Added new features and modified the current ones.

terraform-compliance · Jul 10, 2018 · 16ed8d2 · 16ed8d2
1 parent ecf1532
commit 16ed8d2
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 3 deletions.
diff --git a/example/example_01/aws/encryption.feature b/example/example_01/aws/encryption.feature
@@ -0,0 +1,17 @@
+Feature: Resources should be encrypted
+  In order to improve security
+  As engineers
+  We'll enforce encryption
+
+  Scenario: RDS instances
+    When I define a AWS RDS instance
+    Then encryption must be enabled
+
+  Scenario: EC2 instance block devices
+    When I define a AWS EC2 instance
+    And it contains a ebs_block_device
+    Then encryption must be enabled
+
+  Scenario: EBS volumes
+    When I define a AWS EBS volume
+    Then encryption must be enabled
diff --git a/example/example_01/aws/security_groups.feature b/example/example_01/aws/security_groups.feature
@@ -4,7 +4,7 @@ Feature: Security Groups should be used to protect services/instances
   We'll use AWS Security Groups as a Perimeter Defence
 
   Scenario Outline: Policy Structure
-    Given I define AWS Security Group
+    When I define AWS Security Group
     Then it must contain <policy_name>
 
   Examples:
@@ -13,7 +13,7 @@ Feature: Security Groups should be used to protect services/instances
     | egress      |
 
   Scenario Outline: Well-known insecure protocol exposure on Public Network for ingress traffic
-  	Given I define AWS Security Group
+  	When I define AWS Security Group
   	Then it must contain ingress
   	with <proto> protocol and not port <portNumber> for 0.0.0.0/0
 

diff --git a/example/example_01/aws/subnets.feature b/example/example_01/aws/subnets.feature
@@ -5,6 +5,6 @@ Feature: Subnets should be defined properly for network security
   We'll use a layered architecture in our AWS Environment
 
   Scenario: Subnet Count
-    Given I define AWS Subnet
+    When I define AWS Subnet
     When I count them
     Then I expect the result is more than 2
diff --git a/example/example_01/aws/tags.feature b/example/example_01/aws/tags.feature
@@ -0,0 +1,32 @@
+Feature: Resources should be properly tagged
+  In order to keep track of resource ownership
+  As engineers
+  We'll enforce tagging on all resources
+
+  Scenario: Name tag
+    When I define a resource that supports tags
+    Then it must have the "Name" tag
+    And its value must match the "darwin.*" regex
+
+  Scenario: Environment tag
+    When I define a resource that supports tags
+    Then it must have the "Environment" tag
+    And its value must be set by a variable
+
+  Scenario: Project tag
+    When I define a resource that supports tags
+    Then it must have the "Project" tag
+    And its value must match the "Darwin" regex
+
+  Scenario: Service tag
+    When I define a resource that supports tags
+    Then it must have the "Service" tag
+    And its value must match the "modelling|enhancement|routing|scoring" regex
+
+  Scenario: Function tag
+    When I define a resource that supports tags
+    Then it must have the "Function" tag
+
+  Scenario: Billing tag
+    When I define a resource that supports tags
+    Then it must have the "Billing" tag