cfn-nag 0.6.14 → 0.6.15

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/LogsLogGroupRetentionRule.rb +27 -0
  3. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 834f2a3fa72ba8263f6c1c6602da439ffd63f2e5dbdff3c5ca7828d08e805e7b
4
- data.tar.gz: 805de39301a8a7972ceb6acb27911e0e551d3cd236501d54608af9ec84210ddb
3
+ metadata.gz: 16861651aa50f0df55c1f09ab3ee2b6805a5bbe5df2553509f1728922809d878
4
+ data.tar.gz: ecf3c006adc7f35cd5f01246b2cb9315c029c7b86055d5ee5438fa2eeb44b68c
5
5
  SHA512:
6
- metadata.gz: 45a8a649e813676a3299a69292981065b3f41b0aed19377b4c84b20876aa6f84e0473721967d4c689207b90ba5c51d70816e9226af89962409c4dad960de8227
7
- data.tar.gz: 86c3bd27996e14a73a26a4e5fb8bb16360da8caf9a320c00517a61ba42eff7ce257643a7e7ed86a3661ea7c406604484ef915198e40d57b0031150d490e6fa6c
6
+ metadata.gz: 640dcd9fe284f48ddcc714fc8573115062547e4e81c7b73500f7369e37392b7c4e06666ec1ac0d294d6f737d31f62be0062eaf745a1e5b640401b79ccafbf4cd
7
+ data.tar.gz: df569ee1ad3089fd480dd9957cc7dbca4a0d4ec469aadc81048d143f9584369987ce3de53798e3ebd2b986a1ae44f6844c32b3e9e30b242ed7938f8edf2b1799
data/lib/cfn-nag/custom_rules/LogsLogGroupRetentionRule.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require 'cfn-nag/util/truthy'
5
+ require_relative 'base'
6
+
7
+ class LogsLogGroupRetentionRule < BaseRule
8
+ def rule_text
9
+ 'CloudWatchLogs LogGroup should specify RetentionInDays to expire the log data'
10
+ end
11
+
12
+ def rule_type
13
+ Violation::WARNING
14
+ end
15
+
16
+ def rule_id
17
+ 'W86'
18
+ end
19
+
20
+ def audit_impl(cfn_model)
21
+ violating_groups = cfn_model.resources_by_type('AWS::Logs::LogGroup').select do |group|
22
+ group.retentionInDays.nil?
23
+ end
24
+
25
+ violating_groups.map(&:logical_resource_id)
26
+ end
27
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.14
4
+ version: 0.6.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-31 00:00:00.000000000 Z
11
+ date: 2021-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -263,6 +263,7 @@ files:
263
263
  - lib/cfn-nag/custom_rules/LambdaPermissionEventSourceTokenRule.rb
264
264
  - lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb
265
265
  - lib/cfn-nag/custom_rules/LambdaPermissionWildcardPrincipalRule.rb
266
+ - lib/cfn-nag/custom_rules/LogsLogGroupRetentionRule.rb
266
267
  - lib/cfn-nag/custom_rules/ManagedBlockchainMemberMemberFabricConfigurationAdminPasswordRule.rb
267
268
  - lib/cfn-nag/custom_rules/ManagedPolicyOnUserRule.rb
268
269
  - lib/cfn-nag/custom_rules/MissingBucketPolicyRule.rb