-
Notifications
You must be signed in to change notification settings - Fork 71
/
Copy pathgoogle_kms_crypto_key.rb
40 lines (36 loc) · 2.26 KB
/
google_kms_crypto_key.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
title 'Test GCP google_kms_crypto_key resource.'
gcp_project_id = input(:gcp_project_id, value: 'gcp_project_id', description: 'The GCP project identifier.')
gcp_location = input(:gcp_location, value: 'gcp_location', description: 'GCP location')
gcp_kms_key_ring_policy_name = input(:gcp_kms_key_ring_policy_name, value: 'gcp_kms_key_ring_policy_name', description: 'Key ring name')
gcp_kms_crypto_key_name_policy = input(:gcp_kms_crypto_key_name_policy, value: 'gcp_kms_crypto_key_name_policy', description: 'Key name')
gcp_enable_privileged_resources = input(:gcp_enable_privileged_resources, value: 'gcp_enable_privileged_resources', description: 'If we are running tests with escalated permissions(required for this test)')
gcp_organization_id = input(:gcp_organization_id, value: gcp_organization_id, description: 'The identifier of the organization')
control 'google_kms_crypto_key-1.0' do
impact 1.0
title 'google_kms_crypto_key resource test'
only_if { gcp_enable_privileged_resources.to_i == 1 && gcp_organization_id != '' }
describe google_kms_crypto_key(project: gcp_project_id, location: gcp_location, key_ring_name: gcp_kms_key_ring_policy_name, name: gcp_kms_crypto_key_name_policy) do
it { should exist }
its('crypto_key_name') { should cmp gcp_kms_crypto_key_name_policy }
its('primary_state') { should eq "ENABLED" }
its('purpose') { should eq "ENCRYPT_DECRYPT" }
its('next_rotation_time') { should be > Time.now - 100000 }
its('create_time') { should be > Time.now - 365*60*60*24*10 }
end
describe google_kms_crypto_key(project: gcp_project_id, location: gcp_location, key_ring_name: gcp_kms_key_ring_policy_name, name: "nonexistent") do
it { should_not exist }
end
end