cfn-nag-rules-core 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +7 -0
  2. data/lib/cfn-nag-rules-core.rb +6 -0
  3. data/lib/cfn-nag-rules-core/workspaces.rb +6 -0
  4. data/lib/cfn-nag-rules-core/workspaces/workspace_encryption_rule.rb +34 -0
  5. metadata +103 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: ca46bb48e356d7e599af004d7201acdebbd3493411985593500bb815404ba84e
4
+ data.tar.gz: 508cf5330a2a1494fa45c47372f1665b083f6328779f3fe497350a2467357989
5
+ SHA512:
6
+ metadata.gz: 267567bd941950a2f80cd7840a5eb3602bb378a713d7f1ea92cf111902e58dda2fd2b8646f714517b7622cfd741af37992493532f9571698b6225bc3288c6181
7
+ data.tar.gz: '091f91c06d45b8995db0ba365f87b270ad730b5e1f817954a706cdc1c9241424e66f019bd41a4f29ff42fb8eeccea76439f7ec64947bf9a964470c9ade178299'
data/lib/cfn-nag-rules-core.rb ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ gem_path = Gem.loaded_specs['cfn-nag-rules-core'].full_gem_path
4
+ Dir.glob("#{gem_path}/lib/cfn-nag-rules-core/**/*.rb").each do |rule|
5
+ require rule
6
+ end
data/lib/cfn-nag-rules-core/workspaces.rb ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ class CfnNag
4
+ class Workspaces
5
+ end
6
+ end
data/lib/cfn-nag-rules-core/workspaces/workspace_encryption_rule.rb ADDED
@@ -0,0 +1,34 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require 'cfn-nag/base_rule'
5
+ require 'cfn-nag-rules-core/workspaces'
6
+
7
+ class CfnNag
8
+ class Workspaces
9
+ class WorkspaceEncryptionRule < CfnNag::BaseRule
10
+ def rule_text
11
+ 'Workspace should have encryption enabled'
12
+ end
13
+
14
+ def rule_type
15
+ Violation::FAILING_VIOLATION
16
+ end
17
+
18
+ def rule_id
19
+ 'F29'
20
+ end
21
+
22
+ def audit_impl(cfn_model)
23
+ resources = cfn_model.resources_by_type('AWS::WorkSpaces::Workspace')
24
+
25
+ violating_workspaces = resources.select do |workspace|
26
+ workspace.userVolumeEncryptionEnabled.nil? ||
27
+ workspace.userVolumeEncryptionEnabled.to_s.casecmp('false').zero?
28
+ end
29
+
30
+ violating_workspaces.map(&:logical_resource_id)
31
+ end
32
+ end
33
+ end
34
+ end
metadata ADDED
@@ -0,0 +1,103 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: cfn-nag-rules-core
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Eric Kascic
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-06-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: cfn-nag
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 0.4.0
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 0.4.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: rspec
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '3.4'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '3.4'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rubocop
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: cfn-model
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ description: The core rules for cfn_nag
70
+ email:
71
+ executables: []
72
+ extensions: []
73
+ extra_rdoc_files: []
74
+ files:
75
+ - lib/cfn-nag-rules-core.rb
76
+ - lib/cfn-nag-rules-core/workspaces.rb
77
+ - lib/cfn-nag-rules-core/workspaces/workspace_encryption_rule.rb
78
+ homepage: https://github.com/stelligent/cfn_nag
79
+ licenses:
80
+ - MIT
81
+ metadata: {}
82
+ post_install_message:
83
+ rdoc_options: []
84
+ require_paths:
85
+ - lib
86
+ - lib
87
+ required_ruby_version: !ruby/object:Gem::Requirement
88
+ requirements:
89
+ - - ">="
90
+ - !ruby/object:Gem::Version
91
+ version: '2.2'
92
+ required_rubygems_version: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ requirements: []
98
+ rubyforge_project:
99
+ rubygems_version: 2.7.7
100
+ signing_key:
101
+ specification_version: 4
102
+ summary: Core Rules for cfn_nag
103
+ test_files: []