search

inspec / inspec-aws

InSpec AWS Resource Pack https://www.inspec.io/
Other
136 stars 106 forks source link

Feature request: AWS Api Gateway support #36

Open safv12 opened 6 years ago

safv12 commented 6 years ago

🎛 Description

🙋 feature request

Hi every one, any plans for support AWS Api gateway in resources? Regards!

clintoncwolfe commented 6 years ago

We're always interested in finding out what people would like to see next. Can you give us some idea as to what sort of tests you'd like to do? If you could write a few examples of controls you'd like to be able to write, that would be perfect.

safv12 commented 6 years ago

I'm very new using inspec. I hope this examples helps to this feature request.

# Test API Gateway settings
describe aws_api_gateway('my_api_gateway_name') do
    it { should_exist }  # The api gateway should exist
    its('resources') { should include('resource1', 'resource2') } # Should contains this two resources
    its('stages') { should include('dev', 'prod') } # Should contains this two stages
    its('api_key_source') { should be 'HEADER' } # Validate the API key source
    its('content_encoding') { should be_active } # content encoding is active
end

The API Gateway contains resources and the resources has methods, I'm not sure how we can test the configuration for each resource's method. For example

clintoncwolfe commented 6 years ago

It's very helpful, thanks!

We might break things apart into multiple InSpec resources - have a aws_api_gateway_resource InSpec resource, for example.

safv12 commented 6 years ago

That sounds great! Thanks @clintoncwolfe.

soumyo13 commented 3 years ago

It is part of the feature roadmap.