Class: DirectoryServiceSimpleADPasswordRule

Inherits:

BaseRule

Object
BaseRule
DirectoryServiceSimpleADPasswordRule

show all

Defined in:: lib/cfn-nag/custom_rules/DirectoryServiceSimpleADPasswordRule.rb

Overview

Rule class to fail on DirectoryService::SimpleAD password in template

Instance Method Summary collapse

Methods inherited from BaseRule

#audit

Instance Method Details

#audit_impl(cfn_model) ⇒ `Object`

# File 'lib/cfn-nag/custom_rules/DirectoryServiceSimpleADPasswordRule.rb', line 21

def audit_impl(cfn_model)
  violating_ad = cfn_model.resources_by_type('AWS::DirectoryService::SimpleAD')
                          .select do |ad|
    if ad.password.nil?
      false
    else
      !no_echo_parameter_without_default?(cfn_model,
                                          ad.password)
    end
  end
  violating_ad.map(&:logical_resource_id)
end

#rule_id ⇒ `Object`



17
18
19

# File 'lib/cfn-nag/custom_rules/DirectoryServiceSimpleADPasswordRule.rb', line 17

def rule_id
  'F31'
end

#rule_text ⇒ `Object`



9
10
11

# File 'lib/cfn-nag/custom_rules/DirectoryServiceSimpleADPasswordRule.rb', line 9

def rule_text
  'DirectoryService::SimpleAD should use a parameter for password, with NoEcho'
end

#rule_type ⇒ `Object`



13
14
15

# File 'lib/cfn-nag/custom_rules/DirectoryServiceSimpleADPasswordRule.rb', line 13

def rule_type
  Violation::FAILING_VIOLATION
end

Class: DirectoryServiceSimpleADPasswordRule

Overview

Instance Method Summary collapse

Methods inherited from BaseRule

Instance Method Details

#audit_impl(cfn_model) ⇒ Object

#rule_id ⇒ Object

#rule_text ⇒ Object

#rule_type ⇒ Object

#audit_impl(cfn_model) ⇒ `Object`

#rule_id ⇒ `Object`

#rule_text ⇒ `Object`

#rule_type ⇒ `Object`