npm - @critiq/rules - Versions diffs - 0.2.0 → 0.3.0 - Mend

@critiq/rules 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

package/rules/cfn/cfn.correctness.template-size-limit.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.template-size-limit
+  title: Template size limit
+  summary: Template size limit
+  rationale: cfn-lint reports E1002 when Template size limit.
+  aliases:
+    - CFLIN-E1002
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e1002
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E1002
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Template size limit
+    summary: "${captures.finding.text} matches cfn-lint E1002."
+  remediation:
+    summary: Resolve the cfn-lint E1002 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.tojsonstring-validation-of-parameters.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.tojsonstring-validation-of-parameters
+  title: Tojsonstring validation of parameters
+  summary: Tojsonstring validation of parameters
+  rationale: cfn-lint reports E1031 when Tojsonstring validation of parameters.
+  aliases:
+    - CFLIN-E1031
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e1031
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E1031
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Tojsonstring validation of parameters
+    summary: "${captures.finding.text} matches cfn-lint E1031."
+  remediation:
+    summary: Resolve the cfn-lint E1031 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.unique-resource-and-parameter-names.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.unique-resource-and-parameter-names
+  title: Unique resource and parameter names
+  summary: Unique resource and parameter names
+  rationale: cfn-lint reports E3007 when Unique resource and parameter names.
+  aliases:
+    - CFLIN-E3007
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e3007
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E3007
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Unique resource and parameter names
+    summary: "${captures.finding.text} matches cfn-lint E3007."
+  remediation:
+    summary: Resolve the cfn-lint E3007 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validate-accesscontrol-are-set-with-ownershipcontrols.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validate-accesscontrol-are-set-with-ownershipcontrols
+  title: Validate accesscontrol are set with ownershipcontrols
+  summary: Validate accesscontrol are set with ownershipcontrols
+  rationale: cfn-lint reports E3045 when Validate accesscontrol are set with ownershipcontrols.
+  aliases:
+    - CFLIN-E3045
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e3045
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E3045
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validate accesscontrol are set with ownershipcontrols
+    summary: "${captures.finding.text} matches cfn-lint E3045."
+  remediation:
+    summary: Resolve the cfn-lint E3045 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validate-aws-event-scheduleexpression-format.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validate-aws-event-scheduleexpression-format
+  title: Validate aws event scheduleexpression format
+  summary: Validate aws event scheduleexpression format
+  rationale: cfn-lint reports E3027 when Validate aws event scheduleexpression format.
+  aliases:
+    - CFLIN-E3027
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e3027
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E3027
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validate aws event scheduleexpression format
+    summary: "${captures.finding.text} matches cfn-lint E3027."
+  remediation:
+    summary: Resolve the cfn-lint E3027 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validate-parameters-for-in-a-nested-stack.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validate-parameters-for-in-a-nested-stack
+  title: Validate parameters for in a nested stack
+  summary: Validate parameters for in a nested stack
+  rationale: cfn-lint reports E3043 when Validate parameters for in a nested stack.
+  aliases:
+    - CFLIN-E3043
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e3043
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E3043
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validate parameters for in a nested stack
+    summary: "${captures.finding.text} matches cfn-lint E3043."
+  remediation:
+    summary: Resolve the cfn-lint E3043 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validate-route53-recordsets.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validate-route53-recordsets
+  title: Validate route53 recordsets
+  summary: Validate route53 recordsets
+  rationale: cfn-lint reports E3020 when Validate route53 recordsets.
+  aliases:
+    - CFLIN-E3020
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e3020
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E3020
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validate route53 recordsets
+    summary: "${captures.finding.text} matches cfn-lint E3020."
+  remediation:
+    summary: Resolve the cfn-lint E3020 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validate-the-configuration-of-the-metadata-section.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validate-the-configuration-of-the-metadata-section
+  title: Validate the configuration of the metadata section
+  summary: Validate the configuration of the metadata section
+  rationale: cfn-lint reports E4002 when Validate the configuration of the metadata section.
+  aliases:
+    - CFLIN-E4002
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e4002
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E4002
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validate the configuration of the metadata section
+    summary: "${captures.finding.text} matches cfn-lint E4002."
+  remediation:
+    summary: Resolve the cfn-lint E4002 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validates-foreach-functions.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validates-foreach-functions
+  title: Validates foreach functions
+  summary: Validates foreach functions
+  rationale: cfn-lint reports E1032 when Validates foreach functions.
+  aliases:
+    - CFLIN-E1032
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e1032
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E1032
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validates foreach functions
+    summary: "${captures.finding.text} matches cfn-lint E1032."
+  remediation:
+    summary: Resolve the cfn-lint E1032 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validation-not-function-configuration.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validation-not-function-configuration
+  title: Validation not function configuration
+  summary: Validation not function configuration
+  rationale: cfn-lint reports E1023 when Validation not function configuration.
+  aliases:
+    - CFLIN-E1023
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e1023
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E1023
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validation not function configuration
+    summary: "${captures.finding.text} matches cfn-lint E1023."
+  remediation:
+    summary: Resolve the cfn-lint E1023 finding in this CloudFormation template.

package/rules/cfn/cfn.correctness.validationdomain-is-superdomain-of-domainname.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.correctness.validationdomain-is-superdomain-of-domainname
+  title: Validationdomain is superdomain of domainname
+  summary: Validationdomain is superdomain of domainname
+  rationale: cfn-lint reports E3503 when Validationdomain is superdomain of domainname.
+  aliases:
+    - CFLIN-E3503
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - e3503
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: E3503
+emit:
+  finding:
+    category: correctness.configuration
+    severity: high
+    confidence: 0.9
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Validationdomain is superdomain of domainname
+    summary: "${captures.finding.text} matches cfn-lint E3503."
+  remediation:
+    summary: Resolve the cfn-lint E3503 finding in this CloudFormation template.

package/rules/cfn/cfn.maintainability.arns-should-use-correctly-placed-pseudo-parameters.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.maintainability.arns-should-use-correctly-placed-pseudo-parameters
+  title: Arns should use correctly placed pseudo parameters
+  summary: Arns should use correctly placed pseudo parameters
+  rationale: cfn-lint reports I3042 when Arns should use correctly placed pseudo parameters.
+  aliases:
+    - CFLIN-I3042
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - i3042
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: I3042
+emit:
+  finding:
+    category: maintainability.configuration
+    severity: low
+    confidence: 0.8
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Arns should use correctly placed pseudo parameters
+    summary: "${captures.finding.text} matches cfn-lint I3042."
+  remediation:
+    summary: Resolve the cfn-lint I3042 finding in this CloudFormation template.

package/rules/cfn/cfn.maintainability.availability-zone-parameters-should-not-be-hardcoded.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.maintainability.availability-zone-parameters-should-not-be-hardcoded
+  title: Availability zone parameters should not be hardcoded
+  summary: Availability zone parameters should not be hardcoded
+  rationale: cfn-lint reports W3010 when Availability zone parameters should not be hardcoded.
+  aliases:
+    - CFLIN-W3010
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - w3010
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: W3010
+emit:
+  finding:
+    category: maintainability.configuration
+    severity: medium
+    confidence: 0.85
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Availability zone parameters should not be hardcoded
+    summary: "${captures.finding.text} matches cfn-lint W3010."
+  remediation:
+    summary: Resolve the cfn-lint W3010 finding in this CloudFormation template.

package/rules/cfn/cfn.maintainability.check-iam-resource-policies-syntax.rule.yaml ADDED Viewed

@@ -0,0 +1,49 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: cfn.maintainability.check-iam-resource-policies-syntax
+  title: Check iam resource policies syntax
+  summary: Check iam resource policies syntax
+  rationale: cfn-lint reports W2511 when Check iam resource policies syntax.
+  aliases:
+    - CFLIN-W2511
+  tags:
+    - cfn
+    - cfn-lint
+    - cloudformation
+    - w2511
+    - rules-catalog
+  stability: stable
+  appliesTo: file
+  detection:
+    kind: pattern
+scope:
+  languages:
+    - all
+  paths:
+    include:
+      - "**/*.yaml"
+      - "**/*.yml"
+      - "**/*.json"
+    exclude:
+      - "**/node_modules/**"
+match:
+  fact:
+    kind: cfn.lint.finding
+    bind: finding
+    where:
+      - path: ruleId
+        equals: W2511
+emit:
+  finding:
+    category: maintainability.configuration
+    severity: medium
+    confidence: 0.85
+    tags:
+      - cfn
+      - cloudformation
+  message:
+    title: Check iam resource policies syntax
+    summary: "${captures.finding.text} matches cfn-lint W2511."
+  remediation:
+    summary: Resolve the cfn-lint W2511 finding in this CloudFormation template.