| title | About the aws_vpn_connections Resource |
|---|---|
| platform | aws |
Use the aws_vpn_connections InSpec audit resource to test properties of all AWS VPN Connections.
Ensure that one or more VPN Connections exist.
describe aws_vpn_connections do
it { should exist }
end
This resource does not expect any parameters.
See also the AWS documentation on VPN Connections.
| Property | Description |
|---|---|
| vpn_connection_ids | This property provides all the IDs of the VPN Connections. |
| vpn_gateway_ids | This property provides all the IDs of the virtual private gateways associated with the VPN Connections. |
| outside_ip_addresses | This property provides the outside IP addresses of the VPN Connections. |
| tunnel_inside_cidrs | This property provides the tunnel inside cidrs of the VPN Connections. |
| states | This property provides the current state of the VPN Connections. |
| types | This property provides the current types of the VPN Connections. |
| tags | This property provids the current tags of the VPN Connections. |
describe aws_vpn_connections do
its('state.uniq') { should eq ['available'] }
end
describe aws_vpn_connections.where { tags["Name"] == "vpn-connection-example-123" } do
it { should exist }
its('count') { should be 3 }
end
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.
The control will pass if the describe returns at least one result.
Use should_not to test the entity should not exist.
describe aws_vpn_connections do
it { should exist }
end
describe aws_vpn_connections do
it { should_not exist }
end
Your Principal will need the ec2:DescribeVpnConnections action with Effect set to Allow.
You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon EC2.