cfn-nag 0.4.1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/S3BucketAccessLoggingRule.rb +26 -0
  3. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4c22e9a701323d4590b6540a493979c119236e2731581b155ebf60d5d64444a1
4
- data.tar.gz: 0d193a6821cb0376b2a6924dd19d002943ee844310d9f9aad18905f3037dac02
3
+ metadata.gz: 0f5de570723903c2f18b9357dff531d4f5b20f6fe39e8dfe91deac5958727b68
4
+ data.tar.gz: 57995b9d7d51647a764c839b11be7faccd1d1a80e46f9fb3a304543684de44c7
5
5
  SHA512:
6
- metadata.gz: 4813009aaeaee81ba6d1cc78a65ee903f52034cbf07eb19326e4ede15ab2a372ef5b885e15304475cb4e080cadde235fa21a244b4dc0092388b332d41e743306
7
- data.tar.gz: 9b007f901ead4856020d534f2b5a47420670923249e194a0608ae3f0939f848f31706d517dabd6c4e4783f1810e701ec8f0622ea84f3780e53dd7902d6487121
6
+ metadata.gz: dda098626fa0aa22b6f244c24b4c2935ddc27c6da3f127644548ededd5901790e1478b74027c69854eb04b24496688ebb224c3d72fff69042c728cb403776986
7
+ data.tar.gz: d03936c85264a72189f2690c9fc348c962ad0d32fc6826216d0fc0da59f67099112bcc870c278c59e6855e145dde5a8a7dfb6ae6f3af3beda43a127f8a9a143a
data/lib/cfn-nag/custom_rules/S3BucketAccessLoggingRule.rb ADDED
@@ -0,0 +1,26 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require_relative 'base'
5
+
6
+ class S3BucketAccessLoggingRule < BaseRule
7
+ def rule_text
8
+ 'S3 Bucket should have access logging configured'
9
+ end
10
+
11
+ def rule_type
12
+ Violation::WARNING
13
+ end
14
+
15
+ def rule_id
16
+ 'W35'
17
+ end
18
+
19
+ def audit_impl(cfn_model)
20
+ violating_buckets = cfn_model.resources_by_type('AWS::S3::Bucket').select do |bucket|
21
+ bucket.loggingConfiguration.nil?
22
+ end
23
+
24
+ violating_buckets.map(&:logical_resource_id)
25
+ end
26
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
@@ -177,6 +177,7 @@ files:
177
177
  - lib/cfn-nag/custom_rules/RDSInstancePubliclyAccessibleRule.rb
178
178
  - lib/cfn-nag/custom_rules/RedshiftClusterEncryptedRule.rb
179
179
  - lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb
180
+ - lib/cfn-nag/custom_rules/S3BucketAccessLoggingRule.rb
180
181
  - lib/cfn-nag/custom_rules/S3BucketPolicyNotActionRule.rb
181
182
  - lib/cfn-nag/custom_rules/S3BucketPolicyNotPrincipalRule.rb
182
183
  - lib/cfn-nag/custom_rules/S3BucketPolicyWildcardActionRule.rb