Class: SecretsManagerSecretKmsKeyIdRule

Inherits:
BooleanBaseRule show all
Defined in:
lib/cfn-nag/custom_rules/SecretsManagerSecretKmsKeyIdRule.rb

Instance Method Summary collapse

Methods inherited from BooleanBaseRule

#audit_impl

Methods inherited from BaseRule

#audit, #audit_impl

Instance Method Details

#boolean_propertyObject


24
25
26
# File 'lib/cfn-nag/custom_rules/SecretsManagerSecretKmsKeyIdRule.rb', line 24

def boolean_property
  :kmsKeyId
end

#resource_typeObject


20
21
22
# File 'lib/cfn-nag/custom_rules/SecretsManagerSecretKmsKeyIdRule.rb', line 20

def resource_type
  'AWS::SecretsManager::Secret'
end

#rule_idObject


16
17
18
# File 'lib/cfn-nag/custom_rules/SecretsManagerSecretKmsKeyIdRule.rb', line 16

def rule_id
  'W77'
end

#rule_textObject


7
8
9
10
# File 'lib/cfn-nag/custom_rules/SecretsManagerSecretKmsKeyIdRule.rb', line 7

def rule_text
  'Secrets Manager Secret should explicitly specify KmsKeyId.' \
  ' Besides control of the key this will allow the secret to be shared cross-account'
end

#rule_typeObject


12
13
14
# File 'lib/cfn-nag/custom_rules/SecretsManagerSecretKmsKeyIdRule.rb', line 12

def rule_type
  Violation::WARNING
end