aws_api_gateway_v2_domain_names resource
Use the aws_api_gateway_v2_domain_names InSpec audit resource to test properties of multiple AWS API Gateway V2 domain names.
For additional information, including parameters and properties, see the AWS documentation on AWS APIGatewayV2 DomainName.
Syntax
Ensure that the domain name exists.
describe aws_api_gateway_v2_domain_names do
it { should exist }
end
Parameters
This resource does not require any parameters.
Properties
- Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer.
Field:
authorizer_credentials_arnapi_mapping_selection_expressions- The API mapping selection expression.
Field:
api_mapping_selection_expressiondomain_names- A domain name for the API.
Field:
domain_namedomain_name_configurations- The configuration of the domain name.
Field:
domain_name_configurationsmutual_tls_authentications- This is TLS authentication.
Field:
mutual_tls_authentication- The collection of tags associated with a domain name.
Field:
tags
Examples
Test to ensure a domain name is available
describe aws_api_gateway_v2_domain_names do
its('domain_names') { should eq 'DOMAIN_NAME' }
end
Test to verify if domain configurations are set
describe aws_api_gateway_v2_domain_names do
its('domain_name_configurations') { should eq 'AVAILABLE' }
end
Matchers
For a full list of available matchers, see our Universal Matchers page.The control passes if the get method returns at least one result.
exist
Use should to test that the entity exists.
describe aws_api_gateway_v2_domain_names do
it { should exist }
end
not exist
Use should_not to test that the entity does not exist.
describe aws_api_gateway_v2_domain_names do
it { should_not exist }
end
AWS Permissions
Your AWS principal will need the APIGatewayv2:Client:GetDomainNamesResponse action with Effect set to Allow.