Top Level Namespace

Defined Under Namespace

Modules: IpAddr, ViolationFiltering Classes: BaseRule, BatchJobDefinitionContainerPropertiesPrivilegedRule, BlackListLoader, CfnNag, CfnNagConfig, CfnNagExecutor, CfnNagLogging, CfnNagRuleDumper, CloudFormationAuthenticationRule, CloudFrontDistributionAccessLoggingRule, CodeBuildEncryptionKeyRule, CustomRuleLoader, DirectoryServiceSimpleADPasswordRule, EC2SubnetMapPublicIpOnLaunchRule, EFSFileSystemEncryptedRule, EbsVolumeHasSseRule, ElastiCacheReplicationGroupAtRestEncryptionRule, ElastiCacheReplicationGroupTransitEncryptionRule, ElasticLoadBalancerAccessLoggingRule, IamManagedPolicyNotActionRule, IamManagedPolicyNotResourceRule, IamManagedPolicyWildcardActionRule, IamManagedPolicyWildcardResourceRule, IamPolicyNotActionRule, IamPolicyNotResourceRule, IamPolicyWildcardActionRule, IamPolicyWildcardResourceRule, IamRoleNotActionOnPermissionsPolicyRule, IamRoleNotActionOnTrustPolicyRule, IamRoleNotPrincipalOnTrustPolicyRule, IamRoleNotResourceOnPermissionsPolicyRule, IamRoleWildcardActionOnPermissionsPolicyRule, IamRoleWildcardActionOnTrustPolicyRule, IamRoleWildcardResourceOnPermissionsPolicyRule, JmesPathDiscovery, JmesPathEvaluator, JsonResults, KMSKeyRotationRule, LambdaPermissionInvokeFunctionActionRule, LambdaPermissionWildcardPrincipalRule, ManagedPolicyOnUserRule, NeptuneDBClusterStorageEncryptedRule, Options, PolicyOnUserRule, ProfileLoader, RDSDBClusterStorageEncryptedRule, RDSDBInstanceStorageEncryptedRule, RDSInstanceMasterUserPasswordRule, RDSInstanceMasterUsernameRule, RDSInstancePubliclyAccessibleRule, RedshiftClusterEncryptedRule, ResourceWithExplicitNameRule, RuleDefinition, RuleIdSet, RuleRegistry, RulesView, S3BucketAccessLoggingRule, S3BucketPolicyNotActionRule, S3BucketPolicyNotPrincipalRule, S3BucketPolicyWildcardActionRule, S3BucketPolicyWildcardPrincipalRule, S3BucketPublicReadAclRule, S3BucketPublicReadWriteAclRule, SecurityGroupEgressOpenToWorldRule, SecurityGroupEgressPortRangeRule, SecurityGroupIngressCidrNon32Rule, SecurityGroupIngressOpenToWorldRule, SecurityGroupIngressPortRangeRule, SecurityGroupMissingEgressRule, SimpleStdoutResults, SnsTopicPolicyNotActionRule, SnsTopicPolicyNotPrincipalRule, SnsTopicPolicyWildcardPrincipalRule, SqsQueuePolicyNotActionRule, SqsQueuePolicyNotPrincipalRule, SqsQueuePolicyWildcardActionRule, SqsQueuePolicyWildcardPrincipalRule, TemplateDiscovery, UserHasInlinePolicyRule, UserMissingGroupRule, Violation, WafWebAclDefaultActionRule, WorkspacesWorkspaceEncryptionRule

Instance Method Summary

• #no_echo_parameter_without_default?(cfn_model, key_to_check) ⇒ Boolean

  Migrated from multiple classes, with some modifications Returns true if the provided key_to_check is a no-echo parameter without a default value; false otherwise.

• #truthy?(string) ⇒ Boolean

  Checks a string for truthiness.

Instance Method Details

#no_echo_parameter_without_default?(cfn_model, key_to_check) ⇒ Boolean

Migrated from multiple classes, with some modifications Returns true if the provided key_to_check is a no-echo parameter without a default value; false otherwise.

Returns:

• (Boolean)

# File 'lib/cfn-nag/util/enforce_noecho_parameter.rb', line 8

def no_echo_parameter_without_default?(cfn_model, key_to_check)
  if key_to_check.is_a? Hash
    if key_to_check.key? 'Ref'
      if cfn_model.parameters.key? key_to_check['Ref']
        parameter = cfn_model.parameters[key_to_check['Ref']]

        return truthy?(parameter.noEcho) && parameter.default.nil?
      else
        return false
      end
    else
      return false
    end
  end
  # String or anything weird will fall through here
  false
end

#truthy?(string) ⇒ Boolean

Checks a string for truthiness. Any cased ‘true’ will evaluate to a true boolean. Any other string _at all_ results in false.

Returns:

• (Boolean)

# File 'lib/cfn-nag/util/truthy.rb', line 5

def truthy?(string)
  string.to_s.casecmp('true').zero?
end