cfn-nag 0.3.74 → 0.3.75
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a997e0cc21319cddd3fabe1e7c24a628dd9bfc2337684045e9c965ff117415f1
|
4
|
+
data.tar.gz: 13affc144a0fe1d2540f53c16eb9c1faf255527a5f066eb868aa843bf2465184
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 24ddafc6dbbf7042b7f3c1e996c0f15e1c17d4ee9cd0a6de50d58e5fa59d6f1b5a313147740e2fb70a055690d40a133f4eb049d158222b3b0d36c114a5c5e8c6
|
7
|
+
data.tar.gz: b915a8b628a535107ee052b3c0bb13b95a7822c06631487874d8a71fa7ad69c04751d9df0e6fd98b06dae1b89db032f2a868337102a48464b65e5d47c9a9e147
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'cfn-nag/violation'
|
4
|
+
require_relative 'base'
|
5
|
+
|
6
|
+
class NeptuneDBClusterStorageEncryptedRule < BaseRule
|
7
|
+
def rule_text
|
8
|
+
'Neptune database cluster storage should have encryption enabled'
|
9
|
+
end
|
10
|
+
|
11
|
+
def rule_type
|
12
|
+
Violation::FAILING_VIOLATION
|
13
|
+
end
|
14
|
+
|
15
|
+
def rule_id
|
16
|
+
'F30'
|
17
|
+
end
|
18
|
+
|
19
|
+
def audit_impl(cfn_model)
|
20
|
+
resources = cfn_model.resources_by_type('AWS::Neptune::DBCluster')
|
21
|
+
|
22
|
+
violating_storage = resources.select do |filesystem|
|
23
|
+
filesystem.storageEncrypted.nil? ||
|
24
|
+
filesystem.storageEncrypted.to_s.casecmp('false').zero?
|
25
|
+
end
|
26
|
+
|
27
|
+
violating_storage.map(&:logical_resource_id)
|
28
|
+
end
|
29
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-nag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.75
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Kascic
|
@@ -164,6 +164,7 @@ files:
|
|
164
164
|
- lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb
|
165
165
|
- lib/cfn-nag/custom_rules/LambdaPermissionWildcardPrincipalRule.rb
|
166
166
|
- lib/cfn-nag/custom_rules/ManagedPolicyOnUserRule.rb
|
167
|
+
- lib/cfn-nag/custom_rules/NeptuneDBClusterStorageEncryptedRule.rb
|
167
168
|
- lib/cfn-nag/custom_rules/PolicyOnUserRule.rb
|
168
169
|
- lib/cfn-nag/custom_rules/RDSDBClusterStorageEncryptedRule.rb
|
169
170
|
- lib/cfn-nag/custom_rules/RDSDBInstanceStorageEncryptedRule.rb
|