class AlexaASKSkillAuthenticationConfigurationClientSecretRule

Public Instance Methods

audit_impl(cfn_model) click to toggle source
# File lib/cfn-nag/custom_rules/AlexaASKSkillAuthenticationConfigurationClientSecretRule.rb, line 22
def audit_impl(cfn_model)
  ask_skills = cfn_model.resources_by_type('Alexa::ASK::Skill')
  violating_skills = ask_skills.select do |skill|
    client_secret = skill.authenticationConfiguration['ClientSecret']
    if client_secret.nil?
      false
    else
      insecure_parameter?(cfn_model, client_secret) ||
        insecure_string_or_dynamic_reference?(cfn_model, client_secret)
    end
  end

  violating_skills.map(&:logical_resource_id)
end
rule_id() click to toggle source
# File lib/cfn-nag/custom_rules/AlexaASKSkillAuthenticationConfigurationClientSecretRule.rb, line 18
def rule_id
  'F74'
end
rule_text() click to toggle source
# File lib/cfn-nag/custom_rules/AlexaASKSkillAuthenticationConfigurationClientSecretRule.rb, line 9
def rule_text
  'Alexa ASK Skill AuthenticationConfiguration ClientSecret must not be ' \
  'a plaintext string or a Ref to a NoEcho Parameter with a Default value.'
end
rule_type() click to toggle source
# File lib/cfn-nag/custom_rules/AlexaASKSkillAuthenticationConfigurationClientSecretRule.rb, line 14
def rule_type
  Violation::FAILING_VIOLATION
end