class SecurityGroupMissingEgressRule

Public Instance Methods

audit_impl(cfn_model) click to toggle source
# File lib/cfn-nag/custom_rules/SecurityGroupMissingEgressRule.rb, line 20
def audit_impl(cfn_model)
  violating_security_groups = cfn_model.security_groups.select do |security_group|
    security_group.egresses.empty?
  end

  violating_security_groups.map(&:logical_resource_id)
end
rule_id() click to toggle source
# File lib/cfn-nag/custom_rules/SecurityGroupMissingEgressRule.rb, line 16
def rule_id
  'F1000'
end
rule_text() click to toggle source
# File lib/cfn-nag/custom_rules/SecurityGroupMissingEgressRule.rb, line 7
def rule_text
  'Missing egress rule means all traffic is allowed outbound.  Make this ' \
  'explicit if it is desired configuration'
end
rule_type() click to toggle source
# File lib/cfn-nag/custom_rules/SecurityGroupMissingEgressRule.rb, line 12
def rule_type
  Violation::FAILING_VIOLATION
end