awspec 
RSpec tests for your AWS resources.
Installation
Add this line to your application's Gemfile:
gem 'awspec'
And then execute:
$ bundle
Or install it yourself as:
$ gem install awspec
Getting Started
STEP 1. Generate awspec init files
If you're starting on a fresh RSpec project, you can use awspec to generate your init files:
$ awspec init
If you're working on an exisitng RSpec project, you will need to add the following lines to your spec_helper.rb file:
require 'awspec'
Awsecrets.load(secrets_path: File.expand_path('./secrets.yml', File.dirname(__FILE__)))
STEP 2. Set AWS config
2-1. Use Shared Credentials like AWS CLI
$ aws configure
...
2-2. Use secrets.yml
$ cat <<EOF > spec/secrets.yml
region: ap-northeast-1
aws_access_key_id: XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
EOF
STEP 3. Write spec/*_spec.rb
require 'spec_helper'
describe ec2('my-ec2-tag-name') do
it { should be_running }
its(:instance_id) { should eq 'i-ec12345a' }
its(:image_id) { should eq 'ami-abc12def' }
its(:public_ip_address) { should eq '123.0.456.789' }
it { should have_security_group('my-security-group-name') }
it { should belong_to_vpc('my-vpc') }
it { should belong_to_subnet('subnet-1234a567') }
it { should have_eip('123.0.456.789') }
it { should be_disabled_api_termination }
end
Using shared_context: region
require 'spec_helper'
describe sqs('my-sqs-queue'), region: 'us-west-2' do
it { should exist }
its(:queue_url) { should eq 'https://sqs.us-west-2.amazonaws.com/xxxxxxxxxxxx/my-sqs-queue' }
its(:queue_arn) { should eq 'arn:aws:sqs:us-west-2:xxxxxxxxxxxx:my-sqs-queue' }
its(:visibility_timeout) { should eq '30' }
its(:maximum_message_size) { should eq '256000' }
its(:message_retention_period) { should eq '86400' }
its(:delay_seconds) { should eq '0' }
its(:receive_message_wait_time_seconds) { should eq '10' }
end
Using terraform outputs as identifier
Especially in cases, where resources created by terraform have the same names (e.g. created by VPC module), it is helpful to use terraform outputs as unique identifiers.
output "my_ec2_instance" {
value = aws_instance.my_instance.id
}
require 'spec_helper'
my_ec2_instance = `terraform output my_ec2_instance`.strip
describe ec2(my_ec2_instance) do
it { should be_running }
its(:image_id) { should eq 'ami-abc12def' }
its(:public_ip_address) { should eq '123.0.456.789' }
it { should have_security_group('my-security-group-name') }
it { should belong_to_vpc('my-vpc') }
it { should belong_to_subnet('subnet-1234a567') }
it { should have_eip('123.0.456.789') }
it { should be_disabled_api_termination }
end
STEP 4. Run tests
Add gem "rake" in your Gemfile if you are starting a blank project.
$ bundle exec rake spec
Advanced Tips: Spec generate command
Generate spec from AWS resources already exists.
$ awspec generate ec2 vpc-ab123cde >> spec/ec2_spec.rb
Make sure you have added in your spec file
require 'spec_helper'
Advanced Tips: Use Shared Credentials (~/.aws/config ~/.aws/credentials)
$ awspec generate ec2 vpc-ab123cde --profile mycreds
$ AWS_PROFILE=mycreds bundle exec rake spec
Support AWS Resources
Resource Types information here
awspec AWS key/secrets precedence
Dependent on awsecrets.
References
awspec is inspired by Serverspec.
- Original idea (code / architecture) -> Serverspec
AWS + Serverspecoriginal concept -> https://github.com/marcy-terui/awspec- Serverspec book