class BatchJobDefinitionContainerPropertiesPrivilegedRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/BatchJobDefinitionContainerPropertiesPrivilegedRule.rb, line 19 def audit_impl(cfn_model) violating_job_definitions = cfn_model.resources_by_type('AWS::Batch::JobDefinition') .select do |job_definition| if job_definition.containerProperties truthy?(job_definition.containerProperties['Privileged']) else false end end violating_job_definitions.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/BatchJobDefinitionContainerPropertiesPrivilegedRule.rb, line 15 def rule_id 'W34' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/BatchJobDefinitionContainerPropertiesPrivilegedRule.rb, line 7 def rule_text 'Batch Job Definition Container Properties should not have Privileged set to true' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/BatchJobDefinitionContainerPropertiesPrivilegedRule.rb, line 11 def rule_type Violation::WARNING end