aws_region resource
Use the aws_region InSpec audit resource to test properties of a single AWS region.
For additional information, including details on parameters and properties, see the AWS documentation on Regions.
Syntax
An aws_region resource block identifies an AWS region by ID. If no region is provided, the current default is used.
describe aws_region('eu-west-2') do
it { should exist }
end
describe aws_region(region_name: 'us-east-1') do
it { should exist }
end
Parameters
region_name(optional)This resource accepts a single parameter, the region_name. This can be passed either as a string or as a
region_name: 'value'key-value entry in a hash.
Properties
region_name- The Name of the region.
endpoint- The resolved endpoint of the region.
Examples
Test whether a region exists:
describe aws_region('region-not-real') do
it { should_not exist }
end
Test the Region Endpoint:
describe aws_region(region_name: 'eu-west-2') do
its('endpoint') { should eq 'ec2.eu-west-2.amazonaws.com' }
end
Matchers
For a full list of available matchers, see our Universal Matchers page.This resource has the following special matchers.
exist
The control will pass if the describe returns at least one result.
it { should exist }
AWS Permissions
Your AWS principal will need the EC2:Client:DescribeRegionsResult action with Effect set to Allow.
You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon EC2.