cfn-nag 0.8.5 → 0.8.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/IamRolePassRoleWildcardResourceRule.rb +1 -1
  3. data/lib/cfn-nag/custom_rules/passrole_base_rule.rb +1 -1
  4. data/lib/cfn-nag/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c39c81a107025c553d08bce79ffdf244838c3e26fd1a853814f367a1abf732a7
4
- data.tar.gz: d000e3ff73010f5796d2821a30d94dd361607384aaafeab64843af3d54913e3b
3
+ metadata.gz: f4a16eb5cda1347c3d70d1dba6c5408df9cc1eb6fd59ddf9ceab8bc35e4c2a1f
4
+ data.tar.gz: acf74edd1722eb6703cb9b3984c0c6656f154564fdb8e4ad758ce00c60a0d52c
5
5
  SHA512:
6
- metadata.gz: 5d3b5cea49310d56c8735e16b49ca7bbbd605d8d00dd52bb1f243d1a39c52f3b9d01db3089fd248006939c873f33706fef01d014d0b7fc87095683eb62e3c20d
7
- data.tar.gz: cc016234fbbc9c19c39ff7655667f58961a7abfd236285c4a148b13f846130f6fc007a3eabc8c7f9bd523363d1759749f889d453104a5dc9f165775318cdcd4a
6
+ metadata.gz: ce414a1ff11e5a981b410d6dd0f37ae8e677a333aafe66de03fd50cac3fb7d9edc46a229708950cfd03965d1b972f449308c7d241f6869d59159c889b4fc2ca2
7
+ data.tar.gz: 7ddefcb9485dd9283fca42013fdcf0975358ebb7026acdc6038e38d7438489b8a9367b866bbe7d79e2572907e02b90af212a89ca64a9eb23f7d7d4a6e568af00
data/lib/cfn-nag/custom_rules/IamRolePassRoleWildcardResourceRule.rb CHANGED
@@ -23,7 +23,7 @@ class IamRolePassRoleWildcardResourceRule < BaseRule
23
23
  violating_roles = cfn_model.resources_by_type('AWS::IAM::Role').select do |role|
24
24
  violating_policies = role.policy_objects.select do |policy|
25
25
  violating_statements = policy.policy_document.statements.select do |statement|
26
- passrole_action?(statement) && wildcard_resource?(statement)
26
+ statement.effect == 'Allow' && passrole_action?(statement) && wildcard_resource?(statement)
27
27
  end
28
28
  !violating_statements.empty?
29
29
  end
data/lib/cfn-nag/custom_rules/passrole_base_rule.rb CHANGED
@@ -16,7 +16,7 @@ class PassRoleBaseRule < BaseRule
16
16
 
17
17
  violating_policies = policies.select do |policy|
18
18
  violating_statements = policy.policy_document.statements.select do |statement|
19
- passrole_action?(statement) && wildcard_resource?(statement)
19
+ statement.effect == 'Allow' && passrole_action?(statement) && wildcard_resource?(statement)
20
20
  end
21
21
  !violating_statements.empty?
22
22
  end
data/lib/cfn-nag/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  module CfnNagVersion
4
4
  # This is managed at release time via scripts/publish.sh
5
- VERSION = '0.8.5'
5
+ VERSION = '0.8.9'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.5
4
+ version: 0.8.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-10-27 00:00:00.000000000 Z
11
+ date: 2022-01-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake