aws_auto_scaling_group resource
Use the aws_auto_scaling_group
InSpec audit resource to test properties of a single AWS Auto Scaling group.
Ensure that an auto scaling group exists and has the correct scale sizes
describe aws_auto_scaling_group('MyAutoScalingGroup') do
it { should exist }
its('min_size') { should be 1}
its('max_size') { should be 4}
You may also use hash syntax to pass the auto scaling group name
describe aws_auto_scaling_group(name: 'MyAutoScalingGroup') do
it { should exist }
name (required)
This resource accepts a single parameter, the Auto Scaling Group Name which uniquely identifies the auto scaling group. This can be passed either as a string or as a name: 'value'
key-value entry in a hash.
See also the AWS documentation on Auto Scaling Group.
Property | Description |
min_size | An integer indicating the minimum number of instances in the auto scaling group |
maximum_size | An integer indicating the maximum number of instances in the auto scaling group |
desired_capacity | An integer indicating the desired number of instances in the auto scaling group |
launch_configuration_name | The name of the auto scaling launch configuration associated with the auto scaling group |
vpc_zone_identifier | An array of strings corresponding to the subnet IDs associated with the auto scaling group |
tags | An hash with each key-value pair corresponding to a tag associated with the entity |
Ensure that an auto scaling group has the correct desired capacity
describe aws_auto_scaling_group('MyAutoScalingGroup') do
it { should exist }
its('desired_capacity') { should be 2 }
Ensure that an auto scaling group has the correct Launch Configuration name and VPC identifier
describe aws_auto_scaling_group('MyAutoScalingGroup') do
it { should exist }
its('launch_configuration_name') { should eq 'MyLaunchConfiguration'}
its('vpc_zone_identifier') { should include 'subnet-1234'}
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our matchers page.
The control will pass if the describe returns at least one result.
Use should_not
to test the entity should not exist.
describe aws_auto_scaling_group('AnExistingASG') do
it { should exist }
describe aws_auto_scaling_group('ANonExistentASG') do
it { should_not exist }
AWS Permissions
Your Principal will need the autoscaling:Describe*
actions with Effect set to Allow. You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon Auto Scaling Groups.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.