search

k1LoW / awspec

RSpec tests for your AWS resources.
MIT License
1.17k stars 192 forks source link

testing for s3 bucket server_side_encryption #436

Closed pmysore1 closed 5 years ago

pmysore1 commented 5 years ago

Hi, I am trying to test whether server side encryption enabled or not with below syntax. However it is failing.

describe s3_bucket("#{s3_bucket_name}") do it { should exist } it { should have_versioning_enabled } its('resource.server_side_encryption') { should eq 'aws:kms' } end

Failures:

1) s3_bucket 'xxxx-automation-xxxxxxxxxxxxxxxxx' resource.server_side_encryption Failure/Error: its('resource.server_side_encryption') { should eq 'aws:kms' }

 NoMethodError:
   undefined method `server_side_encryption' for #<Aws::S3::Bucket name="xxxxx-automation-xxxxxxxxxxx">
 # ./spec/s3_bucket_spec.rb:18:in `block (2 levels) in <top (required)>'

Looks like my syntax is correct. Can you please suggest the correct syntax to verify this. Thanks -Pradeep

troxil commented 5 years ago

This is due to the fact that awspec isn't calling out to appropriate S3 API to fetch that setting.

Syntactically it wouldn't have worked either because the resource wouldn't contain that attribute, this is as per AWS API.

The resolution will be to add in support for identifying the encryption details like there is for cors, versioning, logging and policies.

k1LoW commented 5 years ago

Thank you for your comment !!