I have created an inspec profile containing all the test cases I might need for my AWS account. However there is a chance that I do not have certain resources. So I want to skip the respective controls. For example: My profile contains tests for EFS. However I might choose not to use EFS for sometime. How can I skip the controls for EFS.
I have seen that --control allows us to list the controls we want to execute. However with a large number of controls, this is very inefficient.
Only_if has been suggested in some places, but as per my understanding, it can be used to check packages on a machine. Here I am trying to check AWS resources.
Thank you Stocksy. Can you please tell me in which file the include_controls is used. I am trying to access another profile stored on the same computer and using include_controls in my one of my .rb files. It is showing no effect. For reference, I am using the name "ec2-profile" in the include_control.
depends:
In your new ec2-profile profile, you add a depends section in inspec.yml that refers to inspec-aws.
Then in ec2-profile/controls/control.rb (it can have any file name, it just needs to be a .rb file in the controls directory you can use the include_controls and require_controls statements described at https://docs.chef.io/inspec/profiles/#using-controls-from-an-included-profile