cfn-guardian 0.6.6 → 0.6.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6f1339a9ee76341525bd679f5682800ed34387de43601f92d21c9ad4b66021d7
-  data.tar.gz: 683b16c8373348dbdc1bb2a678631ffebd4c08e787bd41746c3b05374cc1c721
+  metadata.gz: bc62d2d0be60b4f28ab5da32207415340db06de99ee00f2a326174903e2d7a8b
+  data.tar.gz: d6bf90ce725692e2396ed0e337a4cd773f3b187402e2d1ab081f219bc1898c85
 SHA512:
-  metadata.gz: d5bee032c069e3995094fe772946fb64ccd929d0817bfbac830e9170af989996178f2fd466ef07400450ac6b8ae8d50bf7cf671b6a28e45cab9d9af487f68642
-  data.tar.gz: ea60eea9cc8fb21677234b04a37a60c772191a8f1a39c330af7c44c7c595e0f84927b04d29658618d1aef2625b090013f6940fb3afe8d3b9e493c5f0d24fb36a
+  metadata.gz: d9b1c3ad0dc61891ca602b2156fbd523cdccc77296d6d959a420e66d2dfbcd449983160f11e8c33b4f4380e56930eacde37f35e0d048935b5aaf969736f2fd9a
+  data.tar.gz: 657b0c5a4eb265e58a36173157b1850a41a6d311d471fe5f9363d18b25420d97126c219057cd22cd6b1a4456140da5abdaa539969e8ce9b6759f54808653876a

data/Dockerfile

@@ -1,6 +1,6 @@
 FROM ruby:2.7-alpine
 
-ARG GUARDIAN_VERSION="0.2.2"
+ARG GUARDIAN_VERSION="0.6.9"
 
 COPY . /src
 
@@ -16,4 +16,4 @@ RUN addgroup -g 1000 guardian && \
 
 USER guardian
 
-RUN cfndsl -u 11.5.0
+RUN cfndsl -u 11.5.0

data/docs/custom_checks/ecs_container_instance_check.md

@@ -0,0 +1,18 @@
+# ECS Container Instance Check
+
+Source: https://github.com/base2Services/aws-lambda-ecs-container-instance-check
+
+Checks the agent status of a ECS container instance for a ECS cluster. 
+This check and alarms are created by default when a ECS cluster resource is specified in the config.
+
+```yaml
+Resources:
+  ECSCluster:
+  - Id: my-cluster
+
+Templates:
+  ECSCluster:
+    # override the alarm defaults
+    ECSContianerInstancesDisconnected:
+      ...
+```

data/docs/overview.md

@@ -14,6 +14,7 @@
     7. [SQL](custom_checks/sql.md)
     8. [TLS](custom_checks/tls.md)
     9. [Azure File Check](custom_checks/azure_file_check.md)
+    10. [ECS Container Instance Check](custom_checks/ecs_container_instance_check.md)
 5. [Event Subscriptions](event_subscriptions.md)
 6. [Notifiers](notifiers.md)
 7. [Maintenance Mode](maintenance_mode.md)

data/lib/cfnguardian/compile.rb

@@ -16,6 +16,7 @@ require 'cfnguardian/resources/dynamodb_table'
 require 'cfnguardian/resources/ec2_instance'
 require 'cfnguardian/resources/ecs_cluster'
 require 'cfnguardian/resources/ecs_service'
+require 'cfnguardian/resources/eks_container_insights'
 require 'cfnguardian/resources/elastic_file_system'
 require 'cfnguardian/resources/elasticache_replication_group'
 require 'cfnguardian/resources/elastic_loadbalancer'
@@ -40,9 +41,13 @@ require 'cfnguardian/resources/amazonmq_rabbitmq'
 require 'cfnguardian/resources/batch'
 require 'cfnguardian/resources/glue'
 require 'cfnguardian/resources/step_functions'
+require 'cfnguardian/resources/vpn_tunnel'
+require 'cfnguardian/resources/vpn_connection'
+require 'cfnguardian/resources/elastic_search'
 require 'cfnguardian/version'
 require 'cfnguardian/error'
 
+
 module CfnGuardian
   class Compile
     include Logging

data/lib/cfnguardian/config/defaults.yaml

@@ -8,7 +8,7 @@ Resources:
     Node: Default
   AmazonMQRabbitMQQueue:
   - Id: Default
-    Queue: Default
+    Broker: Default
     Vhost: Default
   ApiGateway:
   - Id: Default
@@ -28,12 +28,20 @@ Resources:
   ECSCluster:
   - Id: Default
   ECSService:
+  - Id: Default
+    Cluster: Default
+  EKSContainerInsightsCluster:
+  - Id: Default
+  EKSContainerInsightsNamespace:
   - Id: Default
     Cluster: Default
   ElasticFileSystem:
   - Id: Default
   ElasticLoadBalancer:
   - Id: Default
+  ElasticSearch:
+  - Id: Default
+  - Domain: Default
   ElastiCacheReplicationGroup:
   - Id: Default
   Http:
@@ -100,4 +108,8 @@ Resources:
         Query: Default
   SQSQueue:
   - Id: Default
+  VPNTunnel:
+  - Id: Default
+  VPNConnection:
+  - Id: Default
   

data/lib/cfnguardian/models/alarm.rb

@@ -122,8 +122,8 @@ module CfnGuardian
         @group = 'AmazonMQRabbitMQQueue'
         @namespace = 'AWS/AmazonMQ'
         @dimensions = { 
-          Broker: resource['Id'],
-          Queue: resource['Queue'],
+          Broker: resource['Broker'],
+          Queue: resource['Id'],
           VirtualHost: resource['Vhost']
         }
       end
@@ -203,7 +203,28 @@ module CfnGuardian
         }
       end
     end
+
+    class EKSContainerInsightsClusterAlarm < BaseAlarm
+      def initialize(resource)
+        super(resource)
+        @group = 'EKSContainerInsightsCluster'
+        @namespace = 'ContainerInsights'
+        @dimensions = { ClusterName: resource['Id'] }
+      end
+    end
     
+    class EKSContainerInsightsNamespaceAlarm < BaseAlarm
+      def initialize(resource)
+        super(resource)
+        @group = 'EKSContainerInsightsNamespace'
+        @namespace = 'ContainerInsights'
+        @dimensions = { 
+          ClusterName: resource['Cluster'],
+          Namespace: resource['Id']
+        }
+      end
+    end
+
     class ElastiCacheReplicationGroupAlarm < BaseAlarm
       def initialize(resource)
         super(resource)
@@ -212,6 +233,21 @@ module CfnGuardian
         @dimensions = { CacheClusterId: resource['Id'] }
       end
     end
+
+    class ElasticSearchAlarm < BaseAlarm
+      def initialize(resource)
+        super(resource)
+        @group = 'ElasticSearch'
+        @namespace = 'AWS/ElasticSearch'
+        @dimensions = { DomainName: resource['Domain'], ClientId: resource['Id']}
+        @comparison_operator = 'GreaterThanThreshold'
+        @threshold = 1
+        @evaluation_periods = 5
+        @treat_missing_data = 'breaching'
+        @period = 60
+        @data_points_to_alarm = 1
+      end
+    end
     
     class ElasticLoadBalancerAlarm < BaseAlarm
       def initialize(resource)
@@ -445,6 +481,28 @@ module CfnGuardian
         @dimensions = { StorageAccount: resource['Id'], StorageContainer: resource['Container'] }
       end
     end
-    
+
+    class VPNTunnelAlarm < BaseAlarm
+      def initialize(resource)
+        super(resource)
+        @group = 'VPNTunnel'
+        @namespace = 'AWS/VPN'
+        @dimensions = {
+          TunnelIpAddress: resource['Id']
+        }
+      end
+    end
+
+    class VPNConnectionAlarm < BaseAlarm
+      def initialize(resource)
+        super(resource)
+        @group = 'VPNConnection'
+        @namespace = 'AWS/VPN'
+        @dimensions = {
+          VpnId: resource['Id']
+        }
+      end
+    end
+
   end
 end

data/lib/cfnguardian/models/event_subscription.rb

@@ -107,5 +107,7 @@ module CfnGuardian
     class NetworkTargetGroupEventSubscription < BaseEventSubscription; end
     class RedshiftClusterEventSubscription < BaseEventSubscription; end
     class StepFunctionsSubscription < BaseEventSubscription; end
+    class VPNTunnelEventSubscription < BaseEventSubscription; end
+    class VPNConnectionEventSubscription < BaseEventSubscription; end
   end
 end

data/lib/cfnguardian/resources/ec2_instance.rb

@@ -17,6 +17,17 @@ module CfnGuardian
         alarm.threshold = 90
         alarm.evaluation_periods = 10
         @alarms.push(alarm)
+
+        alarm = CfnGuardian::Models::Ec2InstanceAlarm.new(@resource)
+        alarm.name = 'CPUCreditBalanceLow'
+        alarm.metric_name = 'CPUCreditBalance'
+        alarm.comparison_operator = 'LessThanThreshold'
+        alarm.statistic = 'Minimum'
+        alarm.threshold = 100
+        alarm.evaluation_periods = 5
+        alarm.treat_missing_data = 'notBreaching'
+        alarm.datapoints_to_alarm = 5
+        @alarms.push(alarm)
       end
       
       def default_event_subscriptions()

data/lib/cfnguardian/resources/eks_container_insights.rb

@@ -0,0 +1,99 @@
+module CfnGuardian::Resource
+  class EKSContainerInsightsCluster < Base
+
+    def default_alarms
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'NodeCpuUtilisationBase'
+      alarm.metric_name = 'node_cpu_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 75
+      alarm.evaluation_periods = 60
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'NodeCpuUtilisationSpike'
+      alarm.metric_name = 'node_cpu_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 95
+      alarm.evaluation_periods = 5
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'NodeFileSystemUtilisationCrit'
+      alarm.metric_name = 'node_filesystem_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 90
+      alarm.evaluation_periods = 1
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'NodeFileSystemUtilisationWarning'
+      alarm.metric_name = 'node_filesystem_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 75
+      alarm.evaluation_periods = 1
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'NodeMemoryUtilisationBase'
+      alarm.metric_name = 'node_memory_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 80
+      alarm.evaluation_periods = 60
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'NodeMemoryUtilisationSpike'
+      alarm.metric_name = 'node_memory_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 90
+      alarm.evaluation_periods = 5
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsClusterAlarm.new(@resource)
+      alarm.name = 'ClusterFailedNodeCount'
+      alarm.metric_name = 'cluster_failed_node_count'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Minimum'
+      alarm.threshold = 0
+      alarm.evaluation_periods = 1
+      @alarms.push(alarm)
+
+    end
+  end
+
+  class EKSContainerInsightsNamespace < Base
+
+    def default_alarms
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsNamespaceAlarm.new(@resource)
+      alarm.name = 'PodCpuUtilisation'
+      alarm.metric_name = 'pod_cpu_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 90
+      alarm.evaluation_periods = 5
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::EKSContainerInsightsNamespaceAlarm.new(@resource)
+      alarm.name = 'PodMemoryUtilisation'
+      alarm.metric_name = 'pod_memory_utilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 90
+      alarm.evaluation_periods = 5
+      @alarms.push(alarm)
+
+    end
+  end
+end 

data/lib/cfnguardian/resources/elastic_file_system.rb

@@ -11,6 +11,17 @@ module CfnGuardian
         alarm.evaluation_periods = 5
         alarm.statistic = 'Minimum'
         @alarms.push(alarm)
+
+        alarm = CfnGuardian::Models::ElasticFileSystemAlarm.new(@resource)
+        alarm.name = 'BurstCreditBalanceLow'
+        alarm.metric_name = 'BurstCreditBalance'
+        alarm.comparison_operator = 'LessThanThreshold'
+        alarm.statistic = 'Minimum'
+        alarm.threshold = 1000000000000
+        alarm.evaluation_periods = 5
+        alarm.treat_missing_data = 'notBreaching'
+        alarm.datapoints_to_alarm = 5
+        @alarms.push(alarm)
       end
     end
   end

data/lib/cfnguardian/resources/elastic_search.rb

@@ -0,0 +1,137 @@
+module CfnGuardian::Resource
+    class ElasticSearch < Base
+
+      def default_alarms    
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'NodeCount'
+        alarm.metric_name = 'Nodes'
+        alarm.threshold = 3
+        alarm.evaluation_periods = 1440 # 24 hours
+        alarm.data_points_to_alarm = 1
+        alarm.comparison_operator = 'LessThanOrEqualToThreshold'
+        alarm.alarm_action = 'Critical'
+        alarm.enabled = false
+        @alarms.push(alarm)
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'JVMMemoryPressureWarning'
+        alarm.metric_name = 'JVMMemoryPressure'
+        alarm.threshold = 72
+        alarm.evaluation_periods = 5
+        alarm.data_points_to_alarm = 3
+        alarm.alarm_action = 'Warning'
+        @alarms.push(alarm)
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'JVMMemoryPressureCrit'
+        alarm.metric_name = 'JVMMemoryPressure'
+        alarm.threshold = 92
+        alarm.evaluation_periods = 5
+        alarm.alarm_action = 'Critical'
+        @alarms.push(alarm)
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'ClusterIndexWritesBlocked'
+        alarm.metric_name = 'ClusterIndexWritesBlocked'
+        alarm.threshold = 1
+        alarm.evaluation_periods = 5
+        alarm.alarm_action = 'Critical'
+        @alarms.push(alarm)  
+        
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'MasterNodeCPUUtilisationWarning'
+        alarm.metric_name = 'MasterCPUUtilization'
+        alarm.threshold = 75
+        alarm.evaluation_periods = 60
+        alarm.alarm_action = 'Warning'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'MasterNodeCPUUtilisationCrit'
+        alarm.metric_name = 'MasterCPUUtilization'
+        alarm.threshold = 95
+        alarm.evaluation_periods = 10
+        alarm.alarm_action = 'Critical'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'FreeStorageSpaceWarning'
+        alarm.metric_name = 'FreeStorageSpace'
+        alarm.threshold = 50000
+        alarm.evaluation_periods = 1
+        alarm.alarm_action = 'Warning'
+        alarm.statistic = 'Minimum'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'FreeStorageSpaceCrit'
+        alarm.metric_name = 'FreeStorageSpace'
+        alarm.threshold = 25000
+        alarm.evaluation_periods = 1
+        alarm.alarm_action = 'Critical'
+        @alarms.push(alarm)  
+       
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'CPUUtilizationWarning'
+        alarm.metric_name = 'CPUUtilization'
+        alarm.threshold = 75
+        alarm.evaluation_periods = 15
+        alarm.data_points_to_alarm = 3
+        alarm.alarm_action = 'Warning'
+        alarm.statistic = 'Average'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'CPUUtilizationCrit'
+        alarm.metric_name = 'CPUUtilization'
+        alarm.threshold = 95
+        alarm.evaluation_periods = 5
+        alarm.data_points_to_alarm = 3
+        alarm.alarm_action = 'Critical'
+        alarm.statistic = 'Average'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'KMSKeyError'
+        alarm.metric_name = 'KMSKeyError'
+        alarm.threshold = 1
+        alarm.evaluation_periods = 1
+        alarm.alarm_action = 'Warning'
+        alarm.statistic = 'Minimum'
+        alarm.comparison_operator = 'GreaterThanOrEqualToThreshold'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'KMSKeyInaccessible'
+        alarm.metric_name = 'KMSKeyInaccessible'
+        alarm.threshold = 1
+        alarm.evaluation_periods = 1
+        alarm.alarm_action = 'Critical'
+        alarm.statistic = 'Minimum'
+        alarm.comparison_operator = 'GreaterThanOrEqualToThreshold'
+        alarm.enabled = false
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'ClusterStatusRed'
+        alarm.metric_name = 'ClusterStatus.red'
+        alarm.threshold = 1
+        alarm.evaluation_periods = 1
+        alarm.alarm_action = 'Critical'
+        alarm.statistic = 'Minimum'
+        alarm.comparison_operator = 'GreaterThanOrEqualToThreshold'
+        @alarms.push(alarm)  
+
+        alarm = CfnGuardian::Models::ElasticSearchAlarm.new(@resource)
+        alarm.name = 'ClusterStatusYellow'
+        alarm.metric_name = 'ClusterStatus.yellow'
+        alarm.threshold = 1
+        alarm.evaluation_periods = 1
+        alarm.alarm_action = 'Warning'
+        alarm.statistic = 'Minimum'
+        alarm.comparison_operator = 'GreaterThanOrEqualToThreshold'
+        @alarms.push(alarm)  
+
+    end
+  end
+end

data/lib/cfnguardian/resources/redshift_cluster.rb

@@ -1,14 +1,14 @@
 module CfnGuardian::Resource
   class RedshiftCluster < Base
-      
-    def default_alarms    
+
+    def default_alarms
       alarm = CfnGuardian::Models::RedshiftClusterAlarm.new(@resource)
       alarm.name = 'CPUUtilizationHighSpike'
       alarm.metric_name = 'CPUUtilization'
       alarm.threshold = 95
       alarm.evaluation_periods = 10
       @alarms.push(alarm)
-      
+
       alarm = CfnGuardian::Models::RedshiftClusterAlarm.new(@resource)
       alarm.name = 'CPUUtilizationHighBase'
       alarm.metric_name = 'CPUUtilization'
@@ -16,7 +16,7 @@ module CfnGuardian::Resource
       alarm.evaluation_periods = 60
       alarm.alarm_action = 'Warning'
       @alarms.push(alarm)
-      
+
       alarm = CfnGuardian::Models::RedshiftClusterAlarm.new(@resource)
       alarm.name = 'UnHealthyCluster'
       alarm.metric_name = 'HealthStatus'
@@ -24,7 +24,24 @@ module CfnGuardian::Resource
       alarm.threshold = 1
       alarm.evaluation_periods = 10
       @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::RedshiftClusterAlarm.new(@resource)
+      alarm.name = 'DiskSpaceUsedCrit'
+      alarm.metric_name = 'PercentageDiskSpaceUsed'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.threshold = 90
+      alarm.evaluation_periods = 10
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::RedshiftClusterAlarm.new(@resource)
+      alarm.name = 'DiskSpaceUsedWarm'
+      alarm.metric_name = 'PercentageDiskSpaceUsed'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.threshold = 80
+      alarm.evaluation_periods = 10
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
     end
-    
+
   end
 end

data/lib/cfnguardian/resources/vpn_connection.rb

@@ -0,0 +1,18 @@
+module CfnGuardian::Resource
+    class VPNConnection < Base
+      
+      def default_alarms    
+        alarm = CfnGuardian::Models::VPNConnectionAlarm.new(@resource)
+        alarm.name = 'VPNConnectionState'
+        alarm.metric_name = 'TunnelState'
+        alarm.comparison_operator = 'LessThanThreshold'
+        alarm.statistic = 'Average'
+        alarm.threshold = 0.5
+        alarm.evaluation_periods = 3
+        alarm.treat_missing_data = 'breaching'
+        alarm.datapoints_to_alarm = 3
+        @alarms.push(alarm)
+      end
+      
+    end
+end

data/lib/cfnguardian/resources/vpn_tunnel.rb

@@ -0,0 +1,18 @@
+module CfnGuardian::Resource
+    class VPNTunnel < Base
+      
+      def default_alarms    
+        alarm = CfnGuardian::Models::VPNTunnelAlarm.new(@resource)
+        alarm.name = 'VPNTunnelState'
+        alarm.metric_name = 'TunnelState'
+        alarm.comparison_operator = 'LessThanThreshold'
+        alarm.statistic = 'Minimum'
+        alarm.threshold = 1
+        alarm.evaluation_periods = 5
+        alarm.treat_missing_data = 'breaching'
+        alarm.datapoints_to_alarm = 5
+        @alarms.push(alarm)
+      end
+      
+    end
+end

data/lib/cfnguardian/version.rb

@@ -1,4 +1,4 @@
 module CfnGuardian
-  VERSION = "0.6.6"
+  VERSION = "0.6.11"
   CHANGE_SET_VERSION = VERSION.gsub('.', '-').freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cfn-guardian
 version: !ruby/object:Gem::Version
-  version: 0.6.6
+  version: 0.6.11
 platform: ruby
 authors:
 - Guslington
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-30 00:00:00.000000000 Z
+date: 2021-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -238,6 +238,7 @@ files:
 - docs/composite_alarms.md
 - docs/custom_checks/azure_file_check.md
 - docs/custom_checks/domain_expiry.md
+- docs/custom_checks/ecs_container_instance_check.md
 - docs/custom_checks/http.md
 - docs/custom_checks/log_group_metric_filters.md
 - docs/custom_checks/nrpe.md
@@ -284,8 +285,10 @@ files:
 - lib/cfnguardian/resources/ec2_instance.rb
 - lib/cfnguardian/resources/ecs_cluster.rb
 - lib/cfnguardian/resources/ecs_service.rb
+- lib/cfnguardian/resources/eks_container_insights.rb
 - lib/cfnguardian/resources/elastic_file_system.rb
 - lib/cfnguardian/resources/elastic_loadbalancer.rb
+- lib/cfnguardian/resources/elastic_search.rb
 - lib/cfnguardian/resources/elasticache_replication_group.rb
 - lib/cfnguardian/resources/glue.rb
 - lib/cfnguardian/resources/http.rb
@@ -306,6 +309,8 @@ files:
 - lib/cfnguardian/resources/sqs_queue.rb
 - lib/cfnguardian/resources/step_functions.rb
 - lib/cfnguardian/resources/tls.rb
+- lib/cfnguardian/resources/vpn_connection.rb
+- lib/cfnguardian/resources/vpn_tunnel.rb
 - lib/cfnguardian/s3.rb
 - lib/cfnguardian/stacks/main.rb
 - lib/cfnguardian/stacks/resources.rb
@@ -334,7 +339,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Manages AWS cloudwatch alarms with default templates using cloudformation