cfn-nag 0.6.17 → 0.6.18

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/DAXClusterEncryptionRule.rb +27 -0
  3. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4a66afcd6ab5d1bdc31dc4e8fa97ba37c076bdf34a50d5142a060439998871c4
4
- data.tar.gz: 31342a9596c899f8c6a6eecd112a9c9d3abf7a159e748c3ffa7ab6830d67330d
3
+ metadata.gz: 8a3fc1115d0e9a1739ac2a1fdddbd6ee693450fbf292f512e2554570293cbb01
4
+ data.tar.gz: 21fcfbd6d9deba76d3764b5170d382a1642d79a0322d49eb71805c7b15c41ae5
5
5
  SHA512:
6
- metadata.gz: fc28b0a404b8c110ce83379e4306ec3ad70beb26f5d379e92eb97764003b157072ce0a0a5a165ad31ab310276929aa551668ae915fc279d2b5ec829050867dee
7
- data.tar.gz: e9d0bc21b3abef53cd32c36142266418d13d7b61f715db8e2a92e43fcbc48a71147f3645cf3c3b8cd050198eb3f2ef92632c8ef97b0860a5a26672ef266b581f
6
+ metadata.gz: 6c18afb97fcb0df30296eb6660e6c07bdb4e7e241148529edb68e11bd0ef8bd3dbb5bbf065be4d6ff554eb025059a7da5f53185481bcca75d0540447703838da
7
+ data.tar.gz: c42ed45e2cc5177e8e26acd0f503682b6deb6f0f172c31214753654ac31425e609f17b0cbf60050002fa40a628fd53f7048ab7831b5f211b2cf4908e5a17f8b0
data/lib/cfn-nag/custom_rules/DAXClusterEncryptionRule.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require 'cfn-nag/util/truthy'
5
+ require_relative 'base'
6
+
7
+ class DAXClusterEncryptionRule < BaseRule
8
+ def rule_text
9
+ 'DynamoDB Accelerator (DAX) Cluster should have encryption enabled'
10
+ end
11
+
12
+ def rule_type
13
+ Violation::WARNING
14
+ end
15
+
16
+ def rule_id
17
+ 'W83'
18
+ end
19
+
20
+ def audit_impl(cfn_model)
21
+ violating_clusters = cfn_model.resources_by_type('AWS::DAX::Cluster').select do |cluster|
22
+ cluster.sSESpecification.nil? || !truthy?(cluster.sSESpecification['SSEEnabled'].to_s)
23
+ end
24
+
25
+ violating_clusters.map(&:logical_resource_id)
26
+ end
27
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.17
4
+ version: 0.6.18
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
@@ -198,6 +198,7 @@ files:
198
198
  - lib/cfn-nag/custom_rules/CodePipelineWebhookAuthenticationConfigurationSecretTokenRule.rb
199
199
  - lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb
200
200
  - lib/cfn-nag/custom_rules/CognitoUserPoolMfaConfigurationOnorOptionalRule.rb
201
+ - lib/cfn-nag/custom_rules/DAXClusterEncryptionRule.rb
201
202
  - lib/cfn-nag/custom_rules/DMSEndpointMongoDbSettingsPasswordRule.rb
202
203
  - lib/cfn-nag/custom_rules/DMSEndpointPasswordRule.rb
203
204
  - lib/cfn-nag/custom_rules/DirectoryServiceMicrosoftADPasswordRule.rb