aws_cloudwatch_alarm resource

[edit on GitHub]

Use the aws_cloudwatch_alarm InSpec audit resource to test properties of a single CloudWatch Alarm.

If more than one Alarm matches, an error will be raised.

Syntax

Ensure an Alarm exists.

  aws_cloudwatch_alarm(metric_name: 'my-metric-name', metric_namespace: 'my-metric-namespace') do
    it { should exist }
  end

Parameters

metric_name (required)

The metric name used by this alarm. This must be passed as a metric_name: 'value' key-value entry in a hash.

metric_namespace (required)

The metric namespace used by this alarm. This must be passed as a metric_namespace: 'value' key-value entry in a hash.

dimensions (optional)

The dimensions associated with this alarm. This must be passed as an array of hashes dimensions: [{key:'value'}] .

Properties

Property Description
alarm_actions The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).
alarm_name The name of the alarm.
metric_name The name of the metric.
metric_namespace The namespace of the metric.

Examples

Ensure an Alarm has at least one alarm action

describe aws_cloudwatch_alarm(metric_name: 'my-metric-name', metric_namespace: 'my-metric-namespace') do
  its('alarm_actions') { should_not be_empty }
end

Ensure an Alarm with Dimensions exists

describe aws_cloudwatch_alarm(metric_name: 'my-metric-name', metric_namespace: 'my-metric-namespace', dimensions: [{key: 'value'}]) do
  it { should exist }
end

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our matchers page.

exist

The control will pass if the describe returns at least one result.

Use should_not to test the entity should not exist.

describe aws_cloudwatch_alarm(metric_name: 'good-metric', metric_namespace: 'my-metric-namespace') do
  it { should exist }
end

describe aws_cloudwatch_alarm(metric_name: 'bed-metric', metric_namespace: 'my-metric-namespace') do
  it { should_not exist }
end

AWS Permissions

Your Principal will need the cloudwatch:DescribeAlarmsForMetric action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon CloudWatch.

© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/aws_cloudwatch_alarm/