aws_waf_sql_injection_match_sets resource
Use the aws_waf_sql_injection_match_sets Chef InSpec audit resource to test the properties of multiple AWS WAF SqlInjectionMatchSet objects.
For additional information, including details on parameters and properties, see the AWS documentation on the AWS::WAF::SqlInjectionMatchSet resource.
Syntax
Ensure that a SqlInjectionMatchSet object exists.
describe aws_waf_sql_injection_match_sets do
it { should exist }
end
Parameters
This resource does not require any parameters.
Properties
sql_injection_match_set_ids- A unique identifier for a
SqlInjectionMatchSet. Field:
sql_injection_match_set_idnames- The name of the
SqlInjectionMatchSet. Field:
name
Examples
Ensure an injection match set is available:
describe aws_waf_sql_injection_match_sets do
its('sql_injection_match_set_ids') { should include 'SQL_INJECTION_MATCH_SET_ID' }
end
Ensure an injection match set is available:
describe aws_waf_sql_injection_match_sets do
its('names') { should include 'SQL_INJECTION_MATCH_SET_NAME' }
end
Matchers
For a full list of available matchers, see our Universal Matchers page.The controls will pass if the list method returns at least one result.
exist
Use should to test that the entity exists.
describe aws_waf_sql_injection_match_sets do
it { should exist }
end
Use should_not to test the entity does not exist.
describe aws_waf_sql_injection_match_sets do
it { should_not exist }
end
be_available
Use should to check if the entity is available.
describe aws_waf_sql_injection_match_sets do
it { should be_available }
end
AWS Permissions
Your AWS principal will need the WAF:Client:ListSqlInjectionMatchSetsResponse action with Effect set to Allow.