cfn-nag 0.8.8 → 0.8.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/custom_rules/IamRolePassRoleWildcardResourceRule.rb +1 -1
  3. data/lib/cfn-nag/custom_rules/passrole_base_rule.rb +1 -1
  4. data/lib/cfn-nag/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 735dbd2dbf597b2da5cc262af063155a84c0189262214bd64bc5584b9ad3b2e2
4
- data.tar.gz: 106a0f471c6db4c1c8d5958d3d720694aae6d56f09135f6c81112e5b55240ce9
3
+ metadata.gz: f4a16eb5cda1347c3d70d1dba6c5408df9cc1eb6fd59ddf9ceab8bc35e4c2a1f
4
+ data.tar.gz: acf74edd1722eb6703cb9b3984c0c6656f154564fdb8e4ad758ce00c60a0d52c
5
5
  SHA512:
6
- metadata.gz: 55338fd7776fec785e0ddf95c7df5f151f7c08b66f0a16dbe666e628e8d96186a2bcd5ffb321325a1b4376248f0b3ef662c313e7ecc84690f6c493406aec5e6e
7
- data.tar.gz: ed07441a28f36e3ec63bcb5774bcc3b6991b731de5bba511e95f59d86a51a5796797111ed4acc0511f9d769ab6894aa1037061797072fcbb63ffd1f9c512e7cb
6
+ metadata.gz: ce414a1ff11e5a981b410d6dd0f37ae8e677a333aafe66de03fd50cac3fb7d9edc46a229708950cfd03965d1b972f449308c7d241f6869d59159c889b4fc2ca2
7
+ data.tar.gz: 7ddefcb9485dd9283fca42013fdcf0975358ebb7026acdc6038e38d7438489b8a9367b866bbe7d79e2572907e02b90af212a89ca64a9eb23f7d7d4a6e568af00
data/lib/cfn-nag/custom_rules/IamRolePassRoleWildcardResourceRule.rb CHANGED
@@ -23,7 +23,7 @@ class IamRolePassRoleWildcardResourceRule < BaseRule
23
23
  violating_roles = cfn_model.resources_by_type('AWS::IAM::Role').select do |role|
24
24
  violating_policies = role.policy_objects.select do |policy|
25
25
  violating_statements = policy.policy_document.statements.select do |statement|
26
- passrole_action?(statement) && wildcard_resource?(statement)
26
+ statement.effect == 'Allow' && passrole_action?(statement) && wildcard_resource?(statement)
27
27
  end
28
28
  !violating_statements.empty?
29
29
  end
data/lib/cfn-nag/custom_rules/passrole_base_rule.rb CHANGED
@@ -16,7 +16,7 @@ class PassRoleBaseRule < BaseRule
16
16
 
17
17
  violating_policies = policies.select do |policy|
18
18
  violating_statements = policy.policy_document.statements.select do |statement|
19
- passrole_action?(statement) && wildcard_resource?(statement)
19
+ statement.effect == 'Allow' && passrole_action?(statement) && wildcard_resource?(statement)
20
20
  end
21
21
  !violating_statements.empty?
22
22
  end
data/lib/cfn-nag/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  module CfnNagVersion
4
4
  # This is managed at release time via scripts/publish.sh
5
- VERSION = '0.8.8'
5
+ VERSION = '0.8.9'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.8
4
+ version: 0.8.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-04 00:00:00.000000000 Z
11
+ date: 2022-01-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake