class ApiGatewayMethodAuthorizationTypeRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/ApiGatewayMethodAuthorizationTypeRule.rb, line 20 def audit_impl(cfn_model) violating_methods = cfn_model.resources_by_type('AWS::ApiGateway::Method').select do |method| violating_method?(method) end violating_methods.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/ApiGatewayMethodAuthorizationTypeRule.rb, line 16 def rule_id 'W59' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/ApiGatewayMethodAuthorizationTypeRule.rb, line 7 def rule_text "AWS::ApiGateway::Method should not have AuthorizationType set to 'NONE' unless it is of " \ 'HttpMethod: OPTIONS.' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/ApiGatewayMethodAuthorizationTypeRule.rb, line 12 def rule_type Violation::WARNING end
Private Instance Methods
violating_method?(method)
click to toggle source
# File lib/cfn-nag/custom_rules/ApiGatewayMethodAuthorizationTypeRule.rb, line 30 def violating_method?(method) unless method.httpMethod.to_s.casecmp('options').zero? method.authorizationType.nil? || method.authorizationType.to_s.casecmp('none').zero? end end