cfn-nag 0.6.12 → 0.6.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cfn-nag/custom_rules/DynamoDBBackupRule.rb +28 -0
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9b5274ea37c43e66281bd7e21513c650ca7dac661c5ce943e5fce39dad25506c
|
4
|
+
data.tar.gz: 22355ae1a48c603a4f4672d7887134f5087973aab0fda5eda92bcb794f975fbe
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c8d30927728b0b9ea80774a83c937629ede960143b02b69e51ad6a55ce770e15805e6b8adb733d5c461a346d66b4c11c6fc19fd59f90bf0ee614718375c1ac22
|
7
|
+
data.tar.gz: 4043b47cd7b3b9c19a5d1259134346768febabd2418a96c160a27f644e09cdb7a630f57013828e0d5d8bd1d49f3b19b414b6893bd1082e8ad9cfd4f9e27c6bcd
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'cfn-nag/violation'
|
4
|
+
require 'cfn-nag/util/truthy'
|
5
|
+
require_relative 'base'
|
6
|
+
|
7
|
+
class DynamoDBBackupRule < BaseRule
|
8
|
+
def rule_text
|
9
|
+
'DynamoDB table should have backup enabled, should be set using PointInTimeRecoveryEnabled'
|
10
|
+
end
|
11
|
+
|
12
|
+
def rule_type
|
13
|
+
Violation::WARNING
|
14
|
+
end
|
15
|
+
|
16
|
+
def rule_id
|
17
|
+
'W78'
|
18
|
+
end
|
19
|
+
|
20
|
+
def audit_impl(cfn_model)
|
21
|
+
violating_ddb_tables = cfn_model.resources_by_type('AWS::DynamoDB::Table').select do |table|
|
22
|
+
table.pointInTimeRecoverySpecification.nil? ||
|
23
|
+
!truthy?(table.pointInTimeRecoverySpecification['PointInTimeRecoveryEnabled'].to_s)
|
24
|
+
end
|
25
|
+
|
26
|
+
violating_ddb_tables.map(&:logical_resource_id)
|
27
|
+
end
|
28
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-nag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.13
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Kascic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-11-
|
11
|
+
date: 2020-11-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rake
|
@@ -203,6 +203,7 @@ files:
|
|
203
203
|
- lib/cfn-nag/custom_rules/DirectoryServiceMicrosoftADPasswordRule.rb
|
204
204
|
- lib/cfn-nag/custom_rules/DirectoryServiceSimpleADPasswordRule.rb
|
205
205
|
- lib/cfn-nag/custom_rules/DocDBDBClusterMasterUserPasswordRule.rb
|
206
|
+
- lib/cfn-nag/custom_rules/DynamoDBBackupRule.rb
|
206
207
|
- lib/cfn-nag/custom_rules/DynamoDBBillingModeRule.rb
|
207
208
|
- lib/cfn-nag/custom_rules/DynamoDBEncryptionRule.rb
|
208
209
|
- lib/cfn-nag/custom_rules/EC2NetworkAclEntryDuplicateRule.rb
|