class ElasticLoadBalancerV2AccessLoggingRule
Public Instance Methods
audit_impl(cfn_model)
click to toggle source
# File lib/cfn-nag/custom_rules/ElasticLoadBalancerV2AccessLoggingRule.rb, line 20 def audit_impl(cfn_model) violating_elbs = cfn_model.resources_by_type('AWS::ElasticLoadBalancingV2::LoadBalancer') .select do |elb| elb.loadBalancerAttributes.nil? || missing_access_logs?(elb) || access_logging_is_false?(elb) end violating_elbs.map(&:logical_resource_id) end
rule_id()
click to toggle source
# File lib/cfn-nag/custom_rules/ElasticLoadBalancerV2AccessLoggingRule.rb, line 16 def rule_id 'W52' end
rule_text()
click to toggle source
# File lib/cfn-nag/custom_rules/ElasticLoadBalancerV2AccessLoggingRule.rb, line 8 def rule_text 'Elastic Load Balancer V2 should have access logging enabled' end
rule_type()
click to toggle source
# File lib/cfn-nag/custom_rules/ElasticLoadBalancerV2AccessLoggingRule.rb, line 12 def rule_type Violation::WARNING end
Private Instance Methods
access_logging_is_false?(load_balancer)
click to toggle source
# File lib/cfn-nag/custom_rules/ElasticLoadBalancerV2AccessLoggingRule.rb, line 31 def access_logging_is_false?(load_balancer) load_balancer.loadBalancerAttributes.find do |load_balancer_attribute| load_balancer_attribute['Key'] == 'access_logs.s3.enabled' && not_truthy?(load_balancer_attribute['Value']) end end
missing_access_logs?(load_balancer)
click to toggle source
# File lib/cfn-nag/custom_rules/ElasticLoadBalancerV2AccessLoggingRule.rb, line 37 def missing_access_logs?(load_balancer) access_log_attribute = load_balancer.loadBalancerAttributes.find do |load_balancer_attribute| load_balancer_attribute['Key'] == 'access_logs.s3.enabled' end access_log_attribute.nil? end