Skip to content

Latest commit

 

History

History
59 lines (37 loc) · 1.61 KB

google_organization.md

File metadata and controls

59 lines (37 loc) · 1.61 KB
Raw
title platform
About the google_organization Resource
gcp

google_organization

Use the google_organization InSpec audit resource to test properties of a GCP organization.


Syntax

Google organization have a name, display name (or domain) and lifecycle state. For more info, please see here.

A google_organization resource block declares the tests for a single GCP organization identified by display_name or name:

describe google_organization(display_name: 'google.com') do
  it { should exist }
  its('name') { should eq 'organizations/1234'  }
  its('display_name') { should eq 'google.com' }
end

describe google_organization(name: 'organizations/1234') do
  it { should exist }
  its('name') { should eq 'google.com'  }
  its('lifecycle_state') { should eq 'ACTIVE' }
end

Examples

The following examples show how to use this InSpec audit resource.

Test that a GCP organization has the expected name

describe google_organization(name: 'organizations/1234') do
  its('name') { should eq 'organizations/1234' }
end

Test that a GCP organization has the expected lifecycle state e.g. "ACTIVE"

describe google_organization(display_name: 'google.com') do
  its('lifecycle_state') { should eq "ACTIVE" }
end

Properties

  • name, display_name, lifecycle_state

GCP Permissions

Ensure the Cloud Resource Manager API is enabled for the project.