Skip to content

Commit

Permalink
Update to InSpec 4.25 + AWS Resource Pack v1.33.0
Browse files Browse the repository at this point in the history
  • Loading branch information
Michael Krieg committed Jan 25, 2021
1 parent e5f432c commit e75c892
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 12 deletions.
4 changes: 2 additions & 2 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
source 'https://rubygems.org'

gem 'highline', '~> 2.0.2'
gem 'inspec', '~> 4.18'
gem 'inspec-bin', '~> 4.18'
gem 'inspec', '~> 4.25'
gem 'inspec-bin', '~> 4.25'
gem 'rubocop', '~> 0.79.0'
35 changes: 28 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,14 @@
**Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)*

- [InSpec AWS Baseline Profile](#inspec-aws-baseline-profile)
- [Usage](#usage)
- [IAM Permissions](#iam-permissions)
- [Profile Execution](#profile-execution)
- [AWS Organizations](#aws-organizations)
- [Further Information](#further-information)
- [The Importance of Compliance Results](#the-importance-of-compliance-results)
- [Usage](#usage)
- [IAM Permissions](#iam-permissions)
- [Profile Execution - variant A](#profile-execution-variant-a)
- [Profile Execution - variant B](#profile-execution-variant-b)
- [Re-Vendor Dependencies](#re-vendor-dependencies)
- [AWS Organizations](#aws-organizations)
- [Further Information](#further-information)
- [The Importance of Compliance Results](#the-importance-of-compliance-results)

<!-- END doctoc generated TOC please keep comment here to allow auto update -->

Expand Down Expand Up @@ -50,7 +52,7 @@ Make sure your Auditor IAM User has the following managed policy attached:

It is also possible to use higher privileged policies, such as `arn:aws:iam::aws:policy/ReadOnlyAccess`.

### Profile Execution
### Profile Execution - variant A

You can easily use this InSpec profile from Github:

Expand All @@ -64,6 +66,25 @@ You can easily use this InSpec profile from Github:
```

### Profile Execution - variant B

Call InSpec with AWS region + your local configured Profile:

```
inspec exec -t aws://eu-central-1/my-named-profile --show-progress \
https://github.com/centriascolocation/inspec-aws-baseline/archive/master.tar.gz
```

### Re-Vendor Dependencies

```
inspec vendor --overwrite .
```

## AWS Organizations

You can also check if a given account is part of AWS Organizations (Master or Member). This feature is disabled by default.
Expand Down
6 changes: 3 additions & 3 deletions inspec.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,13 @@ copyright: Centrias Colocation GmbH
copyright_email: support@centrias.net
license: Apache-2.0
summary: InSpec Baseline Profile for AWS account setup verification
version: 1.4.0
version: 1.4.1
supports:
- platform: aws
inspec_version: ">= 4.18"
inspec_version: ">= 4.25"
depends:
- name: inspec-aws
url: https://github.com/inspec/inspec-aws/archive/v1.26.1.tar.gz
url: https://github.com/inspec/inspec-aws/archive/v1.33.0.tar.gz
inputs:
- name: cis_level
type: Numeric
Expand Down

0 comments on commit e75c892

Please sign in to comment.