search

aaronlippold / inspec-aws

InSpec for AWS (Incubation)
https://www.inspec.io/
Other
1 stars 1 forks source link

New Resource aws_kms_keys #34

Open rx294 opened 6 years ago

rx294 commented 6 years ago

Test AWS Key Management Service (KMS) keys In support for cis aws foundation control 2.8

Support tests such as 

  describe aws_kms_keys.where(KeyRotationEnabled: false) do
    it { should_not exist }
  end

AWS CLI

aws kms list-keys
{
    "Keys": [
        {
            "KeyArn": "arn:aws:kms:us-east-1:484747447281:key/806ba3cc-8638-4f9b-ad58-c8987f6c81e9",
            "KeyId": "806ba3cc-8638-4f9b-ad58-c8987f6c81e9"
        }
    ]
}
aws kms get-key-rotation-status --key-id 806ba3cc-8638-4f9b-ad58-c8987f6c81e9
{
    "KeyRotationEnabled": true
}
rx294 commented 6 years ago

Ref #165 https://github.com/chef/inspec-aws/issues/165