Skip to main content

aws_region Resource

Use the aws_region InSpec audit resource to test properties of a single AWS region.

For additional information, including details on parameters and properties, see the AWS documentation on Regions.

Install

This resource is available in the Chef InSpec AWS resource pack.

For information on configuring your AWS environment for Chef InSpec and creating an InSpec profile that uses the InSpec AWS resource pack, see the Chef InSpec documentation on the AWS cloud platform.

Syntax

An aws_region resource block identifies an AWS region by ID. If no region is provided, the current default is used.

describe aws_region('eu-west-2') do
  it { should exist }
end
describe aws_region(region_name: 'us-east-1') do
  it { should exist }
end

Parameters

region_name (optional)

This resource accepts a single parameter, the region_name. This can be passed either as a string or as a region_name: 'value' key-value entry in a hash.

Properties

region_name
The Name of the region.
endpoint
The resolved endpoint of the region.

Examples

Test whether a region exists.

describe aws_region('region-not-real') do
  it { should_not exist }
end

Test the Region Endpoint.

describe aws_region(region_name: 'eu-west-2') do
  its('endpoint') { should eq 'ec2.eu-west-2.amazonaws.com' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

exist

The control will pass if the describe returns at least one result.

it { should exist }

AWS Permissions

Your Principal will need the EC2:Client:DescribeRegionsResult action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon EC2.

Edit this page on GitHub

Thank you for your feedback!

×











Search Results