New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trying to search an If statement for a value #500
Comments
Hey @Aaron-Garrett I think i was able to come up with a rule to help you with this specific use case. I think one issue with the logic in your original rule was to do with the way if intrinsic functions is mapped to their json equivalent.. In this case your first {
"Fn::If": [
"CreateDevRole",
{
"Fn::Sub": "arn:aws:iam::${AWS::AccountId}:policy/aws-allowed-policies"
},
{
"Ref": "AWS::NoValue"
}
]
} It's important to note here when evaluating this mapped Heres the rule, i have added some comments to help clear things up
I hope this was helpful to you, please let me know if you have anymore questions. |
Hey @Aaron-Garrett just checking in to see if the information I provided was enough to help you resolve your issue here. Please let us know if you need anymore help on this issue |
Describe the issue
A clear and concise description of what the issue is.
Trying to search the If statement of CloudFormation template to see if its contents match a regex expression.
Any examples
Please supply:
-v
log level if it's not related to cfn-guard-lambda, or the relevant CloudWatch log messages if it is related to the cfn-guard-lambdaEverything passed for the first one
The second one gave me errors saying things did not equal Fn::Sub, this was resolved when I removed the .*[ keys == "Fn::Sub" ] from the if statement query.
Operating System:
Ubuntu
OS Version
Latest
Additional Information
Here is an example block of code:
I am wanting it to look at this chunk of code and flag anything !Sub that has aws after the "/" and anything !If that has aws after the "/", such as the bolded lines above. The !Sub search works well, but the !If statement keeps passing incorrectly even though I am searching only for
\/aws
.The text was updated successfully, but these errors were encountered: