cfn-nag 0.0.39 → 0.0.40

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/json_rules/sqs_rules.rb +4 -4
  3. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 13341273f0397f91d6983109af355e989743100f
4
- data.tar.gz: 4527e82e3f2ffccabe5dc723d6fcabb347473a78
3
+ metadata.gz: 8854703d7177b20f5163fd7b157a33475963da37
4
+ data.tar.gz: c70c1fe0a9c9a050c3c1b1a520cf208c1e1940d3
5
5
  SHA512:
6
- metadata.gz: bf2398200a4528d54a2a80f5e4e774ac8a985e60c65bb5dc23c3982fe37b594d1ae4fd5195a66313ef589ea305606fd1f16da60f0929a682d36b25bcbad3a1ec
7
- data.tar.gz: fc7a7faecb444fe870a792be557ff436f3253b992232e80fa19ba7d5c44c6cb4760fb9219bdb02ef659c5622f145cce013a10694ac52a76431744814ed288edb
6
+ metadata.gz: db86b801b0a02a04ff91e67d853717dce477266ab3539f95d913dd2fab4ed8f1277fc6fd25d5db0b0ee3b289879476620826c4550014832ada98b3801922b954
7
+ data.tar.gz: 52d69d86e2689446e35ba886eec393cd21aa5c5e0289da6f2d0aaeafdef2c4c3d55ac28615157508e237f32d1b71817feecef906543ba99a2d33bd671e448998
data/lib/json_rules/sqs_rules.rb CHANGED
@@ -1,16 +1,16 @@
1
1
  sqs_wildcard_action_filter = <<END
2
2
  def sqs_wildcard_action:
3
3
  if .Statement|type == "object"
4
- then select(.Statement.Effect == "Allow" and (if .Statement.Action|type=="string" then (.Statement.Action == "sqs:*") else (.Statement.Action|indices("sqs:*")|length > 0) end))
5
- else select(.Statement[]|.Effect == "Allow" and (if .Action|type=="string" then (.Action == "sqs:*") else (.Action|indices("sqs:*")|length > 0) end))
4
+ then select(.Statement.Effect == "Allow" and (if .Statement.Action|type=="string" then (.Statement.Action | contains("*") ) else (.Statement.Action|contains(["*"])) end))
5
+ else select(.Statement[]|.Effect == "Allow" and (if .Action|type=="string" then (.Action | contains("*")) else (.Action|contains(["*"])) end))
6
6
  end;
7
7
  END
8
8
 
9
9
  sqs_wildcard_principal_filter = <<END
10
10
  def sqs_wildcard_principal:
11
11
  if .Statement|type == "object"
12
- then select(.Statement.Effect == "Allow" and (.Statement.Principal?|type=="string") and (.Statement.Principal == "*") )
13
- else select(.Statement[]|.Effect == "Allow" and ((.Principal?|type=="string") and (.Principal == "*")) )
12
+ then select(.Statement.Effect == "Allow" and (((.Statement.Principal?|type=="string") and (.Statement.Principal|contains("*"))) or ((.Statement.Principal?|type=="object") and (.Statement.Principal|contains({"AWS": "*"}))) ))
13
+ else select(.Statement[]|.Effect == "Allow" and ( ((.Principal?|type=="string") and (.Principal|contains("*"))) or ((.Principal?|type=="object") and (.Principal|contains({"AWS": "*"}))) ) )
14
14
  end;
15
15
  END
16
16
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.39
4
+ version: 0.0.40
5
5
  platform: ruby
6
6
  authors:
7
7
  - someguy
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-03-08 00:00:00.000000000 Z
11
+ date: 2017-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: logging