class WafWebAclDefaultActionRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb, line 28 def audit_impl(cfn_model) violating_web_acls = cfn_model.resources_by_type('AWS::WAF::WebACL').select do |web_acl| web_acl.defaultAction['Type'] == 'ALLOW' end violating_web_acls.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb, line 24 def rule_id 'F665' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb, line 16 def rule_text 'WebAcl DefaultAction should not be ALLOW' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/WafWebAclDefaultActionRule.rb, line 20 def rule_type Violation::FAILING_VIOLATION end