RubygemsResearch

Sha256: 360c70579d31ea3b35b502e5712990438bd536b8a8386aaee2aa9d167b89da43

Contents?: true

Size: 1.74 KB

Versions: 159

Compression:

Stored size: 1.74 KB

### exist

```ruby
describe kms('my-kms-key') do
  it { should exist }
end
```

### be_enabled

```ruby
describe kms('my-kms-key') do
  it { should be_enabled }
end
```

### have_key_policy

```ruby
describe kms('my-kms-key') do
  it { should exist }
  it { should be_enabled }
  it do
    should have_key_policy('default').policy_document(<<-'DOC')
{
  "Version" : "2012-10-17",
  "Id" : "key-consolepolicy-2",
  "Statement" : [ {
    "Sid" : "Enable IAM User Permissions",
    "Effect" : "Allow",
    "Principal" : {
      "AWS" : "arn:aws:iam::1234567890:root"
    },
    "Action" : "kms:*",
    "Resource" : "*"
  }, {
    "Sid" : "Allow access for Key Administrators",
    "Effect" : "Allow",
    "Principal" : {
      "AWS" : "arn:aws:iam::1234567890:user/test-user"
    },
    "Action" : [ "kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*", "kms:Update*", "kms:Revoke*", "kms:Disable*", "kms:Get*", "kms:Delete*", "kms:ScheduleKeyDeletion", "kms:CancelKeyDeletion" ],
    "Resource" : "*"
  }, {
    "Sid" : "Allow use of the key",
    "Effect" : "Allow",
    "Principal" : {
      "AWS" : [ "arn:aws:iam::1234567890:user/test-user", "arn:aws:iam::1234567890:role/test-role" ]
    },
    "Action" : [ "kms:Encrypt", "kms:Decrypt", "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:DescribeKey" ],
    "Resource" : "*"
  }, {
    "Sid" : "Allow attachment of persistent resources",
    "Effect" : "Allow",
    "Principal" : {
      "AWS" : [ "arn:aws:iam::1234567890:user/test-user", "arn:aws:iam::1234567890:role/test-role" ]
    },
    "Action" : [ "kms:CreateGrant", "kms:ListGrants", "kms:RevokeGrant" ],
    "Resource" : "*",
    "Condition" : {
      "Bool" : {
        "kms:GrantIsForAWSResource" : "true"
      }
    }
  } ]
}
DOC
  end
end
```

Version data entries

159 entries across 159 versions & 4 rubygems

Version	Path
awspec-1.23.0	doc/_resource_types/kms.md
awspec-1.22.1	doc/_resource_types/kms.md
awspec-1.22.0	doc/_resource_types/kms.md
awspec-1.21.1	doc/_resource_types/kms.md
awspec-1.21.0	doc/_resource_types/kms.md
awspec-1.20.0	doc/_resource_types/kms.md
awspec-1.19.2	doc/_resource_types/kms.md
awspec-1.19.1	doc/_resource_types/kms.md
awspec-1.19.0	doc/_resource_types/kms.md
cthiesfork-awspec-1.2.4	doc/_resource_types/kms.md
awspec-api_gateway_extended-1.2.4	doc/_resource_types/kms.md
awspec-api_gateway_extended-1.2.3	doc/_resource_types/kms.md
awspec-1.18.6	doc/_resource_types/kms.md
cthiesfork-awspec-1.2.2	doc/_resource_types/kms.md
cthiesfork-awspec-1.2.1	doc/_resource_types/kms.md
awspec-1.18.5	doc/_resource_types/kms.md
cthiesfork-awspec-1.2.0	doc/_resource_types/kms.md
cthiesfork-awspec-1.1.0	doc/_resource_types/kms.md
cthiesfork-awspec-1.0.0	doc/_resource_types/kms.md
awspec-1.18.4	doc/_resource_types/kms.md