public async Task InstanceMustNotUseInlineUserData()
{
var resources = await Testing.RunAsync <WebserverStack>();
var instance = resources.OfType <Instance>().FirstOrDefault();
instance.Should().NotBeNull("EC2 Instance not found");
var tags = await instance.UserData.GetValueAsync();
tags.Should().BeNull();
}
public async Task InstanceHasNameTag()
{
var resources = await Testing.RunAsync <WebserverStack>();
var instance = resources.OfType <Instance>().FirstOrDefault();
instance.Should().NotBeNull("EC2 Instance not found");
var tags = await instance.Tags.GetValueAsync();
tags.Should().NotBeNull("Tags are not defined");
tags.Should().ContainKey("Name");
}
public async Task AllDefaults_CreatesConsumptionPlan()
{
var resources = await Testing.RunAsync <BasicStack>();
resources.Length.Should().BeGreaterThan(1);
var consumptionPlan = resources.OfType <Plan>().FirstOrDefault();
consumptionPlan.Should().NotBeNull("App Service Plan not found");
var kind = await consumptionPlan.Kind.GetValueAsync();
kind.Should().Be("FunctionApp");
}
public async Task SecurityGroupMustNotHaveSshPortsOpenToInternet()
{
var resources = await Testing.RunAsync <WebserverStack>();
foreach (var securityGroup in resources.OfType <SecurityGroup>())
{
var urn = await securityGroup.Urn.GetValueAsync();
var ingress = await securityGroup.Ingress.GetValueAsync();
foreach (var rule in ingress)
{
(rule.FromPort == 22 && rule.CidrBlocks.Any(b => b == "0.0.0.0/0"))
.Should().BeFalse($"Illegal SSH port 22 open to the Internet (CIDR 0.0.0.0/0) on group {urn}");
}
}
}