aws_billing_reports

Use the aws_billing_reports InSpec audit resource to test properties of a some or all AWS Cost and Billing reports.


Syntax

# Verify the number of Billing Reports in the AWS account. describe awsbillingreports do its(‘count’) { should cmp 2 } end

# Use the .where clause to match a property to one or more rules in the available reports. describe awsbillingreports.where { reportname =~ /inspec.*/ } do its(‘reportnames’) { should include ‘inspec1’ } its(‘timeunits’) { should include ‘DAILY’ } its(‘s3buckets’) { should include ‘inspec1-s3-bucket’ } end

Properties

report_names, time_units, compressions, s3_buckets, s3_prefixs, s3_regions


Propery Examples

report_names

A list of the names of the reports matched by the query.

describe aws_billing_reports do
  its('report_names') { should include 'myreport' }
end

time_units

A list of the time intervals of the reports matched by the query. Valid values: hourly or daily. This list is de-duplicated, so its count may not match the query count.

describe aws_billing_reports do
  its('time_units') { should_not include 'hourly' }
end

compressions

A list of the compression types of the reports matched by the query. Valid values: zip, or gzip. This list is de-duplicated, so its count may not match the query count.

describe aws_billing_reports do
  its('compressions') { should_not include 'zip' }
end

s3_buckets

A list of the S3 buckets the reports matched by the query are stored in. This list is de-duplicated, so its count may not match the query count.

describe aws_billing_reports do
  its('s3_buckets') { should include 'some-s3-bucket'] }
end

s3_prefixes

A list of the S3 prefixes (analogous to a directory on a filesystem) that the reports matched by the query are stored in. This list is de-duplicated, so its count may not match the query count.

describe aws_billing_reports do
  its('s3_prefixes') { should include '/my/path/here' }
end

s3_regions

A list of the S3 regions that reports matched by the query are stored in. This list is de-duplicated, so its count may not match the query count.

describe aws_billing_reports do
  its('s3_regions') { should_not include 'us-west-1' }
end

Matchers

For a full list of available matchers, please visit our matchers page.

exist

Indicates that the query matched at least one report. Use should_not to test for Billing Reports that should not exist.

# Verify that at least one Billing Report exists. describe awsbillingreports it { should exist } end