RubyGems - cfn-nag - Versions diffs - 0.3.86 → 0.3.87 - Mend

cfn-nag 0.3.86 → 0.3.87

Files changed (3) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e0591612f880302521b2713da96667d23c7fe0015f78ae5e42b194b12bee5eb7
-  data.tar.gz: 2f1876121ee7680d0ae2134f2fedee1f458c3c536ff65a5f7d4748c94e30184d
+  metadata.gz: db1486b366e0ecc19c6d0b5499d5da1ecb50ea8d40f02654855f845ab102b413
+  data.tar.gz: e15e0619ed02cc66a9c49870911cc5a2f88b28700f5dfa64a10bf40ef2eeb287
 SHA512:
-  metadata.gz: 784389cd1a4afb8855a1488be3844effc15adc1e4ecd3990c3970c9a0f0852729bc60203978f0e3ef2062da51ae3b70c2842ce45c8feacc4e6ba64e533da194b
-  data.tar.gz: 1e1bf24ebf35f21bfb3d52dc960a52faaf2d8f7417694d3ab313c24d7d1b15f5965f6070556caeb01ccb239fa8c152e8902a5f511dd12950706598359a4d6b62
+  metadata.gz: 40af3f07c3aa893cb4b82d0b6abefbbc7764de078278f5e33e387d64689baf3477c185af89fd4ac8cccdb20af45d4444a22e9eb6b6ff68dc5257545ab9410f5c
+  data.tar.gz: 608f332094859a43e1473d3d4795b82ac592881b723c4d6164031bf83a145dd8737e60dd93d3d28a579bee033c18bca68eae80264cc596094e73abe3956db0dc

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+require 'cfn-nag/violation'
+require_relative 'base'
+class BatchJobDefinitionContainerPropertiesPrivilegedRule < BaseRule
+  def rule_text
+    'Batch Job Definition Container Properties should not have Privileged set to true'
+  end
+  def rule_type
+    Violation::WARNING
+  end
+  def rule_id
+    'W34'
+  end
+  def audit_impl(cfn_model)
+    violating_job_definitions = cfn_model.resources_by_type('AWS::Batch::JobDefinition')
+                                         .select do |job_definition|
+      truthy?(job_definition.containerProperties['Privileged'])
+    end
+    violating_job_definitions.map(&:logical_resource_id)
+  end
+end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cfn-nag
 version: !ruby/object:Gem::Version
-  version: 0.3.86
+  version: 0.3.87
 platform: ruby
 authors:
 - Eric Kascic
@@ -139,6 +139,7 @@ files:
 - lib/cfn-nag/cfn_nag.rb
 - lib/cfn-nag/cfn_nag_logging.rb
 - lib/cfn-nag/custom_rule_loader.rb
+- lib/cfn-nag/custom_rules/BatchJobDefinitionContainerPropertiesPrivilegedRule.rb
 - lib/cfn-nag/custom_rules/CloudFormationAuthenticationRule.rb
 - lib/cfn-nag/custom_rules/CloudFrontDistributionAccessLoggingRule.rb
 - lib/cfn-nag/custom_rules/CodeBuildEncryptionKeyRule.rb