Class: PasswordBaseRule
- Inherits:
-
BaseRule
show all
- Defined in:
- lib/cfn-nag/custom_rules/password_base_rule.rb
Direct Known Subclasses
AmplifyAppAccessTokenRule, AmplifyAppBasicAuthConfigPasswordRule, AmplifyAppOauthTokenRule, AmplifyBranchBasicAuthConfigPasswordRule, AppStreamDirectoryConfigServiceAccountCredentialsAccountPasswordRule, CodePipelineWebhookAuthenticationConfigurationSecretTokenRule, DMSEndpointMongoDbSettingsPasswordRule, DMSEndpointPasswordRule, DirectoryServiceMicrosoftADPasswordRule, DirectoryServiceSimpleADPasswordRule, DocDBDBClusterMasterUserPasswordRule, EMRClusterKerberosAttributesADDomainJoinPasswordRule, EMRClusterKerberosAttributesCrossRealmTrustPrincipalPasswordRule, EMRClusterKerberosAttributesKdcAdminPasswordRule, ElastiCacheReplicationGroupAuthTokenRule, IAMUserLoginProfilePasswordRule, KinesisFirehoseDeliveryStreamRedshiftDestinationConfigurationPasswordRule, KinesisFirehoseDeliveryStreamSplunkDestinationConfigurationHECTokenRule, LambdaPermissionEventSourceTokenRule, OpsWorksAppAppSourcePasswordRule, OpsWorksAppSslConfigurationPrivateKeyRule, OpsWorksStackCustomCookbooksSourcePasswordRule, PinpointAPNSChannelPrivateKeyRule, PinpointAPNSChannelTokenKeyRule, PinpointAPNSSandboxChannelPrivateKeyRule, PinpointAPNSSandboxChannelTokenKeyRule, PinpointAPNSVoipChannelPrivateKeyRule, PinpointAPNSVoipChannelTokenKeyRule, PinpointAPNSVoipSandboxChannelPrivateKeyRule, PinpointAPNSVoipSandboxChannelTokenKeyRule, RDSDBClusterMasterUserPasswordRule, RDSDBInstanceMasterUserPasswordRule, RDSDBInstanceMasterUsernameRule, RedshiftClusterMasterUserPasswordRule
Instance Method Summary
collapse
Methods inherited from BaseRule
#audit, #violation
Instance Method Details
#audit_impl(cfn_model) ⇒ Object
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# File 'lib/cfn-nag/custom_rules/password_base_rule.rb', line 19
def audit_impl(cfn_model)
resources = cfn_model.resources_by_type(resource_type)
violating_resources = resources.select do |resource|
if property_does_not_exist(resource, password_property, sub_property_name)
false
else
verify_insecure_string_and_parameter(
cfn_model, resource, password_property, sub_property_name
)
end
end
violating_resources.map(&:logical_resource_id)
end
|
#password_property ⇒ Object
13
14
15
|
# File 'lib/cfn-nag/custom_rules/password_base_rule.rb', line 13
def password_property
raise 'must implement in subclass'
end
|
#resource_type ⇒ Object
9
10
11
|
# File 'lib/cfn-nag/custom_rules/password_base_rule.rb', line 9
def resource_type
raise 'must implement in subclass'
end
|
#sub_property_name ⇒ Object
17
|
# File 'lib/cfn-nag/custom_rules/password_base_rule.rb', line 17
def sub_property_name; end
|