Skip to main content

alicloud_apsaradb_rds_instances Resource

Use the alicloud_apsaradb_rds_instances InSpec audit resource to test properties of a collection of ApsaraDB RDS instances.

ApsaraDB RDS supports the MySQL, SQL Server, PostgreSQL, PPAS (highly compatible with Oracle) and MariaDB database engines.

Syntax

Ensure you have exactly 3 instances.

describe alicloud_apsaradb_rds_instances do
  its('db_instance_ids.count') { should cmp 3 }
end

Parameters

This resource does not require any parameters.

Properties

db_instance_ids
The unique IDs of the ApsaraDB RDS instances returned.
descriptions
The display names of the returned instances.
resource_groups
The IDs of the resource groups to which read-only instances belong.
net_types
The network types of the returned instances: one of ‘Internet’ or ‘Intranet’.
instance_types
The roles of the returned instances: ‘Primary’/‘Readonly’/‘Guard’/‘Temp’.
multiple_zone_deployments
Boolean values indicating whether the instances are deployed in multiple zones (MutriORsignle API call).
network_types
The network types of the returned instances: one of ‘Classic’ or ‘VPC’.
read_only_instance_ids
Lists of read-only instances attached to instances returned that are primary instances.
engines
The database engines the instances run, e.g. ‘MySQL’.
engine_versions
The versions of the database engine that the instances run.
statuses
The status of the instances, e.g. ‘Running’/‘Rebooting’ etc.
zone_ids
The IDs of the zones to which the instances belong.
instance_classes
The instance classes of the returned instances, e.g. ‘mysql.n2.medium.1’.
create_times
The times when the returned instances were created.
vswitch_ids
The IDs of the vSwitches associated with the VPCs to which the returned instances belong.
pay_types
The billing methods of the returned instances: ‘Postpaid’/‘Prepaid’.
lock_modes
The lock status of the returned instances: ‘Unlock’/‘ManualLock’/‘LockByExpiration’/‘LockByRestoration’/‘LockByDiskQuota’/‘Released’.
storage_types
The types of disk storage of the returned instances: ’local_ssd’/’ephemeral_ssd’/‘cloud_ssd’/‘cloud_essd’.
vpc_ids
The IDs of the VPCs to which the instances belong.
connection_modes
The connection modes of the returned instances: ‘Standard’/‘Safe’.
vpc_cloud_instance_ids
The IDs of the read-only instances returned, that reside in VPCs.
region_ids
The region IDs of the returned instances.
expire_times
The expiration times of the returned instances.
entries
Provides access to the raw results of the query, which can be treated as an array of hashes.

Examples

Ensure a specific instance exists.

describe alicloud_apsaradb_rds_instances do
  its('db_instance_ids') { should include 'rm-a1b2c3d4e5f6' }
end

Use the InSpec resource to request the IDs of all ApsaraDB RDS instances, then test in-depth using alicloud_apsaradb_rds_instance to ensure all instances have the expected network security settings.

alicloud_apsaradb_rds_instances.db_instance_ids.each do |db_instance_id|
  describe alicloud_apsaradb_rds_instance(db_instance_id) do
    its('in_default_vpc') { should be false }
    its('security_ips') { should_not cmp '' }
    its('security_ips') { should_not include '0.0.0.0/0' }
  end
end

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.

exist

The control will pass if the describe returns at least one result.

describe alicloud_apsaradb_rds_instances do
  it { should exist }
end

Use should_not to test the entity should not exist.

describe alicloud_apsaradb_rds_instances do
  it { should_not exist }
end

Alicloud Permissions

Your Principal will need the rds:DescribeDBInstances action with Effect set to Allow.

You can find documentation at Use RAM to manage ApsaraDB for RDS permissions.

Edit this page on GitHub

Thank you for your feedback!

×









Search Results