class DLMLifecyclePolicyCrossRegionCopyEncryptionRule

Public Instance Methods

audit_impl(cfn_model) click to toggle source
# File lib/cfn-nag/custom_rules/DLMLifecyclePolicyCrossRegionCopyEncryptionRule.rb, line 20
def audit_impl(cfn_model)
  violating_policies = cfn_model.resources_by_type('AWS::DLM::LifecyclePolicy').select do |policy|
    if policy.policyDetails['Actions'].nil?
      false
    else
      violating_actions = policy.policyDetails['Actions'].select do |action|
        violating_copies = action['CrossRegionCopy'].select do |copy|
          !truthy?(copy['EncryptionConfiguration']['Encrypted'].to_s)
        end
        !violating_copies.empty?
      end
      !violating_actions.empty?
    end
  end

  violating_policies.map(&:logical_resource_id)
end
rule_id() click to toggle source
# File lib/cfn-nag/custom_rules/DLMLifecyclePolicyCrossRegionCopyEncryptionRule.rb, line 16
def rule_id
  'W81'
end
rule_text() click to toggle source
# File lib/cfn-nag/custom_rules/DLMLifecyclePolicyCrossRegionCopyEncryptionRule.rb, line 8
def rule_text
  'DLM LifecyclePolicy PolicyDetails Actions CrossRegionCopy EncryptionConfiguration should enable Encryption'
end
rule_type() click to toggle source
# File lib/cfn-nag/custom_rules/DLMLifecyclePolicyCrossRegionCopyEncryptionRule.rb, line 12
def rule_type
  Violation::WARNING
end