aws_sns_topics

Use the aws_sns_topics InSpec audit resource to test all or a group of the SNS Topic ARNs in an account.

User the ‘awssnstopic’ InSpec audit resource to test a single SNS Topic in an account.


Availability

Installation

This resource is distributed along with InSpec itself. You can use it automatically.

Version

This resource first became available in v2.1.10 of InSpec.

Syntax

An aws_sns_topics resource block takes no filter conditions.

# Get all SNS Topic arns
describe aws_sns_topics do
  its('topic_arns') { should include 'arn:aws:sns:us-east-1:333344445555:MyTopic' }
end


Examples

The following examples show how to use this InSpec audit resource.

As this is the initial release of aws_sns_topics, its limited functionality precludes examples.


Matchers

exists

The control will pass if the filter returns at least one result. Use should_not if you expect zero matches.

# Test if there is any SNS Topics
describe aws_sns_topics
  it { should exist }
end

Properties

topic_arns

Provides an array of all SNS Topic arns.

# Test that a specific SNS Topic exists
describe aws_sns_topics do
  its('topic_arns') { should include 'arn:aws:sns:us-east-1:333344445555:MyTopic' }
end

AWS Permissions

Your Principal will need the sns:ListTopics action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon SNS.