cfn-nag 0.0.39 → 0.0.40
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/json_rules/sqs_rules.rb +4 -4
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8854703d7177b20f5163fd7b157a33475963da37
|
4
|
+
data.tar.gz: c70c1fe0a9c9a050c3c1b1a520cf208c1e1940d3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: db86b801b0a02a04ff91e67d853717dce477266ab3539f95d913dd2fab4ed8f1277fc6fd25d5db0b0ee3b289879476620826c4550014832ada98b3801922b954
|
7
|
+
data.tar.gz: 52d69d86e2689446e35ba886eec393cd21aa5c5e0289da6f2d0aaeafdef2c4c3d55ac28615157508e237f32d1b71817feecef906543ba99a2d33bd671e448998
|
data/lib/json_rules/sqs_rules.rb
CHANGED
@@ -1,16 +1,16 @@
|
|
1
1
|
sqs_wildcard_action_filter = <<END
|
2
2
|
def sqs_wildcard_action:
|
3
3
|
if .Statement|type == "object"
|
4
|
-
then select(.Statement.Effect == "Allow" and (if .Statement.Action|type=="string" then (.Statement.Action
|
5
|
-
else select(.Statement[]|.Effect == "Allow" and (if .Action|type=="string" then (.Action
|
4
|
+
then select(.Statement.Effect == "Allow" and (if .Statement.Action|type=="string" then (.Statement.Action | contains("*") ) else (.Statement.Action|contains(["*"])) end))
|
5
|
+
else select(.Statement[]|.Effect == "Allow" and (if .Action|type=="string" then (.Action | contains("*")) else (.Action|contains(["*"])) end))
|
6
6
|
end;
|
7
7
|
END
|
8
8
|
|
9
9
|
sqs_wildcard_principal_filter = <<END
|
10
10
|
def sqs_wildcard_principal:
|
11
11
|
if .Statement|type == "object"
|
12
|
-
then select(.Statement.Effect == "Allow" and (.Statement.Principal?|type=="string") and (.Statement.Principal == "*") )
|
13
|
-
else select(.Statement[]|.Effect == "Allow" and ((.Principal?|type=="string") and (.Principal == "*")) )
|
12
|
+
then select(.Statement.Effect == "Allow" and (((.Statement.Principal?|type=="string") and (.Statement.Principal|contains("*"))) or ((.Statement.Principal?|type=="object") and (.Statement.Principal|contains({"AWS": "*"}))) ))
|
13
|
+
else select(.Statement[]|.Effect == "Allow" and ( ((.Principal?|type=="string") and (.Principal|contains("*"))) or ((.Principal?|type=="object") and (.Principal|contains({"AWS": "*"}))) ) )
|
14
14
|
end;
|
15
15
|
END
|
16
16
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-nag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.40
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- someguy
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-05-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: logging
|