RubyGems - cfn-nag - Versions diffs - 0.7.2 → 0.7.3 - Mend

cfn-nag 0.7.2 → 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

checksums.yaml +4 -4
data/lib/cfn-nag/custom_rules/ApiGatewayCacheEncryptedRule.rb +34 -0
metadata +8 -8

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f180cde695c0a172b8ef42bdd38f58cc403adf10847a22f57af36dd0fb8ab743
-  data.tar.gz: 48b315081d53ca804e8d6f2ba5d245dd117beb07a057c368ab7edeeadd5140ff
+  metadata.gz: d145d8825a2b75a15637c38316311f3a81e34d4c0e4a0da762bb8736d8f92bbd
+  data.tar.gz: 0f86a5e05e4661ee957576eb00c82835917bd9d05ed130ecac583aa8591e98c2
 SHA512:
-  metadata.gz: efc72eac3b1fbd17e420e19b7e1d61a55136083c00516490bdeee626cb39bf4e6a64cb75a1ac5b5ccc3321ba58774fe639855d919bcd439e0c88633d2728b12f
-  data.tar.gz: bef1eeac336bc1c3a0c1c566a744f6eb7fdbe8dd9e15aeccd819caed044b7c37d66bbc4102e70522b79e71cd0fd1b6709bfa5362ff2c7e8c902ca2b79db49dcb
+  metadata.gz: 1db97cdbc8e20ad8b4600668f13a80271aaa315cdff7c72881467e951f815e32e6929bd00edc4f28fd3b7b96fcd3163889d62a0f35bcc1f39d94d80733331fb9
+  data.tar.gz: 6640df3fcaf9f3745252975c1a62e3bfb499f7fdbb8d3f7c8e3c4f035a02ea70a1e0152686b6ec3555dda7fed3c8779b11068ef55bbef40eabfc059171ad93c5

data/lib/cfn-nag/custom_rules/ApiGatewayCacheEncryptedRule.rb ADDED Viewed

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+require 'cfn-nag/violation'
+require_relative 'base'
+class ApiGatewayCacheEncryptedRule < BaseRule
+  def rule_text
+    'ApiGateway Deployment should have cache data encryption enabled when caching is enabled' \
+    ' in StageDescription properties'
+  end
+  def rule_type
+    Violation::WARNING
+  end
+  def rule_id
+    'W87'
+  end
+  def audit_impl(cfn_model)
+    violating_deployments = cfn_model.resources_by_type('AWS::ApiGateway::Deployment').select do |deployment|
+      violating_deployment?(deployment)
+    end
+    violating_deployments.map(&:logical_resource_id)
+  end
+  private
+  def violating_deployment?(deployment)
+    !deployment.stageDescription.nil? && truthy?(deployment.stageDescription['CachingEnabled']) \
+    && !truthy?(deployment.stageDescription['CacheDataEncrypted'])
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cfn-nag
 version: !ruby/object:Gem::Version
-  version: 0.7.2
+  version: 0.7.3
 platform: ruby
 authors:
 - Eric Kascic
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-15 00:00:00.000000000 Z
+date: 2021-03-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -165,7 +165,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: Auditing tool for CloudFormation templates
-email:
+email:
 executables:
 - cfn_nag
 - cfn_nag_rules
@@ -197,6 +197,7 @@ files:
 - lib/cfn-nag/custom_rules/AmplifyAppOauthTokenRule.rb
 - lib/cfn-nag/custom_rules/AmplifyBranchBasicAuthConfigPasswordRule.rb
 - lib/cfn-nag/custom_rules/ApiGatewayAccessLoggingRule.rb
+- lib/cfn-nag/custom_rules/ApiGatewayCacheEncryptedRule.rb
 - lib/cfn-nag/custom_rules/ApiGatewayDeploymentUsagePlanRule.rb
 - lib/cfn-nag/custom_rules/ApiGatewayMethodAuthorizationTypeRule.rb
 - lib/cfn-nag/custom_rules/ApiGatewaySecurityPolicyRule.rb
@@ -389,7 +390,7 @@ homepage: https://github.com/stelligent/cfn_nag
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -405,9 +406,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.6
-signing_key:
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
 summary: cfn-nag
 test_files: []