 Instance i-0d8b22fab6bd8f6ac should exist
✔  EC2 Instance i-0d8b22fab6bd8f6ac should be running
✔  EC2 Instance i-0d8b22fab6bd8f6ac instance_type should eq "m4.large"
✔  EC2 Instance i-0d8b22fab6bd8f6ac image_id should eq "ami-846c19fc"
✔  aws_ec2_instance::union: Iggy bjc-demo-aws-a2.json aws_ec2_instance::union
✔  EC2 Instance i-0d970506d4af57140 should exist
✔  EC2 Instance i-0d970506d4af57140 should be running
✔  EC2 Instance i-0d970506d4af57140 instance_type should eq "m4.large"
✔  EC2 Instance i-0d970506d4af57140 image_id should eq "ami-1f621767"
✔  aws_ec2_instance::Chef: Iggy bjc-demo-aws-a2.json aws_ec2_instance::Chef
✔  EC2 Instance i-0b62377f67233b404 should exist
✔  EC2 Instance i-0b62377f67233b404 should be running
✔  EC2 Instance i-0b62377f67233b404 instance_type should eq "c4.xlarge"
✔  EC2 Instance i-0b62377f67233b404 image_id should eq "ami-3e6f1a46"
✔  aws_ec2_instance::Automate: Iggy bjc-demo-aws-a2.json aws_ec2_instance::Automate
✔  EC2 Instance i-0a545cb06b066160f should exist
✔  EC2 Instance i-0a545cb06b066160f should be running
✔  EC2 Instance i-0a545cb06b066160f instance_type should eq "c4.xlarge"
✔  EC2 Instance i-0a545cb06b066160f image_id should eq "ami-437f0e3b"
✔  aws_security_group::DemoSecurityGroup: Iggy bjc-demo-aws-a2.json aws_security_group::DemoSecurityGroup
✔  EC2 Security Group sg-76392907 should exist
✔  EC2 Security Group sg-76392907 vpc_id should eq "vpc-58342a21"
Profile Summary: 15 successful controls, 0 control failures, 0 controls skipped
Test Summary: 52 successful, 0 failures, 0 skipped