class KinesisFirehoseDeliveryStreamEncryptionRule

Public Instance Methods

audit_impl(cfn_model) click to toggle source
# File lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamEncryptionRule.rb, line 19
def audit_impl(cfn_model)
  violating_delivery_streams =
    cfn_model.resources_by_type('AWS::KinesisFirehose::DeliveryStream').select do |delivery_stream|
      violating_delivery_stream?(delivery_stream)
    end

  violating_delivery_streams.map(&:logical_resource_id)
end
rule_id() click to toggle source
# File lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamEncryptionRule.rb, line 15
def rule_id
  'W88'
end
rule_text() click to toggle source
# File lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamEncryptionRule.rb, line 7
def rule_text
  'Kinesis Firehose DeliveryStream of type DirectPut should specify SSE.'
end
rule_type() click to toggle source
# File lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamEncryptionRule.rb, line 11
def rule_type
  Violation::WARNING
end

Private Instance Methods

violating_delivery_stream?(delivery_stream) click to toggle source
# File lib/cfn-nag/custom_rules/KinesisFirehoseDeliveryStreamEncryptionRule.rb, line 30
def violating_delivery_stream?(delivery_stream)
  if delivery_stream.deliveryStreamType == 'KinesisStreamAsSource'
    false
  elsif delivery_stream.deliveryStreamEncryptionConfigurationInput.nil?
    true
  else
    delivery_stream.deliveryStreamEncryptionConfigurationInput['KeyType'].nil?
  end
end