cfn-check 0.3.3__py3-none-any.whl → 0.4.0__py3-none-any.whl

cfn_check/cli/render.py

@@ -0,0 +1,70 @@
+
+from async_logging import LogLevelName, Logger, LoggingConfig
+from cocoa.cli import CLI
+
+from cfn_check.cli.utils.files import load_templates, write_to_file
+from cfn_check.rendering import Renderer
+from cfn_check.logging.models import InfoLog
+
+
+@CLI.command()
+async def render(
+    path: str,
+    output_file: str  = 'rendered.yml',
+    mappings: list[str] | None = None,
+    tags: list[str] = [
+        'Ref',
+        'Sub',
+        'Join',
+        'Select',
+        'Split',
+        'GetAtt',
+        'GetAZs',
+        'ImportValue',
+        'Equals',
+        'If',
+        'Not',
+        'And',
+        'Or',
+        'Condition',
+        'FindInMap',
+    ],
+    log_level: LogLevelName = 'info',
+):
+    """
+    Render a Cloud Formation template
+
+    @param output_file Path to output the rendered CloudFormation template to
+    @param mappings A list of <key>=<value> string pairs specifying Mappings
+    @param tags List of CloudFormation intrinsic function tags
+    @param log_level The log level to use
+    """
+    logging_config = LoggingConfig()
+    logging_config.update(
+        log_level=log_level,
+        log_output='stderr',
+    )
+
+    selected_mappings: dict[str, str] | None = None
+
+    if mappings:
+        selected_mappings = dict([
+            mapping.split('=', maxsplit=1) for mapping in mappings if len(mapping.split('=', maxsplit=1)) > 0
+        ])
+
+    logger = Logger()
+
+    templates = await load_templates(
+        path,
+        tags,
+    )
+
+    assert len(templates) == 1 , '❌ Can only render one file'
+
+    _, template = templates[0]
+    renderer = Renderer()
+    rendered = renderer.render(template, selected_mappings=selected_mappings)
+
+    await write_to_file(output_file, rendered)
+
+    await logger.log(InfoLog(message=f'✅ {path} template rendered'))

cfn_check/cli/root.py

@@ -7,6 +7,7 @@ from cocoa.ui.components.terminal import Section, SectionConfig
 from cocoa.ui.components.header import Header, HeaderConfig
 from cocoa.ui.components.terminal import Terminal, EngineConfig
 
+from .render import render
 from .validate import validate
 
 async def create_header(
@@ -47,7 +48,8 @@ async def create_header(
 
 
 
-@CLI.root(  
+@CLI.root( 
+    render, 
     validate,
     global_styles=CLIStyle(
         header=create_header,

cfn_check/cli/utils/attributes.py

@@ -4,7 +4,7 @@ from cfn_check.validation.validator import Validator
 
 def bind(
     rule_set: Collection,
-    validation: Validator
+    validation: Validator,
 ):
     validation.func = validation.func.__get__(rule_set, rule_set.__class__)
     setattr(rule_set, validation.func.__name__, validation.func)

cfn_check/cli/utils/files.py

@@ -10,14 +10,14 @@ from cfn_check.loader.loader import (
 )
 from cfn_check.shared.types import YamlObject, Data
 
-def open_template(path: str) -> YamlObject | None:
+def open_template(path: str) -> tuple[str, YamlObject] | None:
 
     if os.path.exists(path) is False:
         return None
 
     try:
         with open(path, 'r') as f:
-            return yaml.load(f, Loader=Loader)
+            return (path, yaml.load(f, Loader=Loader))
     except Exception as e:
         raise e
     
@@ -38,6 +38,16 @@ async def convert_to_cwd(loop: asyncio.AbstractEventLoop):
         os.getcwd,
     )
 
+async def convert_to_absolute(path: str, loop: asyncio.AbstractEventLoop) -> str:
+    abspath = pathlib.Path(path)
+
+    return str(
+        await loop.run_in_executor(
+            None,
+            abspath.absolute,
+        )
+    )
+
 async def localize_path(path: str, loop: asyncio.AbstractEventLoop):
     localized = path.replace('~/', '')
 
@@ -99,7 +109,7 @@ async def load_templates(
         Loader.add_constructor(f'!{tag}', new_tag)
 
     
-    templates: list[Data]  = await asyncio.gather(*[
+    templates: list[tuple[str, Data]]  = await asyncio.gather(*[
         loop.run_in_executor(
             None,
             open_template,
@@ -114,3 +124,23 @@ async def load_templates(
     assert len(found_templates) > 0, "❌ Could not open any templates"
 
     return templates
+
+
+async def write_to_file(path: str, data: YamlObject):
+    loop = asyncio.get_event_loop()
+
+    if path.startswith('~/'):
+        path = await localize_path(path, loop)
+
+    output_path = await convert_to_absolute(path, loop)
+
+    await loop.run_in_executor(
+        None,
+        _write_to_file,
+        output_path,
+        data,
+    )
+
+def _write_to_file(path: str, data: YamlObject):
+    with open(path, 'w') as yml:
+        yaml.safe_dump(data, yml, indent=2)

cfn_check/cli/validate.py

@@ -58,6 +58,11 @@ async def validate(
         file_pattern=file_pattern,
     )
 
+    for file, data in templates:
+        for name, rule in rules.data.items():
+            rules.data[name] = rule()
+            rules.data[name].documents[file] = data
+
     validation_set = ValidationSet([ 
         bind(
             rule,
@@ -68,7 +73,9 @@ async def validate(
         if isinstance(validation, Validator)
     ])
     
-    if validation_error := validation_set.validate(templates):
+    if validation_error := validation_set.validate([
+        template_data for _, template_data in templates
+    ]):
         raise validation_error
     
     templates_evaluated = len(templates)

cfn_check/collection/collection.py

@@ -1,2 +1,60 @@
+from typing import Callable
+from pydantic import ValidationError
+
+from cfn_check.shared.types import Data
+from cfn_check.evaluation.evaluator import Evaluator
+
 class Collection:
-    pass
+    
+    def __init__(self):
+        self.documents: dict[str, Data] = {}
+        self._evaluator = Evaluator()
+
+
+    def query(
+        self,
+        query: str,
+        document: str | None = None,
+        filters: list[Callable[[Data], Data]] | None = None
+    ) -> list[Data] | None:
+
+        if document and (
+            document_data := self.documents.get(document)
+        ):
+            return self._evaluator.match(
+                document_data,
+                query,
+            )
+        
+        results: list[tuple[str, Data]] = []
+
+        for document_data in self.documents.values():
+            result = self._evaluator.match(
+                document_data,
+                query,
+            )
+
+            results.extend(result)
+        
+        filtered: list[Data] = []
+        if filters:
+            try:
+                for _, found in results:
+                    for filter in filters:
+                        found = filter(found)
+
+                        if found is None:
+                            return
+                        
+                    if found:
+                        filtered.append(found)
+            
+                return filtered
+
+            except ValidationError:
+                pass
+
+        return [
+            found for _, found in results
+        ]
+

cfn_check/evaluation/evaluator.py

@@ -7,12 +7,14 @@ from cfn_check.shared.types import (
     YamlObject,
 )
 
+from cfn_check.rendering import Renderer
 from .parsing import QueryParser
 
 class Evaluator:
 
     def __init__(self):
         self._query_parser = QueryParser()
+        self._renderer = Renderer()
 
     def match(
         self,
@@ -20,7 +22,9 @@ class Evaluator:
         path: str,
     ):
         items: Items = deque()
-        items.append(resources)
+
+        rendered = self._renderer.render(resources)
+        items.append(rendered)
 
         segments = path.split("::")[::-1]
         # Queries can be multi-segment,

cfn_check/rendering/__init__.py

@@ -0,0 +1 @@
+from .renderer import Renderer as Renderer

cfn_check/rendering/renderer.py

@@ -0,0 +1,124 @@
+import re
+from collections import deque
+
+from cfn_check.shared.types import (
+    Data,
+    Items,
+    YamlObject,
+)
+
+
+class Renderer:
+
+    def __init__(self):
+        self.parameter_defaults: dict[str, str | int | float | bool | None] = {}
+        self.items: Items = deque()
+        self._ref_pattern = re.compile(r'^!Ref\s+')
+        self._visited: list[str | int] = []
+        self._data: YamlObject = {}
+        self._mappings: dict[str, dict[str, YamlObject]] = {}
+        self._selected_mappings: dict[str, YamlObject] = {}
+        self._inputs: dict[str, str] = {}
+
+    def render(
+        self,
+        resources: YamlObject,
+        selected_mappings: dict[str, str] | None = None,
+    ):
+        data = resources.get("Resources", {})
+        self.items.clear()
+        self.items.append(data)
+
+        self._assemble_parameters(resources)
+
+        self._mappings = resources.get('Mappings', {})
+
+        if selected_mappings:
+            self._assemble_mappings(selected_mappings)
+
+        while len(self.items) > 0:
+            item = self.items.pop()
+
+            if isinstance(item, list):
+                self._visited.append((None, item))
+                self.items.extend([
+                    (idx, val) for idx, val in enumerate(item)
+                ])
+
+            elif isinstance(item, dict):
+                self._visited.append((None, item))
+                self.items.extend(list(item.items()))
+
+            elif isinstance(item, tuple):
+                key, value = item
+                self._parse_kv_pair(key, value)
+
+        last_item = data
+        validator = dict(resources)
+        validator_data = validator.get("Resources", {})
+        for key, value in self._visited:
+
+            if isinstance(value, str) and (
+                _ := self._selected_mappings.get(value)
+            ):
+                pass
+            
+            if isinstance(key, str) and isinstance(last_item, dict) and key in validator_data:
+                last_item[key] = value
+
+            elif isinstance(key, int) and isinstance(last_item, list) and (
+                value in validator_data or self.parameter_defaults.get(validator_data[key]) is not None
+            ):
+                last_item[key] = value
+
+            if key and isinstance(value, (dict, list)):
+                last_item = value
+                validator_data = value
+ 
+  
+        return resources
+
+    def _parse_kv_pair(self, key: str | int, value: Data):
+
+        if isinstance(value, list):
+            self.items.extend([
+                (idx, val) for idx, val in enumerate(value)
+            ])
+
+        elif isinstance(value, dict):
+            self.items.extend(list(value.items()))
+
+        else:
+            key, value = self._parse_value(key, value)
+
+        self._visited.append((key, value))
+
+
+    def _parse_value(self, key: str | int, value: str | int | float | bool):
+        
+        if val := self.parameter_defaults.get(key):
+            value = val
+
+        elif val := self.parameter_defaults.get(value):
+            value = val
+
+        return key, value
+    
+    def _assemble_parameters(self, resources: YamlObject):
+        params: dict[str, Data] = resources.get("Parameters", {})
+        for param_name, param in params.items():
+            if default := param.get("Default"):
+                self.parameter_defaults[param_name] = default
+
+
+    def _assemble_mappings(
+        self,
+        selected_keys: dict[str, str]
+    ):
+        for key, value in selected_keys.items():
+            if (
+                mapping := self._mappings.get(key)
+            ) and (
+                selected := mapping.get(value)
+            ):
+                self._selected_mappings[key] = selected

cfn_check/rules/rule.py

@@ -13,13 +13,16 @@ class Rule:
         self,
         query: str,
         name: str,
+        filters: list[Callable[[JsonValue], JsonValue]] | None = None
     ):
         self.query = query
         self.name = name
+        self.filters = filters
 
     def __call__(self, func: Callable[[T], None]):
         return Validator[T](
             func,
             self.query,
             self.name,
+            filters=self.filters,
         )

cfn_check/validation/validator.py

@@ -14,10 +14,12 @@ class Validator(Generic[T]):
         func: Callable[[T], None],
         query: str,
         name: str,
+        filters: list[Callable[[Data], Data]] | None = None
     ):
         self.func = func
         self.query = query
         self.name = name
+        self.filters = filters
 
         self.model: BaseModel | None = None
 
@@ -31,8 +33,16 @@ class Validator(Generic[T]):
 
         try:
             path, item = arg
+
+            if self.filters:
+                for filter in self.filters:
+                    item = filter(item)
+                    
+                    if item is None:
+                        return
+
             if self.model and isinstance(item, dict):
-                arg = self.model(**item)
+                item = self.model(**item)
 
             return self.func(item)
         

{cfn_check-0.3.3.dist-info → cfn_check-0.4.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cfn-check
-Version: 0.3.3
+Version: 0.4.0
 Summary: Validate Cloud Formation
 Author-email: Ada Lundhe <adalundhe@lundhe.audio>
 License: MIT License

{cfn_check-0.3.3.dist-info → cfn_check-0.4.0.dist-info}/RECORD

@@ -1,15 +1,16 @@
 cfn_check/__init__.py,sha256=ccUo2YxBmuEmak1M5o-8J0ECLXNkDDUsLJ4mkm31GvU,96
 cfn_check/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cfn_check/cli/root.py,sha256=dHq9zzXyj-Wrj-fzirtFjptShzWbBGsO3n9tspm-pec,1688
-cfn_check/cli/validate.py,sha256=EY6-YgORApOxCgFAmPdwmfDg1UA80GLsRzQv44zSuY4,1954
+cfn_check/cli/render.py,sha256=1Y5FBtLgtis7qgU2AfurdoPt9davSZ8N4_-B9s287_M,1789
+cfn_check/cli/root.py,sha256=Fi-G3nP-HQMY4iPenF2xnkQF798x5cNWDqJZs9TH66A,1727
+cfn_check/cli/validate.py,sha256=aQF-hCC7vcOpu5VNSkoM8DmrB2hZCgciQvFBHIrpnPc,2178
 cfn_check/cli/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cfn_check/cli/utils/attributes.py,sha256=iIUIgl6cT5XEUOW7D54-xxmMpTis84ySQY1b9osB47E,339
-cfn_check/cli/utils/files.py,sha256=QMYYR7C7mXdDx_6jj1Ye9w7ol1twAzUEZ9hxSa-O4-k,2563
+cfn_check/cli/utils/attributes.py,sha256=hEMWJfNcTOKqWrleS8idWlZP81wAq2J06yV-JQm_WNw,340
+cfn_check/cli/utils/files.py,sha256=GpeaFR12mvhVOPqmgvzr95HrAwpcRf0OeR0xtfHJkV4,3293
 cfn_check/collection/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cfn_check/collection/collection.py,sha256=wNxahoOqQge3C56blz5VtOq6lX5MZ9F2JjQIyZ3_SxU,27
+cfn_check/collection/collection.py,sha256=wfdaUIi8pQnhsZ1nlMVCagVj83IK17Q32APBRCVTv7Y,1493
 cfn_check/evaluation/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cfn_check/evaluation/errors.py,sha256=yPJdtRYo67le4yMC9sYqcboCnkqKsJ3KPbSPFY2-Pi8,773
-cfn_check/evaluation/evaluator.py,sha256=RomoSlgimTNTjaUE0BdSslrPvPbFj6X8ScFinatERjs,2248
+cfn_check/evaluation/evaluator.py,sha256=VtYXydZFkp66VaADB9nDmJOBlPJ6lKASSM8AP1xHBZE,2377
 cfn_check/evaluation/validate.py,sha256=yy8byYAoHxFqkS2HfewHup22B3bYtrUH2PhPuNAc--A,1547
 cfn_check/evaluation/parsing/__init__.py,sha256=s5TxU4mzsbNIpbMynbwibGR8ac0dTcf_2qUfGkAEDvQ,52
 cfn_check/evaluation/parsing/query_parser.py,sha256=4J3CJQKAyb11gugfx6OZT-mfSdNDB5Al8Jiy9DbJZMw,3459
@@ -19,17 +20,20 @@ cfn_check/loader/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,
 cfn_check/loader/loader.py,sha256=7yiDLLW_vNp_8O47erLXjQQtAB47fU3nimb91N5N_R8,532
 cfn_check/logging/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cfn_check/logging/models.py,sha256=-tBaK6p8mJ0cO8h2keEJ-VmtFX_VW4XzwAw2PtqbkF0,490
+cfn_check/rendering/__init__.py,sha256=atcbddYun4YHyY7bVGA9CgEYzzXpYzvkx9_Kg-gnD5w,42
+cfn_check/rendering/renderer.py,sha256=ouaKberHGL-mhqefnjTa1AqRQS_Zzm0sTIribotoLNo,3695
 cfn_check/rules/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cfn_check/rules/rule.py,sha256=r6-eKCUdPaNIena2NDv3J_QlcWes1KLObI9ukRZZz1o,500
+cfn_check/rules/rule.py,sha256=_cKNQ5ciJgPj-exmtBUz31cU2lxWYxw2n2NWIlhYc3s,635
 cfn_check/shared/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cfn_check/shared/types.py,sha256=-om3DyZsjK_tJd-I8SITkoE55W0nB2WA3LOc87Cs7xI,414
 cfn_check/validation/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cfn_check/validation/validator.py,sha256=FGPeb8Uc8lvX3Y5rs-fxeJKIOqzUXwXh_gCFcy6d3b0,1182
-cfn_check-0.3.3.dist-info/licenses/LICENSE,sha256=EbCpGNzOkyQ53ig7J2Iwgmy4Og0dgHe8COo3WylhIKk,1069
-example/pydantic_rules.py,sha256=oWBBGBauSwRbrvZSYBk4ej3dsCY55zm3cHwl8vH_2lU,350
+cfn_check/validation/validator.py,sha256=Z6S6T_4yQW1IUa5Kv3ohR9U8NDrhTvBadW2FEM8TRL8,1478
+cfn_check-0.4.0.dist-info/licenses/LICENSE,sha256=EbCpGNzOkyQ53ig7J2Iwgmy4Og0dgHe8COo3WylhIKk,1069
+example/pydantic_rules.py,sha256=6NFtDiaqmnYWt6oZIWB7AO_v5LJoZVOGXrmEe2_J_rI,4162
+example/renderer_test.py,sha256=vr5Xb-Gk_B6fb9FTsFCANbmTNEv67ab5tNODhPOSXKE,738
 example/rules.py,sha256=mWHB0DK283lb0CeSHgnyO5qiVTJJpybuwWXb4Yoa3zQ,3148
-cfn_check-0.3.3.dist-info/METADATA,sha256=-ElH6YysxwAbW9jdR5tpNn-CAQa3Z8NUY7vE5GzB77g,20459
-cfn_check-0.3.3.dist-info/WHEEL,sha256=zaaOINJESkSfm_4HQVc5ssNzHCPXhJm0kEUakpsEHaU,91
-cfn_check-0.3.3.dist-info/entry_points.txt,sha256=B4lCHoDHmwisABxKgRLShwqqFv7QwwDAFXoAChOnkwg,53
-cfn_check-0.3.3.dist-info/top_level.txt,sha256=hUn9Ya50yY1fpgWxEhG5iMgfMDDVX7qWQnM1xrgZnhM,18
-cfn_check-0.3.3.dist-info/RECORD,,
+cfn_check-0.4.0.dist-info/METADATA,sha256=5QubOsO2SPcHmlC_n_QqGQgZvsxXsSCDxYRHUMdTwwg,20459
+cfn_check-0.4.0.dist-info/WHEEL,sha256=zaaOINJESkSfm_4HQVc5ssNzHCPXhJm0kEUakpsEHaU,91
+cfn_check-0.4.0.dist-info/entry_points.txt,sha256=B4lCHoDHmwisABxKgRLShwqqFv7QwwDAFXoAChOnkwg,53
+cfn_check-0.4.0.dist-info/top_level.txt,sha256=hUn9Ya50yY1fpgWxEhG5iMgfMDDVX7qWQnM1xrgZnhM,18
+cfn_check-0.4.0.dist-info/RECORD,,

example/pydantic_rules.py

@@ -1,10 +1,59 @@
 from cfn_check import Collection, Rule
-from pydantic import BaseModel, StrictStr
+from pydantic import BaseModel, StrictStr, StrictInt, Field
+from typing import Literal
+
+class RDSDBProperties(BaseModel):
+    AvailabilityZone: StrictStr
+    BackupRetentionPeriod: StrictInt
+    DBInstanceClass: StrictStr = Field(pattern=r'^((db)\.(c6g|c6gd|c6gn|c6i|c6id|c7g|g5g|im4gn|is4gen|m6g|m6gd|r6g|r6gd|t4g|x2gd)\.(10xlarge|112xlarge|12xlarge|16xlarge|18xlarge|24xlarge|2xlarge|32xlarge|3xlarge|48xlarge|4xlarge|56xlarge|6xlarge|8xlarge|9xlarge|large|medium|metal|micro|nano|small|xlarge))')
+    StorageType: Literal['sc1', 'st1', 'gp3']
+
+class RDSDBInstance(BaseModel):
+    Type: Literal["AWS::RDS::DBInstance"]
+
+class EC2EbsDevice(BaseModel):
+    VolumeType: StrictStr
+    DeleteOnTermination: Literal[True]
+
+class EC2BlockDeviceMappings(BaseModel):
+    Ebs: EC2EbsDevice
+
+class EC2VolumeProperties(BaseModel):
+    VolumeType: Literal["sc1", "st1", "gp3"]
+    BlockDeviceMappings: EC2BlockDeviceMappings
+
+class EC2Volume(BaseModel):
+    Type: Literal["AWS::EC2::Volume"]
+    Properties: EC2VolumeProperties
+
+class EC2InstanceProperties(BaseModel):
+    InstanceType: StrictStr = Field(pattern=r'^((c6g|c6gd|c6gn|c6i|c6id|c7g|g5g|im4gn|is4gen|m6g|m6gd|r6g|r6gd|t4g|x2gd)\.(10xlarge|112xlarge|12xlarge|16xlarge|18xlarge|24xlarge|2xlarge|32xlarge|3xlarge|48xlarge|4xlarge|56xlarge|6xlarge|8xlarge|9xlarge|large|medium|metal|micro|nano|small|xlarge))')
+
+class EC2Instance(BaseModel):
+    Type: Literal["AWS::EC2::Instance"]
+    Properties: EC2InstanceProperties
+
+class LoggingGroupProperties(BaseModel):
+    LogGroupClass: Literal["Infrequent Access"]
+    RetentionInDays: StrictInt
+
+class LoggingGroup(BaseModel):
+    Type: Literal["AWS::Logs::LogGroup"]
+    Properties: LoggingGroupProperties
+
+class LambdaLoggingConfig(BaseModel):
+    LogGroup: StrictStr
+
+class LambdaProperties(BaseModel):
+    LoggingConfig: LambdaLoggingConfig
+
+class Lambda(BaseModel):
+    Type: Literal["AWS::Serverless::Function", "AWS::Lambda::Function"]
+    Properties: LambdaProperties
 
 class Resource(BaseModel):
     Type: StrictStr
 
-
 class ValidateResourceType(Collection):
 
     @Rule(
@@ -12,4 +61,54 @@ class ValidateResourceType(Collection):
         "It checks Resource::Type is correctly definined",
     )
     def validate_test(self, value: Resource):
-        assert value is not None
+        assert isinstance(value, Resource), "Not a valid CloudFormation Resource"
+
+    @Rule(
+        "Resources::*",
+        "It validates a lambda is configured correctly",
+        filters=[
+            lambda data: data if data.get("Type") in ["AWS::Serverless::Function", "AWS::Lambda::Function"] else None,
+        ]
+    )
+    def validate_lambda(self, lambda_resource: Lambda):
+        assert isinstance(lambda_resource, Lambda), "Not a valid Lambda"
+        
+        resources = self.query("Resources")
+        document = {}
+
+        for resource in resources:
+            document.update(resource)
+
+        lambda_logging_group = document.get(lambda_resource.Properties.LoggingConfig.LogGroup)
+        assert lambda_logging_group is not None, "No matching logging group found in Resources for Lambda"
+        LoggingGroup(**lambda_logging_group)
+        
+    @Rule(
+        "Resources::*",
+        "It validates a logging group is configured correctly",
+        filters=[
+            lambda data: data if data.get("Type") == 'AWS::Logs::LogGroup' else None,
+        ]
+    )
+    def validate_logging_group(self, logging_group: LoggingGroup):
+        assert isinstance(logging_group, LoggingGroup), "Not a valid logging group"
+
+    @Rule(
+        "Resources::*",
+        "It validates an EC2 instance is configured correctly",
+        filters=[
+            lambda data: data if data.get("Type") == 'AWS::EC2::Instance' else None,
+        ]
+    )
+    def validate_ec2_instances(self, ec2_instance: EC2Instance):
+        assert isinstance(ec2_instance, EC2Instance)
+
+    @Rule(
+        "Resources::*",
+        "It validates an EC2 Volume is configured correctly",
+        filters=[
+            lambda data: data if data.get("Type") == 'AWS::EC2::Volume' else None,
+        ]
+    )
+    def validate_ec2_volumes(self, ec2_volume: EC2Volume):
+        assert isinstance(ec2_volume, EC2Volume), "Not a valid EC2 Volume"

example/renderer_test.py

@@ -0,0 +1,42 @@
+import yaml
+from cfn_check.render import Renderer
+from cfn_check.cli.utils.files import open_template, Loader, create_tag
+def test():
+
+    renderer = Renderer()
+    data = {}
+
+    tags = [
+        'Ref',
+        'Sub',
+        'Join',
+        'Select',
+        'Split',
+        'GetAtt',
+        'GetAZs',
+        'ImportValue',
+        'Equals',
+        'If',
+        'Not',
+        'And',
+        'Or',
+        'Condition',
+        'FindInMap',
+    ]
+
+    for tag in tags:
+        new_tag = create_tag(tag)
+        Loader.add_constructor(f'!{tag}', new_tag)
+
+    _, template = open_template('template.yaml')
+
+    data = renderer.render(template)
+
+
+    with open('rendered.yaml', 'w') as yml:
+        yaml.safe_dump(data, yml)
+
+
+
+
+test()