aws_ssm_parameters resource
Use the aws_ssm_parameters InSpec audit resource to test properties of a collection of AWS SSM parameters.
Syntax
Ensure you have exactly 3 SSM Parameters
describe aws_ssm_parameters do
its('names.count') { should cmp 3 }
end
Parameters
This resource does not expect any parameters.
See also the AWS documentation on SSM.
Properties
| Property | Description |
|---|---|
| names | Provides the name of the parameter. |
| types | Provides the type of the parameter. |
| key_ids | Provides the key id of the parameter. |
| last_modified_dates | Provides the date the parameter was last changed or updated and the parameter version was created. |
| last_modified_users | Provides the user that last changed or updated the parameter. |
| descriptions | Provides the description of the parameter. |
| versions | Provides the version of the parameter. |
| tiers | Provides the tier of the parameter. |
For a comprehensive list of properties available, see the API reference documentation
Examples
Ensure Name of a SSM Parameter exists
describe aws_ssm_parameters do
its('names') { should include 'ssm-parameter-name' }
end
Matchers
For a full list of available matchers, please visit our Universal Matchers page.
exist
The control will pass if the describe returns at least one result.
Use should_not to test the entity should not exist.
describe aws_ssm_parameters.where( <property>: <value> ) do
it { should exist }
end
describe aws_ssm_parameters.where( <property>: <value> ) do
it { should_not exist }
end
AWS Permissions
Your Principal will need the ssm:DescribeParameters action with Effect set to Allow.
You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon Systems Manager.
Was this page helpful?