Skip to main content

aws_vpn_connection Resource

[edit on GitHub]

Use the aws_vpn_connection InSpec audit resource to test the properties of a single AWS VPN connection.

Installation

This resource is available in the Chef InSpec AWS resource pack.

See the Chef InSpec documentation on cloud platforms for information on configuring your AWS environment for InSpec and creating an InSpec profile that uses the InSpec AWS resource pack.

Syntax

An aws_vpn_connection resource block declares the tests for a single AWS VPN connection by vpn_connection_id.

describe aws_vpn_connection(vpn_connection_id: 'vpn-01234567') do
  it { should exist }
end

The value of the vpn_connection_id can be provided as a string.

describe aws_vpn_connection('vpn-01234567') do
  it { should exist }
end

Parameters

The AWS VPN connection ID is required.

vpn_connection_id (required)

It can be passed either as a string or as a vpn_connection_id: 'value' key-value entry in a hash.

Properties

vpn_connection_id
The identifier of the AWS VPN connection.
state
The current state of the VPN connection. Possible values are: pending, available, deleting, deleted.
type
The type of VPN connection that the VPN connection supports.
vpn_gateway_id
The ID of the associated VPN.
tags
All tags that are associated to the VPN connection.

There are also additional properties available. For a comprehensive list, see the API reference documentation.

Examples

Test that a VPN Connection is available.

describe aws_vpn_connection('vpn-01234567') do
    its('status') { should eq 'available' }
end

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.

exist 

describe aws_vpn_connection('vpn-01234567') do
    it { should exist }
end

VPN Gateway 

describe aws_vpn_connection('vpn-01234567') do
    its('vpn_gateway_id') { should eq 'vpc-0a510beed76210f2f'}
end

AWS Permissions

Your Principal will need the EC2:Client:DescribeVpnConnectionsResult action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ElastiCache, and Actions, Resources, and Condition Keys for Identity And Access Management.

Was this page helpful?

×









Search Results