class CognitoUserPoolMfaConfigurationOnorOptionalRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoUserPoolMfaConfigurationOnorOptionalRule.rb, line 20 def audit_impl(cfn_model) violating_userpools = cfn_model.resources_by_type('AWS::Cognito::UserPool').select do |userpool| violating_userpool?(userpool) end violating_userpools.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoUserPoolMfaConfigurationOnorOptionalRule.rb, line 16 def rule_id 'F78' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoUserPoolMfaConfigurationOnorOptionalRule.rb, line 8 def rule_text "AWS Cognito UserPool should have MfaConfiguration set to 'ON' (MUST be wrapped in quotes) or at least 'OPTIONAL'" end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoUserPoolMfaConfigurationOnorOptionalRule.rb, line 12 def rule_type Violation::FAILING_VIOLATION end
Private Instance Methods
violating_userpool?(user_pool)
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoUserPoolMfaConfigurationOnorOptionalRule.rb, line 30 def violating_userpool?(user_pool) user_pool.mfaConfiguration.to_s.casecmp('off').zero? end