Skip to main content

aws_cloudwatch_anomaly_detectors Resource

Use the aws_cloudwatch_anomaly_detectors InSpec audit resource to test properties of multiple AWS CloudWatch anomaly detectors.

The AWS::CloudWatch::AnomalyDetector type specifies an anomaly detection band for a certain metric and statistic. The band represents the expected “normal” range for the metric values. Anomaly detection bands can be used for visualization of a metric’s expected values, and for alarms.

For additional information, including details on parameters and properties, see the AWS documentation on AWS CloudWatch AnomalyDetector..

Install

This resource is available in the Chef InSpec AWS resource pack.

For information on configuring your AWS environment for Chef InSpec and creating an InSpec profile that uses the InSpec AWS resource pack, see the Chef InSpec documentation on the AWS cloud platform.

Syntax

Ensure that the anomaly detector exists.

describe aws_cloudwatch_anomaly_detectors do
  it { should exist }
end

Parameters

This resource does not require any parameters.

Properties

namespaces
The namespace of the metric associated with the anomaly detection model.

Field: namespace

metric_names
The name of the metric associated with the anomaly detection model.

Field: metric_name

dimensions
The metric dimensions associated with the anomaly detection model.

Field: dimensions

stats
The statistic associated with the anomaly detection model.

Field: stat

configurations
The configuration.

Field: start_time

state_values
he current status of the anomaly detector’s training. The possible values are TRAINED, PENDING_TRAINING and TRAINED_INSUFFICIENT_DATA.

Field: state_value

Examples

Ensure a namespace is available.

describe aws_cloudwatch_anomaly_detectors do
  its('namespaces') { should include 'NAMESPACE' }
end

Ensure a metric name is available.

describe aws_cloudwatch_anomaly_detectors do
    its('metric_names') { should include 'METRIC_NAME' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

The controls will pass if the describe method returns at least one result.

exist

Use should to test that the entity exists.

describe aws_cloudwatch_anomaly_detectors do
  it { should exist }
end

Use should_not to test the entity does not exist.

describe aws_cloudwatch_anomaly_detectors do
  it { should_not exist }
end

be_available

Use should to check if the entity is available.

describe aws_cloudwatch_anomaly_detectors do
  it { should be_available }
end

AWS Permissions

Your Principal will need the CloudWatch:Client:DescribeAnomalyDetectorsOutput action with Effect set to Allow.

Edit this page on GitHub

Thank you for your feedback!

×