How to use attributes in an Inspec command?

Question

I defined some basic Inspec tests to check if a loadbalancer is active:

proxy = attribute('proxy_netlb_arn')

control 'Checks if all the ECE Load balancers are active ' do
impact 1.0
title 'Checks if all the ECE Load balancers are active'
describe command("aws elbv2 describe-load-balancers --load-balancer-arn proxy['value'] | jq -r '.[][].State.Code'") do
    its('stdout') { should match "active" }
end
end

I use a variable called "proxy" which contains the ARN of the Loadbalancer. Unfortunately the variable is not recognized as such because it is inside the command.

Is there a reason why you don't have an attributes.yml file defining the variable name? Means that you can just pass the file instead of the static name. — caterpree, Dec 11 '18 at 16:29
yes i pass the attribute file when i execute the profile using the "attrs"-parameter — uwieuwe4, Dec 12 '18 at 14:04

score 1 · Accepted Answer · answered Dec 11 '18 at 14:07

you should use string interpolation to get the value of your string variable.

assuming proxy['value'] returns the value of the proxy variable. then you can do it as follows:

proxy = attribute('proxy_netlb_arn')

control 'Checks if all the ECE Load balancers are active ' do
impact 1.0
title 'Checks if all the ECE Load balancers are active'
describe command("aws elbv2 describe-load-balancers --load-balancer-arn #{proxy['value']} | jq -r '.[][].State.Code'") do
    its('stdout') { should match "active" }
end
end

How to use attributes in an Inspec command?

1 Answers1