class SqsQueuePolicyWildcardPrincipalRule

Public Instance Methods

audit_impl(cfn_model) click to toggle source
# File lib/cfn-nag/custom_rules/SqsQueuePolicyWildcardPrincipalRule.rb, line 19
def audit_impl(cfn_model)
  logical_resource_ids = []

  cfn_model.resources_by_type('AWS::SQS::QueuePolicy').each do |topic_policy|
    unless topic_policy.policy_document.wildcard_allowed_principals.empty?
      logical_resource_ids << topic_policy.logical_resource_id
    end
  end

  logical_resource_ids
end
rule_id() click to toggle source
# File lib/cfn-nag/custom_rules/SqsQueuePolicyWildcardPrincipalRule.rb, line 15
def rule_id
  'F21'
end
rule_text() click to toggle source
# File lib/cfn-nag/custom_rules/SqsQueuePolicyWildcardPrincipalRule.rb, line 7
def rule_text
  'SQS Queue policy should not allow * principal'
end
rule_type() click to toggle source
# File lib/cfn-nag/custom_rules/SqsQueuePolicyWildcardPrincipalRule.rb, line 11
def rule_type
  Violation::FAILING_VIOLATION
end