alicloud_disk Resource
Use the alicloud_disk
InSpec audit resource to test properties of a single Alicloud Elastic Block Storage (EBS) cloud disk.
Syntax
Ensure a cloud disk exists
describe alicloud_disk('d-d7ohfbhzs8cli0iacz7j') do
it { should exist }
end
You may also use hash syntax to pass the disk name
describe alicloud_disk(disk_name: 'd-vol') do
it { should exist }
end
Parameters
This resource accepts a single parameter, either the cloud disk ID or name. Only one of these must be provided.
disk_id
(required ifdisk_name
not provided)-
The disk ID which uniquely identifies the disk.
This can be passed as either a string, adisk_id: 'value'
key-value entry in a hash, or anid: 'value'
key-value entry in a hash.
(id
is an alias fordisk_id
). disk_name
(required ifdisk_id
not provided)-
The disk name which uniquely identifies the disk.
This must be passed as adisk_name: 'value'
key-value entry in a hash, or aname: 'value'
key-value entry in a hash.
(name
is an alias fordisk_name
).
See also the Alicloud documentation on cloud disks.
Properties
id
- The ID of the cloud disk.
name
- The name of the cloud disk.
description
- The description of the cloud disk.
size
- The size of the cloud disk, in GiBs.
category
- The category of the cloud disk. Valid values: cloud, cloud_efficiency, cloud_ssd, cloud_essd, local_ssd_pro, local_hdd_pro, ephemeral, ephemeral_ssd.
encrypted
- Boolean that indicates whether the cloud disk was encrypted.
kms_key_id
- The ID of the KMS key used by the cloud disk.
enable_auto_snapshot
- Boolean that indicates whether the automatic snapshot policy feature was enabled for the cloud disk.
delete_auto_snapshot
- Boolean that indicates whether automatic snapshots of the cloud disk are deleted when the disk is released.
delete_with_instance
- Boolean that indicates whether the cloud disk is released when its associated instance is released.
Examples
Test that a cloud disk does not exist.
describe alicloud_disk(disk_name: 'data_vol') do
it { should_not exist }
end
Test that a cloud disk is encrypted.
describe alicloud_disk(disk_name: 'secure_data_vol') do
it { should be_encrypted }
end
Test that a cloud disk has the correct size.
describe alicloud_disk(name: 'data_vol') do
its('size') { should cmp 32 }
end
Matchers
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our matchers page.
exist
The control will pass if the describe returns at least one result.
Use should_not
to test the entity should not exist.
describe alicloud_disk(name: 'data_vol') do
it { should exist }
end
describe alicloud_disk(name: 'data_vol') do
it { should_not exist }
end
be_encrypted
The be_encrypted
matcher tests if the described cloud disk is encrypted.
it { should be_encrypted }
Alicloud Permissions
Your Principal will need the ecs:DescribeDisks
action with Effect set to Allow.
See the Alibaba Cloud Resource Access Management documentation and documentation on authentication rules for ECS APIs.
Was this page helpful?