Class: IamUserLoginProfilePasswordRule

Inherits:

BaseRule

Object
BaseRule
IamUserLoginProfilePasswordRule

show all

Defined in:: lib/cfn-nag/custom_rules/IamUserLoginProfilePasswordRule.rb

Instance Method Summary collapse

Methods inherited from BaseRule

#audit

Instance Method Details

#audit_impl(cfn_model) ⇒ `Object`

# File 'lib/cfn-nag/custom_rules/IamUserLoginProfilePasswordRule.rb', line 22

def audit_impl(cfn_model)
  resources = cfn_model.resources_by_type('AWS::IAM::User')
  violating_resources = resources.select do |iam_user|
    violating_users?(cfn_model, iam_user)
  end
  violating_resources.map(&:logical_resource_id)
end

#rule_id ⇒ `Object`



18
19
20

# File 'lib/cfn-nag/custom_rules/IamUserLoginProfilePasswordRule.rb', line 18

def rule_id
  'F51'
end

#rule_text ⇒ `Object`

# File 'lib/cfn-nag/custom_rules/IamUserLoginProfilePasswordRule.rb', line 9

def rule_text
  'If the IAM user LoginProile property exists, then its Password value should not ' \
  'show password in plain text, resolve an unsecure ssm string, or have a default value for parameter.'
end

#rule_type ⇒ `Object`



14
15
16

# File 'lib/cfn-nag/custom_rules/IamUserLoginProfilePasswordRule.rb', line 14

def rule_type
  Violation::FAILING_VIOLATION
end

Class: IamUserLoginProfilePasswordRule

Instance Method Summary collapse

Methods inherited from BaseRule

Instance Method Details

#audit_impl(cfn_model) ⇒ Object

#rule_id ⇒ Object

#rule_text ⇒ Object

#rule_type ⇒ Object

#audit_impl(cfn_model) ⇒ `Object`

#rule_id ⇒ `Object`

#rule_text ⇒ `Object`

#rule_type ⇒ `Object`