class ECRRepositoryScanOnPushRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/ECRRepositoryScanOnPushRule.rb, line 20 def audit_impl(cfn_model) violating_ecr_registries = cfn_model.resources_by_type('AWS::ECR::Repository').select do |registry| registry.imageScanningConfiguration.nil? || !truthy?(registry.imageScanningConfiguration['ScanOnPush'].to_s) end violating_ecr_registries.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/ECRRepositoryScanOnPushRule.rb, line 16 def rule_id 'W79' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/ECRRepositoryScanOnPushRule.rb, line 8 def rule_text 'ECR Repository should have ScanOnPush enabled' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/ECRRepositoryScanOnPushRule.rb, line 12 def rule_type Violation::WARNING end