AWS Service Catalog Tools Intro Workshop > 2021 Workshop > Removing the default networking > Asserting the resources are removed

Asserting the resources are removed

What are we going to do?

We are going to perform the following steps:

Define an assertion

Step by step guide

Here are the steps you need to follow to “Asserting the resources are removed”

Define an assertion

Navigate to the ServiceCatalogPuppet CodeCommit repository again
Click on manifest.yaml
Click Edit
Append the following snippet to the end of the main input field:

assertions:
  assert-no-default-vpcs:
    expected:
      source: manifest
      config:
        value: []
    actual:
      source: boto3
      config:
        client: 'ec2'
        call: describe_vpcs
        arguments: {}
        use_paginator: true
        filter: Vpcs[?IsDefault==`true`].State
    depends_on:
      - name: "delete-default-networking"
        type: "lambda-invocation"
        affinity: "lambda-invocation"
    assert_for:
      tags:
        - regions: regions_enabled
          tag: type:prod

The main input field should look like this (remember to set your account_id):

accounts:
  - account_id: "${AWS::PuppetAccountId}"
    name: "puppet-account"
    default_region: "eu-west-1"
    regions_enabled:
      - "eu-west-1"
    tags:
      - "type:prod"
      - "partition:eu"
stacks:
  delete-default-networking-function:
    name: "delete-default-networking-function"
    version: "v1"
    capabilities:
      - CAPABILITY_NAMED_IAM
    deploy_to:
      tags:
        - tag: "type:prod"
          regions: "default_region"
lambda-invocations:
  delete-default-networking:
    function_name: DeleteDefaultNetworking
    qualifier: $LATEST
    invocation_type: Event
    depends_on:
      - name: "delete-default-networking-function"
        type: "stack"
        affinity: "stack"
    invoke_for:
      tags:
        - regions: "default_region"
          tag: "type:prod"
assertions:
  assert-no-default-vpcs:
    expected:
      source: manifest
      config:
        value: []
    actual:
      source: boto3
      config:
        client: 'ec2'
        call: describe_vpcs
        arguments: {}
        use_paginator: true
        filter: Vpcs[?IsDefault==`true`].State
    depends_on:
      - name: "delete-default-networking"
        type: "lambda-invocation"
        affinity: "lambda-invocation"
    assert_for:
      tags:
        - regions: regions_enabled
          tag: type:prod

AWS Committing the manifest file

Now that we have written the manifest file we are ready to commit it.

Set your Author name
Set your Email address
Set your Commit message

Using a good / unique commit message will help you understand what is going on later.

Click the Commit changes button:

What did we just do?

The YAML we pasted in the previous step told the framework to use the ec2 client from boto3 to describe vpcs. We told the framework not to use any arguments when invoking describe vpcs and we told the framework to use a paginator ensuring we find every page of results. We then used a filter to include only VPCs where the IsDefault attribute is set to true