-
Notifications
You must be signed in to change notification settings - Fork 208
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create remaining Password property rules #253
Comments
…dsDbInstance password property rules
don't add a rule for AWS::CloudFormation::CustomResource/ServiceToken. that "token" is just a phone number for the lambda to invoke, not a credential |
aws-cloudformation/cfn-lint#1181
AWS::ManagedBlockchain::Member.MemberFabricConfiguration
|
* Adding custom rules and tests for issue #253 - AWS::AmazonMQ::Broker User Password property rules * cleaning up * refactors to handle when 'Users' property and/or 'Password' key is not defined in AWS::AmazonMQ::Broker resource * additional refactors
* Adding custom rules and tests for issue #253 - AWS::OpsWorks::Stack.RdsDbInstance password property rules * refactoring to test for multiple resources in test_templates yaml cfn files * Refactoring to check to see if RdsDbInstances property exists and/or the DbPassword key is defined * additional refactors
#298) * Adding custom rules and tests for issue #253 - AWS::IAM::User.LoginProfile password property rules * little bit of cleaning up * one more clean up * slight change to rule text * reformatting * refactoring to check to see if LoginProfile exists, and if so then check for violating resources * cleaning up * additional refactors
…per and to correct custom rule name to match property name
…repare for new files with uppercase naming
* #253 adding TokenKey rule for Pinpoint APNSSandboxChannel * #253 adding PrivateKey rule for Pinpoint APNSSandboxChannel * #253 adding TokenKey rule for Pinpoint APNSChannel * #253 adding PrivateKey rule for Pinpoint APNSChannel * #253 adding TokenKey rule for Pinpoint APNSVoipSandboxChannel * #253 adding PrivateKey rule for Pinpoint APNSVoipSandboxChannel * #253 adding TokenKey rule for Pinpoint APNSVoipChannel * #253 adding PrivateKey rule for Pinpoint APNSVoipChannel
* #253 adding ADDomainJoinPassword rule for EMR Cluster KerberosAttributes * #253 adding CrossRealmTrustPrincipalPassword rule for EMR Cluster KerberosAttributes * #253 adding KdcAdminPassword rule for EMR Cluster KerberosAttributes * Update EMRClusterKerberosAttributesADDomainJoinPasswordRule.rb * Update EMRClusterKerberosAttributesCrossRealmTrustPrincipalPasswordRule.rb * Update EMRClusterKerberosAttributesKdcAdminPasswordRule.rb Co-authored-by: Eric Kascic <eric.kascic@stelligent.com>
* #253 removing existing IAM User LoginProfile Password rule files to prepare for new files with uppercase naming * #253 adding IAM User LoginProfile Password rule back in with upper case IAM in rule and spec name * Update IAMUserLoginProfilePasswordRule.rb Co-authored-by: Eric Kascic <eric.kascic@stelligent.com>
…before running secure check against value
* #253 adding SecretToken rule for CodePipeline Webhook AuthenticationConfiguration * #253 adding AuthToken rule for ElastiCache ReplicationGroup * #253 adding EventSourceToken rule for Lambda Permission * #253 adding AdminPassword rule for ManagedBlockChain Member MemberFabricationConfiguration * #253 adding MasterUserPassword rule for DocDB DBCluster * Update CodePipelineWebhookAuthenticationConfigurationSecretTokenRule.rb * #253 adding check to ensure the optional property exists in template before running secure check against value Co-authored-by: Eric Kascic <eric.kascic@stelligent.com>
it's my belief that the media live PasswordParams are actually SSM key names - so not sensitive |
pieces of this were released over time, but 0.4.72 includes all of them |
Add in the missing Resource/Property rules for passwords, tokens, and keys.
Current missing items:
Alexa::ASK::Skill.AuthenticationConfiguration[ ] ClientSecretSave this for another issue as it doesn't follow theAWS::
formatAlexa::ASK::Skill.AuthenticationConfiguration[ ] RefreshTokenSave this for another issue as it doesn't follow theAWS::
formatAWS::CloudFormation::CustomResource[ ] ServiceTokenNot a secured valueExtras added from #253 (comment)
The text was updated successfully, but these errors were encountered: