class KMSKeyRotationRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb, line 19 def audit_impl(cfn_model) violating_keys = cfn_model.resources_by_type('AWS::KMS::Key') .select do |key| key_rotation_false_or_absent?(key) end violating_keys.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb, line 15 def rule_id 'F19' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb, line 7 def rule_text 'EnableKeyRotation should not be false or absent on KMS::Key resource' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb, line 11 def rule_type Violation::FAILING_VIOLATION end
Private Instance Methods
key_rotation_false_or_absent?(resource)
click to toggle source
# File lib/cfn-nag/custom_rules/KMSKeyRotationRule.rb, line 30 def key_rotation_false_or_absent?(resource) !truthy?(resource.enableKeyRotation) end