class VpcHasFlowLogRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/VpcHasFlowLogRule.rb, line 19 def audit_impl(cfn_model) violating_vpcs = cfn_model.resources_by_type('AWS::EC2::VPC') .select do |vpc| flowlog_for_vpc(cfn_model, vpc).nil? end violating_vpcs.map(&:logical_resource_id) end
flowlog_for_vpc(cfn_model, vpc)
click to toggle source
# File lib/cfn-nag/custom_rules/VpcHasFlowLogRule.rb, line 28 def flowlog_for_vpc(cfn_model, vpc) cfn_model.resources_by_type('AWS::EC2::FlowLog').find do |flowlog| if flowlog.resourceId && flowlog.resourceId['Ref'] flowlog.resourceId['Ref'] == vpc.logical_resource_id end end end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/VpcHasFlowLogRule.rb, line 15 def rule_id 'W60' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/VpcHasFlowLogRule.rb, line 7 def rule_text 'VPC should have a flow log attached' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/VpcHasFlowLogRule.rb, line 11 def rule_type Violation::WARNING end