aws_ec2_hosts Resource

Use the aws_ec2_hosts InSpec audit resource to test properties of multiple AWS EC2 host resources.

The AWS::EC2::host allocates a fully dedicated physical server for launching EC2 instances.

For additional information, including details on parameters and properties, see the AWS documentation on AWS EC2 host..

Install

This resource is available in the Chef InSpec AWS resource pack.

For information on configuring your AWS environment for Chef InSpec and creating an InSpec profile that uses the InSpec AWS resource pack, see the Chef InSpec documentation on the AWS cloud platform.

Syntax

Ensure that the host exists.

describe aws_ec2_hosts do
  it { should exist }
end

Parameters

This resource does not require any parameters.

Properties

auto_placements: Whether auto-placement is on or off.; Field: auto_placement
availability_zones: The Availability Zone of the Dedicated host.; Field: availability_zone
available_capacities: The number of instances that can be launched onto the Dedicated host depending on the host’s available capacity.; Field: available_instance_capacity
client_tokens: Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.; Field: client_token
host_ids: The ID of the Dedicated host.; Field: host_id
host_properties: The hardware specifications of the Dedicated host.; Field: host_properties
host_reservation_ids: The reservation ID of the Dedicated host.; Field: host_reservation_id
instances: The IDs and instance type that are currently running on the Dedicated host.; Field: instances
states: The Dedicated host’s state.; Field: state
allocation_times: The time that the Dedicated host was allocated.; Field: allocation_time
release_times: The time that the Dedicated host was released.; Field: release_time
tags: Any tags assigned to the Dedicated host.; Field: tags
host_recoveries: Indicates whether host recovery is enabled or disabled for the Dedicated host.; Field: host_recovery
allows_multiple_instance_types: Indicates whether the Dedicated host supports multiple instance types of the same instance family.; Field: allows_multiple_instance_types
owner_ids: The ID of the Amazon Web Services account that owns the Dedicated host.; Field: owner_id
availability_zone_ids: The ID of the Availability Zone in which the Dedicated host is allocated.; Field: availability_zone_id
member_of_service_linked_resource_groups: Indicates whether the Dedicated host is in a host resource group.; Field: member_of_service_linked_resource_group

Examples

Ensure a host is available.

describe aws_ec2_hosts do
  its('host_ids') { should include 'DEDICATED_HOST_ID' }
end

Ensure that the state is available.

describe aws_ec2_hosts do
    its('states') { should include 'available' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

The controls will pass if the describe method returns at least one result.

exist

Use should to test that the entity exists.

describe aws_ec2_hosts do
  it { should exist }
end

Use should_not to test the entity does not exist.

describe aws_ec2_hosts do
  it { should_not exist }
end

be_available

Use should to check if the entity is available.

describe aws_ec2_hosts do
  it { should be_available }
end

AWS Permissions

Your Principal will need the EC2:Client:DescribeHostsResult action with Effect set to Allow.