Class: WafWebAclDefaultActionRule
- Defined in:
- lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb
Instance Method Summary collapse
Methods inherited from BaseRule
Instance Method Details
#audit_impl(cfn_model) ⇒ Object
26 27 28 29 30 31 32 |
# File 'lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb', line 26 def audit_impl(cfn_model) violating_web_acls = cfn_model.resources_by_type('AWS::WAF::WebACL').select do |web_acl| web_acl.defaultAction['Type'] == 'ALLOW' end violating_web_acls.map(&:logical_resource_id) end |
#rule_id ⇒ Object
22 23 24 |
# File 'lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb', line 22 def rule_id 'F665' end |
#rule_text ⇒ Object
14 15 16 |
# File 'lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb', line 14 def rule_text 'WebAcl DefaultAction should not be ALLOW' end |
#rule_type ⇒ Object
18 19 20 |
# File 'lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb', line 18 def rule_type Violation::FAILING_VIOLATION end |