class S3BucketPolicyNotPrincipalRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/S3BucketPolicyNotPrincipalRule.rb, line 19 def audit_impl(cfn_model) violating_policies = cfn_model.resources_by_type('AWS::S3::BucketPolicy').select do |policy| !policy.policy_document.allows_not_principal.empty? end violating_policies.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/S3BucketPolicyNotPrincipalRule.rb, line 15 def rule_id 'F9' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/S3BucketPolicyNotPrincipalRule.rb, line 7 def rule_text 'S3 Bucket policy should not allow Allow+NotPrincipal' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/S3BucketPolicyNotPrincipalRule.rb, line 11 def rule_type Violation::FAILING_VIOLATION end