class CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb, line 21 def audit_impl(cfn_model) violating_identity_pools = cfn_model.resources_by_type('AWS::Cognito::IdentityPool').select do |identity_pool| violating_identity_pool?(identity_pool) end violating_identity_pools.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb, line 17 def rule_id 'W57' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb, line 8 def rule_text 'AWS::Cognito::IdentityPool AllowUnauthenticatedIdentities property should be false ' \ 'but CAN be true if proper restrictive IAM roles and permissions are established for unauthenticated users.' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb, line 13 def rule_type Violation::WARNING end
Private Instance Methods
violating_identity_pool?(identity_pool)
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb, line 35 def violating_identity_pool?(identity_pool) violations?(identity_pool.allowUnauthenticatedIdentities) end
violations?(property_value)
click to toggle source
# File lib/cfn-nag/custom_rules/CognitoIdentityPoolAllowUnauthenticatedIdentitiesRule.rb, line 31 def violations?(property_value) truthy?(property_value) end