Class: ResourceWithExplicitNameRule

Inherits:
BaseRule show all
Defined in:
lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb

Constant Summary collapse

RESOURCE_NAME_MAPPING =

The values of this hash are camel-cased, due to cfn-model returning camel cased values. E.g. GroupName in CloudFormation is returned by cfn-model as groupName, RoleName is returned as roleName, etc.

{
  'AWS::ApiGateway::ApiKey' => 'name',
  'AWS::CloudWatch::Alarm' => 'alarmName',
  'AWS::CodeDeploy::DeploymentConfig' => 'deploymentConfigName',
  'AWS::CodeDeploy::DeploymentGroup' => 'deploymentGroupName',
  'AWS::DynamoDB::Table' => 'tableName',
  'AWS::EC2::SecurityGroup' => 'groupName',
  'AWS::ECR::Repository' => 'repositoryName',
  'AWS::ElasticLoadBalancingV2::LoadBalancer' => 'name',
  'AWS::Elasticsearch::Domain' => 'domainName',
  'AWS::IAM::Group' => 'groupName',
  'AWS::IAM::ManagedPolicy' => 'managedPolicyName',
  'AWS::IAM::Role' => 'roleName',
  'AWS::Kinesis::Stream' => 'name',
  'AWS::RDS::DBInstance' => 'dBInstanceIdentifier'
}.freeze

Instance Method Summary collapse

Methods inherited from BaseRule

#audit

Instance Method Details

#audit_impl(cfn_model) ⇒ Object



40
41
42
43
44
45
46
47
48
49
50
51
52
53
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 40

def audit_impl(cfn_model)
  violating_resources = []

  RESOURCE_NAME_MAPPING.each do |cfn_resource, key_name|
    resources = cfn_model.resources_by_type(cfn_resource)
                         .select do |resource|
      explicitly_set_resource_name?(resource, key_name)
    end

    violating_resources << resources.map(&:logical_resource_id)
  end

  violating_resources.flatten
end

#rule_idObject



36
37
38
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 36

def rule_id
  'W28'
end

#rule_textObject



27
28
29
30
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 27

def rule_text
  'Resource found with an explicit name, this disallows updates that ' \
  'require replacement of this resource'
end

#rule_typeObject



32
33
34
# File 'lib/cfn-nag/custom_rules/ResourceWithExplicitNameRule.rb', line 32

def rule_type
  Violation::WARNING
end