Class: ResourceWithExplicitNameRule
- Defined in:
- lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb
Constant Summary collapse
- RESOURCE_NAME_MAPPING =
The values of this hash are camel-cased, due to cfn-model returning camel cased values. E.g. GroupName in CloudFormation is returned by cfn-model as groupName, RoleName is returned as roleName, etc.
{ 'AWS::ApiGateway::ApiKey' => 'name', 'AWS::CloudWatch::Alarm' => 'alarmName', 'AWS::CodeDeploy::DeploymentConfig' => 'deploymentConfigName', 'AWS::CodeDeploy::DeploymentGroup' => 'deploymentGroupName', 'AWS::DynamoDB::Table' => 'tableName', 'AWS::EC2::SecurityGroup' => 'groupName', 'AWS::ECR::Repository' => 'repositoryName', 'AWS::ElasticLoadBalancingV2::LoadBalancer' => 'name', 'AWS::Elasticsearch::Domain' => 'domainName', 'AWS::IAM::Group' => 'groupName', 'AWS::IAM::ManagedPolicy' => 'managedPolicyName', 'AWS::IAM::Role' => 'roleName', 'AWS::Kinesis::Stream' => 'name', 'AWS::RDS::DBInstance' => 'dBInstanceIdentifier' }.freeze
Instance Method Summary collapse
Methods inherited from BaseRule
Instance Method Details
#audit_impl(cfn_model) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 40 def audit_impl(cfn_model) violating_resources = [] RESOURCE_NAME_MAPPING.each do |cfn_resource, key_name| resources = cfn_model.resources_by_type(cfn_resource) .select do |resource| explicitly_set_resource_name?(resource, key_name) end violating_resources << resources.map(&:logical_resource_id) end violating_resources.flatten end |
#rule_id ⇒ Object
36 37 38 |
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 36 def rule_id 'W28' end |
#rule_text ⇒ Object
27 28 29 30 |
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 27 def rule_text 'Resource found with an explicit name, this disallows updates that ' \ 'require replacement of this resource' end |