Class: CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule
- Defined in:
- lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb
Instance Method Summary collapse
Methods inherited from BaseRule
Instance Method Details
#audit_impl(cfn_model) ⇒ Object
21 22 23 24 25 26 27 |
# File 'lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb', line 21 def audit_impl(cfn_model) violating_identity_pools = cfn_model.resources_by_type('AWS::Cognito::IdentityPool').select do |identity_pool| violating_identity_pool?(identity_pool) end violating_identity_pools.map(&:logical_resource_id) end |
#rule_id ⇒ Object
17 18 19 |
# File 'lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb', line 17 def rule_id 'W57' end |
#rule_text ⇒ Object
8 9 10 11 |
# File 'lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb', line 8 def rule_text 'AWS::Cognito::IdentityPool AllowUnauthenticatedIdentities property should be false ' \ 'but CAN be true if proper restrictive IAM roles and permissions are established for unauthenticated users.' end |