Skip to content
This repository has been archived by the owner on Nov 14, 2024. It is now read-only.

Commit

Permalink
Add documentations
Browse files Browse the repository at this point in the history 
Signed-off-by: jnahelou <nahelou.j@sfeir.com>
  • Loading branch information
@jnahelou
jnahelou authored and Stuart Paterson committed Nov 23, 2018
1 parent 4b07760 commit f0b9517
Show file tree
Hide file tree
Showing 2 changed files with 141 additions and 0 deletions.
69 changes: 69 additions & 0 deletions docs/resources/google_compute_vpn_tunnel.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
---
title: About the google_compute_vpn_tunnel Resource
platform: gcp
---

# google\_compute\_vpn\_tunnel

Use the `google_compute_vpn_tunnel` InSpec audit resource to test properties of a single GCP compute vpn_tunnel.

<br>

## Syntax

A `google_compute_vpn_tunnel` resource block declares the tests for a single GCP vpn_tunnel by project, region and name.

describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
it { should exist }
its('name') { should eq 'gcp-inspec-vpn-tunnel' }
its('region') { should match 'europe-west2' }
end

<br>

## Examples

The following examples show how to use this InSpec audit resource.

### Test that a GCP compute vpn_tunnel exists

describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
it { should exist }
end

### Test when a GCP compute vpn_tunnel was created

describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
its('creation_timestamp_date') { should be > Time.now - 365*60*60*24*10 }
end

### Test for an expected vpn_tunnel identifier

describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
its('id') { should eq 12345567789 }
end

### Test that a vpn_tunnel peer address is as expected

describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
its('peer_ip') { should eq "123.123.123.123" }
end

### Test that a vpn_tunnel status is as expected

describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn_tunnel') do
its('status') { should eq "ESTABLISHED" }
end

<br>

## Properties

* `creation_timestamp`, `description`, `detailed_status`, `id`, `ike_version`, `kind`, `local_traffic_selector`, `name`, `peer_ip`, `region`, `remote_traffic_selector`, `router`, `self_link`, `shared_secret`, `shared_secret_hash`, `status`, `target_vpn_gateway`

<br>


## GCP Permissions

Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the project where the resource is located.
72 changes: 72 additions & 0 deletions docs/resources/google_compute_vpn_tunnels.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
---
title: About the google_compute_vpn_tunnels Resource
platform: gcp
---

# google\_compute\_vpn\_tunnels

Use the `google_compute_vpn_tunnels` InSpec audit resource to test properties of all, or a filtered group of, GCP compute vpn_tunnels for a project and region.

<br>

## Syntax

A `google_compute_vpn_tunnels` resource block collects GCP vpn_tunnels by project and region, then tests that group.

describe google_compute_vpn_tunnels(project: 'chef-inspec-gcp', region: 'europe-west2') do
it { should exist }
end

Use this InSpec resource to enumerate IDs then test in-depth using `google_compute_vpn_tunnel`.

google_compute_vpn_tunnels(project: 'chef-inspec-gcp', region:'europe-west2').vpn_tunnel_names.each do |vpn_tunnel_name|
describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: vpn_tunnel_name) do
its('creation_timestamp_date') { should be > Time.now - 365*60*60*24*10 }
its('target_vpn_gateway') { should match /gateway_name/ }
its('remote_traffic_selector') { should include "0.0.0.0/0" }
its('status') { should_not eq "ESTABLISHED" }
end
end

<br>

## Examples

The following examples show how to use this InSpec audit resource.

### Test that there are no more than a specified number of vpn_tunnels available for the project and region

describe google_compute_vpn_tunnels(project: 'chef-inspec-gcp', region: 'europe-west2') do
its('count') { should be <= 100}
end

### Test that an expected vpn_tunnel name is available for the project and region

describe google_compute_vpn_tunnels(project: 'chef-inspec-gcp', region: 'europe-west2') do
its('vpn_tunnel_names') { should include "vpn_tunnel-name" }
end

### Test that an expected vpn_tunnel target_vpn_gateways name is not present for the project and region

describe google_compute_vpn_tunnels(project: 'chef-inspec-gcp', region: 'europe-west2') do
its('vpn_tunnel_target_vpn_gateways') { should not include "gateway-name" }
end


<br>

## Filter Criteria

This resource supports the following filter criteria: `vpn_tunnel_name` and `vpn_tunnel_target_vpn_gateway`. Any of these may be used with `where`, as a block or as a method.

## Properties

* `vpn_tunnel_names` - an array of google_compute_vpn_tunnel name strings
* `vpn_tunnel_target_vpn_gateway` - an array of google_compute_target_vpn_gateway name strings

<br>


## GCP Permissions

Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the project where the resource is located.

0 comments on commit f0b9517

Please sign in to comment.