cfn-nag 0.6.14 → 0.6.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/LogsLogGroupRetentionRule.rb +27 -0
  3. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 834f2a3fa72ba8263f6c1c6602da439ffd63f2e5dbdff3c5ca7828d08e805e7b
4
- data.tar.gz: 805de39301a8a7972ceb6acb27911e0e551d3cd236501d54608af9ec84210ddb
3
+ metadata.gz: 16861651aa50f0df55c1f09ab3ee2b6805a5bbe5df2553509f1728922809d878
4
+ data.tar.gz: ecf3c006adc7f35cd5f01246b2cb9315c029c7b86055d5ee5438fa2eeb44b68c
5
5
  SHA512:
6
- metadata.gz: 45a8a649e813676a3299a69292981065b3f41b0aed19377b4c84b20876aa6f84e0473721967d4c689207b90ba5c51d70816e9226af89962409c4dad960de8227
7
- data.tar.gz: 86c3bd27996e14a73a26a4e5fb8bb16360da8caf9a320c00517a61ba42eff7ce257643a7e7ed86a3661ea7c406604484ef915198e40d57b0031150d490e6fa6c
6
+ metadata.gz: 640dcd9fe284f48ddcc714fc8573115062547e4e81c7b73500f7369e37392b7c4e06666ec1ac0d294d6f737d31f62be0062eaf745a1e5b640401b79ccafbf4cd
7
+ data.tar.gz: df569ee1ad3089fd480dd9957cc7dbca4a0d4ec469aadc81048d143f9584369987ce3de53798e3ebd2b986a1ae44f6844c32b3e9e30b242ed7938f8edf2b1799
data/lib/cfn-nag/custom_rules/LogsLogGroupRetentionRule.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require 'cfn-nag/util/truthy'
5
+ require_relative 'base'
6
+
7
+ class LogsLogGroupRetentionRule < BaseRule
8
+ def rule_text
9
+ 'CloudWatchLogs LogGroup should specify RetentionInDays to expire the log data'
10
+ end
11
+
12
+ def rule_type
13
+ Violation::WARNING
14
+ end
15
+
16
+ def rule_id
17
+ 'W86'
18
+ end
19
+
20
+ def audit_impl(cfn_model)
21
+ violating_groups = cfn_model.resources_by_type('AWS::Logs::LogGroup').select do |group|
22
+ group.retentionInDays.nil?
23
+ end
24
+
25
+ violating_groups.map(&:logical_resource_id)
26
+ end
27
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.14
4
+ version: 0.6.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-31 00:00:00.000000000 Z
11
+ date: 2021-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -263,6 +263,7 @@ files:
263
263
  - lib/cfn-nag/custom_rules/LambdaPermissionEventSourceTokenRule.rb
264
264
  - lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb
265
265
  - lib/cfn-nag/custom_rules/LambdaPermissionWildcardPrincipalRule.rb
266
+ - lib/cfn-nag/custom_rules/LogsLogGroupRetentionRule.rb
266
267
  - lib/cfn-nag/custom_rules/ManagedBlockchainMemberMemberFabricConfigurationAdminPasswordRule.rb
267
268
  - lib/cfn-nag/custom_rules/ManagedPolicyOnUserRule.rb
268
269
  - lib/cfn-nag/custom_rules/MissingBucketPolicyRule.rb