Skip to content

Commit

Permalink
Add disabled control for GCP organization resource
Browse files Browse the repository at this point in the history
  • Loading branch information
walterdolce committed Feb 21, 2019
1 parent 8af4d77 commit b5bb1e8
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions test/integration/verify/controls/google_organizations.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
title 'Test GCP Organizations'

gcp_organization_id = attribute(:gcp_organization_id, default: '', description: 'The GCP organization identifier.')
gcp_organization_display_name = attribute(:gcp_organization_display_name, default: '', description: 'The GCP organization display name.')
gcp_enable_privileged_resources = attribute(:gcp_enable_privileged_resources,default:0,description:'Flag to enable privileged resources requiring elevated privileges in GCP.')

control 'gcp-organizations-loop-1.0' do

only_if { gcp_enable_privileged_resources.to_i == 1 }
impact 1.0
title 'Ensure organizations have the correct properties in bulk.'

describe google_organizations do
it { should exist }
its('names'){ should include "organizations/#{gcp_organization_id}" }
its('display_names'){ should include gcp_organization_display_name }
its('lifecycle_state'){ should include 'ACTIVE' }
end
end

0 comments on commit b5bb1e8

Please sign in to comment.