cfn-nag 0.6.20 → 0.6.21

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb +27 -0
  3. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: acfa4c8d862bf691a56f99ded65fcfab7f5ca114f91a11aa3d453776093fd862
4
- data.tar.gz: b125a02a79b010e02eee085d7421b359aeefb43de345f5ff8a2ab009c3528c44
3
+ metadata.gz: 7e84a4629eb894586819c36a332fd3cdb5b8c25492098870133773b0fb424041
4
+ data.tar.gz: 43cd5feabbede6b48f57145cf9cc84083d35f1aa1d54c55525fdcd3c8c04199c
5
5
  SHA512:
6
- metadata.gz: 6d52ca5b92b8f8dce9034c493adb4a7c81cebc40211ba524dd8060ce9efdabea09d129d80db2eca2e4560239972d0192302f9027c53bd660139178697e4eb7ed
7
- data.tar.gz: 5198f37c1c20d290d3c2073928f1509bca083dee22b03b099b456406f2bcbcc9f146a00d59d4fd57ef3bf5f44fb2a3753eddf0a0615544ef1374754c75f509d2
6
+ metadata.gz: 2c77d62ea98c2ecba8368b62dc58ebe7e516bc21773116490a25c2d1acf30a8d67e637e392cac71977d4c45755e151c747fdaa391864a2a806af6a11c14a39e4
7
+ data.tar.gz: ad2af23d60af46fc28daf5157e8e8a2934564e5f102d4bce020249fd654c1c85338dd56bcfab91d0068d5d387ee965406a6771345ea72229397500782112967a
data/lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'cfn-nag/violation'
4
+ require_relative 'base'
5
+
6
+ class KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule < BaseRule
7
+ def rule_text
8
+ 'Kendra Index ServerSideEncryptionConfiguration should specify a KmsKeyId value.'
9
+ end
10
+
11
+ def rule_type
12
+ Violation::WARNING
13
+ end
14
+
15
+ def rule_id
16
+ 'W80'
17
+ end
18
+
19
+ def audit_impl(cfn_model)
20
+ violating_indices = cfn_model.resources_by_type('AWS::Kendra::Index').select do |index|
21
+ index.serverSideEncryptionConfiguration.nil? ||
22
+ index.serverSideEncryptionConfiguration['KmsKeyId'].nil?
23
+ end
24
+
25
+ violating_indices.map(&:logical_resource_id)
26
+ end
27
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.20
4
+ version: 0.6.21
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
@@ -260,6 +260,7 @@ files:
260
260
  - lib/cfn-nag/custom_rules/IotPolicyWildcardResourceRule.rb
261
261
  - lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb
262
262
  - lib/cfn-nag/custom_rules/KMSKeyWildcardPrincipalRule.rb
263
+ - lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb
263
264
  - lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamRedshiftDestinationConfigurationPasswordRule.rb
264
265
  - lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamSplunkDestinationConfigurationHECTokenRule.rb
265
266
  - lib/cfn-nag/custom_rules/KinesisStreamStreamEncryptionRule.rb