cfn-nag 0.5.44 → 0.5.45
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 424808d9452649031718acceb05eeb903daf82f7d60e8f46dc98e714b786e555
|
|
4
|
+
data.tar.gz: cf1c7e880364ef8e7af60abf821d9b75e197c26a7317924861c1c86c485e9136
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c31390c228c5adfd9317619902742199d34b651fc9c9e995c7a672dcab652921c8063be442649e51ae17a20198a96de281e0561e69c914d8bb3503558434cbe5
|
|
7
|
+
data.tar.gz: 572573eb0151b778cb612fe95cf361b2a1ed9ca960b2e744c58d4b25ee455c7793109e3c31a5b986a9ece4db4c3c097f215408f4347402abe2e08bdffb760c79
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'cfn-nag/violation'
|
|
4
|
+
require_relative 'base'
|
|
5
|
+
|
|
6
|
+
class RDSInstanceBackupRetentionPeriodRule < BaseRule
|
|
7
|
+
def rule_text
|
|
8
|
+
'RDS instance should have backup retention period greater than 0'
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def rule_type
|
|
12
|
+
Violation::WARNING
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def rule_id
|
|
16
|
+
'W75'
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def audit_impl(cfn_model)
|
|
20
|
+
rds_dbinstances = cfn_model.resources_by_type('AWS::RDS::DBInstance')
|
|
21
|
+
|
|
22
|
+
violating_rdsinstances = rds_dbinstances.select do |instance|
|
|
23
|
+
violating_period(instance.backupRetentionPeriod)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
violating_rdsinstances.map(&:logical_resource_id)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def violating_period(backup_retention_period)
|
|
30
|
+
return false if backup_retention_period.nil?
|
|
31
|
+
|
|
32
|
+
backup_retention_period.to_i.zero?
|
|
33
|
+
end
|
|
34
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cfn-nag
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.45
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Kascic
|
|
@@ -279,6 +279,7 @@ files:
|
|
|
279
279
|
- lib/cfn-nag/custom_rules/RDSDBInstanceMasterUserPasswordRule.rb
|
|
280
280
|
- lib/cfn-nag/custom_rules/RDSDBInstanceMasterUsernameRule.rb
|
|
281
281
|
- lib/cfn-nag/custom_rules/RDSDBInstanceStorageEncryptedRule.rb
|
|
282
|
+
- lib/cfn-nag/custom_rules/RDSInstanceBackupRetentionPeriodRule.rb
|
|
282
283
|
- lib/cfn-nag/custom_rules/RDSInstanceDeletionProtectionRule.rb
|
|
283
284
|
- lib/cfn-nag/custom_rules/RDSInstancePubliclyAccessibleRule.rb
|
|
284
285
|
- lib/cfn-nag/custom_rules/RedshiftClusterEncryptedRule.rb
|