cfn-nag 0.3.58 → 0.3.59

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/WorkspacesWorkspaceEncryptionRule.rb +27 -0
  3. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9e54f3461ceed2d21f8640ad4266d9898fb5d07acea5c67ae2f4f5e3a60cfbab
4
- data.tar.gz: dfb1c5007382ce1959981fa75feb6c09a992e4e62f409e5e84daeebec2e7c3c1
3
+ metadata.gz: 5e3ab3f6d8d4ddb702efc139f20ae9eb6384173b700f325b85dc4737d97317b2
4
+ data.tar.gz: 3a24984e9d46ce1d96eabbbe642160c87acc78d05e0e13d08d6616757a086d9d
5
5
  SHA512:
6
- metadata.gz: c6e2a6c76aacd134e5fef1d80a72eed79d82deb9f6de9ad265092f029e017c8570f272f7610eccc75263dddff0281b336b5fddc9c8111b4e7969cfa2c50e4a64
7
- data.tar.gz: 87100bcf855b3e96e0b3925f9a814385825085441d40ebabc6630b631f858f5d719c26ea50b21071a6c9566d9d34bfaab5642f844760e889a9e7821259775baf
6
+ metadata.gz: 2d74fe99000484b05d0ada5a3aebf68857bc7d58a735e19b2f0eb871b3a307df101eec92304d8bd2143ffdde44d495acc79292df38f9bedeec3282839e249c8a
7
+ data.tar.gz: a905b3a2de76264e2d08113bfa453ed0d846bbee9325da74d3232244bc7bf5a48550203b4ee20971583336bcd63ea0d35c3a50339b4e8950fb406b9e84a7587c
data/lib/cfn-nag/custom_rules/WorkspacesWorkspaceEncryptionRule.rb ADDED
@@ -0,0 +1,27 @@
1
+ require 'cfn-nag/violation'
2
+ require_relative 'base'
3
+
4
+ class WorkspacesWorkspaceEncryptionRule < BaseRule
5
+ def rule_text
6
+ 'Workspace should have encryption enabled'
7
+ end
8
+
9
+ def rule_type
10
+ Violation::FAILING_VIOLATION
11
+ end
12
+
13
+ def rule_id
14
+ 'F29'
15
+ end
16
+
17
+ def audit_impl(cfn_model)
18
+ resources = cfn_model.resources_by_type('AWS::WorkSpaces::Workspace')
19
+
20
+ violating_workspaces = resources.select do |workspace|
21
+ workspace.userVolumeEncryptionEnabled.nil? ||
22
+ workspace.userVolumeEncryptionEnabled.to_s.casecmp('false').zero?
23
+ end
24
+
25
+ violating_workspaces.map(&:logical_resource_id)
26
+ end
27
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.58
4
+ version: 0.3.59
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
@@ -188,6 +188,7 @@ files:
188
188
  - lib/cfn-nag/custom_rules/UserHasInlinePolicyRule.rb
189
189
  - lib/cfn-nag/custom_rules/UserMissingGroupRule.rb
190
190
  - lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb
191
+ - lib/cfn-nag/custom_rules/WorkspacesWorkspaceEncryptionRule.rb
191
192
  - lib/cfn-nag/custom_rules/base.rb
192
193
  - lib/cfn-nag/custom_rules/ebs_volumes_jmespath.rb
193
194
  - lib/cfn-nag/custom_rules/unencrypted_s3_put_allowed.rb