aws_vpn_connection Resource
Use the aws_vpn_connection
InSpec audit resource to test the properties of a single AWS VPN connection.
Installation
This resource is available in the Chef InSpec AWS resource pack.
See the Chef InSpec documentation on cloud platforms for information on configuring your AWS environment for InSpec and creating an InSpec profile that uses the InSpec AWS resource pack.
Syntax
An aws_vpn_connection
resource block declares the tests for a single AWS VPN connection by vpn_connection_id
.
describe aws_vpn_connection(vpn_connection_id: 'vpn-01234567') do
it { should exist }
end
The value of the vpn_connection_id
can be provided as a string.
describe aws_vpn_connection('vpn-01234567') do
it { should exist }
end
Parameters
The AWS VPN connection ID is required.
vpn_connection_id
(required)It can be passed either as a string or as a
vpn_connection_id: 'value'
key-value entry in a hash.
Properties
vpn_connection_id
- The identifier of the AWS VPN connection.
state
- The current state of the VPN connection. Possible values are:
pending
,available
,deleting
,deleted
. type
- The type of VPN connection that the VPN connection supports.
vpn_gateway_id
- The ID of the associated VPN.
tags
- All tags that are associated to the VPN connection.
There are also additional properties available. For a comprehensive list, see the API reference documentation.
Examples
Test that a VPN Connection is available.
describe aws_vpn_connection('vpn-01234567') do
its('status') { should eq 'available' }
end
Matchers
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.
exist
describe aws_vpn_connection('vpn-01234567') do
it { should exist }
end
VPN Gateway
describe aws_vpn_connection('vpn-01234567') do
its('vpn_gateway_id') { should eq 'vpc-0a510beed76210f2f'}
end
AWS Permissions
Your Principal will need the EC2:Client:DescribeVpnConnectionsResult
action with Effect
set to Allow
.
You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ElastiCache, and Actions, Resources, and Condition Keys for Identity And Access Management.
Was this page helpful?