class LambdaPermissionInvokeFunctionActionRule

Public Instance Methods

audit_impl(cfn_model) click to toggle source
# File lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb, line 20
def audit_impl(cfn_model)
  lambda_permissions = cfn_model.resources_by_type('AWS::Lambda::Permission')
  violating_lambda_permissions = lambda_permissions.select do |lambda_permission|
    lambda_permission.action != 'lambda:InvokeFunction'
  end

  violating_lambda_permissions.map(&:logical_resource_id)
end
rule_id() click to toggle source
# File lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb, line 16
def rule_id
  'W24'
end
rule_text() click to toggle source
# File lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb, line 7
def rule_text
  'Lambda permission beside InvokeFunction might not be what you want? ' \
  'Not sure!?'
end
rule_type() click to toggle source
# File lib/cfn-nag/custom_rules/LambdaPermissionInvokeFunctionActionRule.rb, line 12
def rule_type
  Violation::WARNING
end