cfn-nag 0.6.20 → 0.6.21
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7e84a4629eb894586819c36a332fd3cdb5b8c25492098870133773b0fb424041
|
4
|
+
data.tar.gz: 43cd5feabbede6b48f57145cf9cc84083d35f1aa1d54c55525fdcd3c8c04199c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2c77d62ea98c2ecba8368b62dc58ebe7e516bc21773116490a25c2d1acf30a8d67e637e392cac71977d4c45755e151c747fdaa391864a2a806af6a11c14a39e4
|
7
|
+
data.tar.gz: ad2af23d60af46fc28daf5157e8e8a2934564e5f102d4bce020249fd654c1c85338dd56bcfab91d0068d5d387ee965406a6771345ea72229397500782112967a
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'cfn-nag/violation'
|
4
|
+
require_relative 'base'
|
5
|
+
|
6
|
+
class KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule < BaseRule
|
7
|
+
def rule_text
|
8
|
+
'Kendra Index ServerSideEncryptionConfiguration should specify a KmsKeyId value.'
|
9
|
+
end
|
10
|
+
|
11
|
+
def rule_type
|
12
|
+
Violation::WARNING
|
13
|
+
end
|
14
|
+
|
15
|
+
def rule_id
|
16
|
+
'W80'
|
17
|
+
end
|
18
|
+
|
19
|
+
def audit_impl(cfn_model)
|
20
|
+
violating_indices = cfn_model.resources_by_type('AWS::Kendra::Index').select do |index|
|
21
|
+
index.serverSideEncryptionConfiguration.nil? ||
|
22
|
+
index.serverSideEncryptionConfiguration['KmsKeyId'].nil?
|
23
|
+
end
|
24
|
+
|
25
|
+
violating_indices.map(&:logical_resource_id)
|
26
|
+
end
|
27
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-nag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.21
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Kascic
|
@@ -260,6 +260,7 @@ files:
|
|
260
260
|
- lib/cfn-nag/custom_rules/IotPolicyWildcardResourceRule.rb
|
261
261
|
- lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb
|
262
262
|
- lib/cfn-nag/custom_rules/KMSKeyWildcardPrincipalRule.rb
|
263
|
+
- lib/cfn-nag/custom_rules/KendraIndexServerSideEncryptionConfigurationKmsKeyIdRule.rb
|
263
264
|
- lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamRedshiftDestinationConfigurationPasswordRule.rb
|
264
265
|
- lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamSplunkDestinationConfigurationHECTokenRule.rb
|
265
266
|
- lib/cfn-nag/custom_rules/KinesisStreamStreamEncryptionRule.rb
|