Module: ViolationFiltering

Included in:
CfnNag
Defined in:
lib/cfn-nag/violation_filtering.rb

Instance Method Summary collapse

Instance Method Details

#filter_violations_by_deny_list(deny_list_definition:, rule_definitions:, violations:) ⇒ Object 



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/cfn-nag/violation_filtering.rb', line 23

def filter_violations_by_deny_list(deny_list_definition:, rule_definitions:, violations:)
  deny_list = nil
  unless deny_list_definition.nil?
    begin
      deny_list = DenyListLoader.new(rule_definitions)
                                .load(deny_list_definition: deny_list_definition)
    rescue StandardError => deny_list_load_error
      raise "Deny list loading error: #{deny_list_load_error}"
    end
  end

  violations.reject do |violation|
    !deny_list.nil? && deny_list.contains_rule?(violation.id)
  end
end

#filter_violations_by_profile(profile_definition:, rule_definitions:, violations:) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
 
# File 'lib/cfn-nag/violation_filtering.rb', line 7

def filter_violations_by_profile(profile_definition:, rule_definitions:, violations:)
  profile = nil
  unless profile_definition.nil?
    begin
      profile = ProfileLoader.new(rule_definitions)
                             .load(profile_definition: profile_definition)
    rescue StandardError => profile_load_error
      raise "Profile loading error: #{profile_load_error}"
    end
  end

  violations.reject do |violation|
    !profile.nil? && !profile.contains_rule?(violation.id)
  end
end