Class: CfnGuardian::Resource::TLS

Inherits:
Base
  • Object
show all
Defined in:
lib/cfnguardian/resources/tls.rb

Instance Method Summary collapse

Methods inherited from Base

#default_event_subscriptions, #default_metric_filters, #get_alarms, #get_checks, #get_cost, #get_event_subscriptions, #get_events, #get_metric_filters, #initialize, #resource_exists?

Methods included from Logging

colors, included, logger, #logger, logger=

Constructor Details

This class inherits a constructor from CfnGuardian::Resource::Base

Instance Method Details

#default_alarmsObject 



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/cfnguardian/resources/tls.rb', line 4

def default_alarms
  
  versions = @resource.fetch('Versions',['SSLv2','SSLv3','TLSv1','TLSv1.1','TLSv1.2'])
  
  if versions.include? "SSLv2"
    alarm = CfnGuardian::Models::TLSAlarm.new(@resource)
    alarm.name = "TLSVersionSSLv2"
    alarm.metric_name = "SSLv2"
    alarm.comparison_operator = 'GreaterThanThreshold'
    alarm.threshold = 0
    @alarms.push(alarm)
  end
  
  if versions.include? "SSLv3"
    alarm = CfnGuardian::Models::TLSAlarm.new(@resource)
    alarm.name = "TLSVersionSSLv3"
    alarm.metric_name = "SSLv3"
    alarm.comparison_operator = 'GreaterThanThreshold'
    alarm.threshold = 0
    @alarms.push(alarm)
  end
  
  if versions.include? "SSLv3"
    alarm = CfnGuardian::Models::TLSAlarm.new(@resource)
    alarm.name = "TLSVersionTLSv1"
    alarm.metric_name = "TLSv1"
    @alarms.push(alarm)
  end
  
  if versions.include? "SSLv3"
    alarm = CfnGuardian::Models::TLSAlarm.new(@resource)
    alarm.name = "TLSVersionTLSv1.1"
    alarm.metric_name = "TLSv1.1"
    @alarms.push(alarm)
  end
  
  if versions.include? "SSLv3"
    alarm = CfnGuardian::Models::TLSAlarm.new(@resource)
    alarm.name = "TLSVersionTLSv1.2"
    alarm.metric_name = "TLSv1.2"
    @alarms.push(alarm)
  end

  if @resource.has_key?('CheckMax')
    alarm = CfnGuardian::Models::TLSAlarm.new(@resource)
    alarm.name = "TLSVersionMax"
    alarm.metric_name = 'MaxVersion'
    alarm.threshold = 3
    alarm.evaluation_periods = 2
    @alarms.push(alarm)
  end
end

#default_checksObject 



61
62
63
 
# File 'lib/cfnguardian/resources/tls.rb', line 61

def default_checks
  @checks.push(CfnGuardian::Models::TLSCheck.new(@resource))
end

#default_eventsObject 



57
58
59
 
# File 'lib/cfnguardian/resources/tls.rb', line 57

def default_events
  @events.push(CfnGuardian::Models::TLSEvent.new(@resource))
end