cfn-nag 0.6.20 → 0.6.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb +27 -0
  3. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: acfa4c8d862bf691a56f99ded65fcfab7f5ca114f91a11aa3d453776093fd862
4
- data.tar.gz: b125a02a79b010e02eee085d7421b359aeefb43de345f5ff8a2ab009c3528c44
3
+ metadata.gz: 7e84a4629eb894586819c36a332fd3cdb5b8c25492098870133773b0fb424041
4
+ data.tar.gz: 43cd5feabbede6b48f57145cf9cc84083d35f1aa1d54c55525fdcd3c8c04199c
5
5
  SHA512:
6
- metadata.gz: 6d52ca5b92b8f8dce9034c493adb4a7c81cebc40211ba524dd8060ce9efdabea09d129d80db2eca2e4560239972d0192302f9027c53bd660139178697e4eb7ed
7
- data.tar.gz: 5198f37c1c20d290d3c2073928f1509bca083dee22b03b099b456406f2bcbcc9f146a00d59d4fd57ef3bf5f44fb2a3753eddf0a0615544ef1374754c75f509d2
6
+ metadata.gz: 2c77d62ea98c2ecba8368b62dc58ebe7e516bc21773116490a25c2d1acf30a8d67e637e392cac71977d4c45755e151c747fdaa391864a2a806af6a11c14a39e4
7
+ data.tar.gz: ad2af23d60af46fc28daf5157e8e8a2934564e5f102d4bce020249fd654c1c85338dd56bcfab91d0068d5d387ee965406a6771345ea72229397500782112967a
data/lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require_relative 'base'
5
+
6
+ class KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule < BaseRule
7
+ def rule_text
8
+ 'Kendra Index ServerSideEncryptionConfiguration should specify a KmsKeyId value.'
9
+ end
10
+
11
+ def rule_type
12
+ Violation::WARNING
13
+ end
14
+
15
+ def rule_id
16
+ 'W80'
17
+ end
18
+
19
+ def audit_impl(cfn_model)
20
+ violating_indices = cfn_model.resources_by_type('AWS::Kendra::Index').select do |index|
21
+ index.serverSideEncryptionConfiguration.nil? ||
22
+ index.serverSideEncryptionConfiguration['KmsKeyId'].nil?
23
+ end
24
+
25
+ violating_indices.map(&:logical_resource_id)
26
+ end
27
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.20
4
+ version: 0.6.21
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
@@ -260,6 +260,7 @@ files:
260
260
  - lib/cfn-nag/custom_rules/IotPolicyWildcardResourceRule.rb
261
261
  - lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb
262
262
  - lib/cfn-nag/custom_rules/KMSKeyWildcardPrincipalRule.rb
263
+ - lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb
263
264
  - lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamRedshiftDestinationConfigurationPasswordRule.rb
264
265
  - lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamSplunkDestinationConfigurationHECTokenRule.rb
265
266
  - lib/cfn-nag/custom_rules/KinesisStreamStreamEncryptionRule.rb