RubyGems - cfn-nag - Versions diffs - 0.4.40 → 0.4.41 - Mend

cfn-nag 0.4.40 → 0.4.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/cfn-nag/custom_rules/SecurityGroupEgressAllProtocolsRule.rb +10 -2
data/lib/cfn-nag/custom_rules/SecurityGroupIngressAllProtocolsRule.rb +10 -2
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 84fab67d616f1d8e20a7bed01e110d16ee2a7e3be28659566975b43d1fa62f49
-  data.tar.gz: 6005bc66745ff5b054b8d621aab4117ece00d3e326602dd887b454299fd6bd6a
+  metadata.gz: 5717509a5713623b4f9f0e8842ea6f9763f3c16282d883438b79f7792c5ca7f1
+  data.tar.gz: ebeea57d8a3fc5a59fd461b65d16ef11af5f14da66a3f854de7cc9ac6c2d50a9
 SHA512:
-  metadata.gz: c4399c6417ace2f9a9949dd1dcec508abdbc3d0f36e8124f9579edf648a34ce71f34ab0c6db9b5329fc01b9f8888dc1c5f59591a6f02e418e0a6bb9a2894e539
-  data.tar.gz: 74d61738a619b4ddf160bb29b5004478b2b2609595720a79d86fe89e79d79578655553263b7588f0d56e2c5a2c18b6c1e3ad55191168b0537fc558ce78052ce4
+  metadata.gz: 8412f74d9508acfa2cf7134e27d885fb0953bda6727299c200df28f9ca4bb3d0535e9a9484f736823581aa93ea0668a3cf5abe814063de040042e7064d263725
+  data.tar.gz: 7fbf0e3d0f31ef8753804d208efc816209b47afb65368959f1303e06030332e340853459e786d74863c4e2bf30cb1be24622047b5982da01574f5d143ca4b358

data/lib/cfn-nag/custom_rules/SecurityGroupEgressAllProtocolsRule.rb CHANGED Viewed

@@ -22,14 +22,22 @@ class SecurityGroupEgressAllProtocolsRule < BaseRule
   def audit_impl(cfn_model)
     violating_security_groups = cfn_model.security_groups.select do |security_group|
       violating_egresses = security_group.egresses.select do |egress|
-        egress.ipProtocol.to_i == -1
+        if egress.ipProtocol.is_a?(Integer) || egress.ipProtocol.is_a?(String)
+          egress.ipProtocol.to_i == -1
+        else
+          false
+        end
       end
       !violating_egresses.empty?
     end
     violating_egresses = cfn_model.standalone_egress.select do |standalone_egress|
-      standalone_egress.ipProtocol.to_i == -1
+      if standalone_egress.ipProtocol.is_a?(Integer) || standalone_egress.ipProtocol.is_a?(String)
+        standalone_egress.ipProtocol.to_i == -1
+      else
+        false
+      end
     end
     violating_security_groups.map(&:logical_resource_id) + violating_egresses.map(&:logical_resource_id)

data/lib/cfn-nag/custom_rules/SecurityGroupIngressAllProtocolsRule.rb CHANGED Viewed

@@ -22,14 +22,22 @@ class SecurityGroupIngressAllProtocolsRule < BaseRule
   def audit_impl(cfn_model)
     violating_security_groups = cfn_model.security_groups.select do |security_group|
       violating_ingresses = security_group.ingresses.select do |ingress|
-        ingress.ipProtocol.to_i == -1
+        if ingress.ipProtocol.is_a?(Integer) || ingress.ipProtocol.is_a?(String)
+          ingress.ipProtocol.to_i == -1
+        else
+          false
+        end
       end
       !violating_ingresses.empty?
     end
     violating_ingresses = cfn_model.standalone_ingress.select do |standalone_ingress|
-      standalone_ingress.ipProtocol.to_i == -1
+      if standalone_ingress.ipProtocol.is_a?(Integer) || standalone_ingress.ipProtocol.is_a?(String)
+        standalone_ingress.ipProtocol.to_i == -1
+      else
+        false
+      end
     end
     violating_security_groups.map(&:logical_resource_id) + violating_ingresses.map(&:logical_resource_id)

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cfn-nag
 version: !ruby/object:Gem::Version
-  version: 0.4.40
+  version: 0.4.41
 platform: ruby
 authors:
 - Eric Kascic