-
Notifications
You must be signed in to change notification settings - Fork 176
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Validate and Test actions on same CloudFormation produce different outputs #301
Comments
Closing this issue since 2.1.2 has now been released and this issue was addressed. Feel free to reopen this issue if need be. Thanks, |
Hi @joshfried-aws, this bug is still present in the latest cloudformation guard version as of today ie 2.1.3 I tried this with the files provided by @0x10F8 on Amazon Linux 2, the test command is still failing. Would you please reopen and addres the issue? |
Hi @kimengu-david and @0x10F8 this has now been addressed in #331 . It will be a part of our next release. Feel free to reopen this issue if need be. |
Describe the bug
It appears that validate and test evaluate differently when using references within Cloud Formation.
To Reproduce
Run the following guard rule against the provided test and CloudFormation yaml. The test fails but the CloudFormation validate passes although they both contain effectively the same resources.
The example in this case checks for HTTP block on S3 buckets
Guard:
Test Case:
CloudFormation
Commands run:
cat cloudformation-example.yml | cfn-guard validate -r s3-tls.guard
cfn-guard test --rules-file s3-tls.guard --test-data s3-tls-tests.yml -v
The validate passes but the test fails.
Expected behavior
I believe the test should pass in this example?
Operating System:
Amazon Linux 2
OS Version
2
Additional context
None
The text was updated successfully, but these errors were encountered: