aws_api_gateway_usage_plans resource
Use the aws_api_gateway_usage_plans
InSpec audit resource to test the properties of multiple AWS API Gateway usage plans. A usage plan sets a target for the throttling and quota limits on individual client API keys.
For additional information, including parameters and properties, see the AWS documentation on AWS APIGateway UsagePlan.
Installation
This resource is available in the Chef InSpec AWS resource pack.
See the Chef InSpec documentation on cloud platforms for information on configuring your AWS environment for InSpec and creating an InSpec profile that uses the InSpec AWS resource pack.
Syntax
Ensure that the usage plan exists.
describe aws_api_gateway_usage_plans do
it { should exist }
end
Parameters
This resource does not require any parameters.
Properties
ids
- The identifier of a usage plan resource.
Field:
id
names
- The name of a usage plan.
Field:
name
descriptions
- The description of a usage plan.
Field:
description
api_stages
- The associated API stages of a usage plan.
Field:
api_stages
throttles
- A map containing method level throttling information for the API stage in a usage plan.
Field:
throttle
quotas
- The maximum target number of permitted requests that the user can make within a given time interval
Field:
quota
product_codes
- The AWS Marketplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.
Field:
product_code
tags
- The collection of tags. Each tag element is associated with a given resource.
Field:
tags
Examples
Test to ensure a usage plan ID is available
describe aws_api_gateway_usage_plans do
its('ids') { should include 'USAGE_PLAN_ID' }
end
Test to ensure a usage plan name is available
describe aws_api_gateway_usage_plans do
its('names') { should include 'USAGE_PLAN_NAME' }
end
Matchers
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.
The control passes if the get
method returns at least one result.
exist
Use should
to test that the entity exists.
describe aws_api_gateway_usage_plans do
it { should exist }
end
Use should_not
to test that the entity does not exist.
describe aws_api_gateway_usage_plans do
it { should_not exist }
end
AWS Permissions
Your Principal will need the APIGateway:Client:UsagePlans
action with Effect
set to Allow
.
Was this page helpful?