Fixed last of guard issues

Author: ericzbeard

CloudFormation/MacrosExamples/Boto3/macro.json

@@ -12,6 +12,14 @@
         },
         "MacroFunction": {
             "Type": "AWS::Serverless::Function",
+            "Metadata": {
+                "guard": {
+                    "SuppressedRules": [
+                        "LAMBDA_INSIDE_VPC",
+                        "LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
+                    ]
+                }
+            },
             "Properties": {
                 "Runtime": "python3.11",
                 "CodeUri": "lambda",

CloudFormation/MacrosExamples/Boto3/macro.yaml

@@ -11,6 +11,11 @@ Resources:
 
   MacroFunction:
     Type: AWS::Serverless::Function
+    Metadata:
+      guard:
+        SuppressedRules:
+          - LAMBDA_INSIDE_VPC
+          - LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
     Properties:
       Runtime: python3.11
       CodeUri: lambda

CloudFormation/MacrosExamples/Count/template.json

@@ -17,6 +17,14 @@
         },
         "CountMacroFunction": {
             "Type": "AWS::Serverless::Function",
+            "Metadata": {
+                "guard": {
+                    "SuppressedRules": [
+                        "LAMBDA_INSIDE_VPC",
+                        "LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
+                    ]
+                }
+            },
             "Properties": {
                 "CodeUri": "src",
                 "Handler": "index.handler",

CloudFormation/MacrosExamples/Count/template.yaml

@@ -14,6 +14,11 @@ Resources:
 
   CountMacroFunction:
     Type: AWS::Serverless::Function
+    Metadata:
+      guard:
+        SuppressedRules:
+          - LAMBDA_INSIDE_VPC
+          - LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
     Properties:
       CodeUri: src
       Handler: index.handler

CloudFormation/MacrosExamples/Count/test.json

@@ -14,6 +14,20 @@
     "Resources": {
         "BucketToCopyA": {
             "Type": "AWS::S3::Bucket",
+            "Metadata": {
+                "Comment": "Suppressing typical rules for sample purposes only",
+                "guard": {
+                    "SuppressedRules": [
+                        "S3_BUCKET_LOGGING_ENABLED",
+                        "S3_BUCKET_PUBLIC_READ_PROHIBITED",
+                        "S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
+                        "S3_BUCKET_REPLICATION_ENABLED",
+                        "S3_BUCKET_VERSIONING_ENABLED",
+                        "S3_BUCKET_DEFAULT_LOCK_ENABLED",
+                        "S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
+                    ]
+                }
+            },
             "Properties": {
                 "Tags": [
                     {
@@ -26,6 +40,20 @@
         },
         "BucketToCopyB": {
             "Type": "AWS::S3::Bucket",
+            "Metadata": {
+                "Comment": "Suppressing typical rules for sample purposes only",
+                "guard": {
+                    "SuppressedRules": [
+                        "S3_BUCKET_LOGGING_ENABLED",
+                        "S3_BUCKET_PUBLIC_READ_PROHIBITED",
+                        "S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
+                        "S3_BUCKET_REPLICATION_ENABLED",
+                        "S3_BUCKET_VERSIONING_ENABLED",
+                        "S3_BUCKET_DEFAULT_LOCK_ENABLED",
+                        "S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
+                    ]
+                }
+            },
             "Properties": {
                 "Tags": [
                     {
@@ -41,6 +69,20 @@
         },
         "BucketToCopyC": {
             "Type": "AWS::S3::Bucket",
+            "Metadata": {
+                "Comment": "Suppressing typical rules for sample purposes only",
+                "guard": {
+                    "SuppressedRules": [
+                        "S3_BUCKET_LOGGING_ENABLED",
+                        "S3_BUCKET_PUBLIC_READ_PROHIBITED",
+                        "S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
+                        "S3_BUCKET_REPLICATION_ENABLED",
+                        "S3_BUCKET_VERSIONING_ENABLED",
+                        "S3_BUCKET_DEFAULT_LOCK_ENABLED",
+                        "S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
+                    ]
+                }
+            },
             "Properties": {
                 "Tags": [
                     {
@@ -55,6 +97,20 @@
         },
         "BucketToCopyD": {
             "Type": "AWS::S3::Bucket",
+            "Metadata": {
+                "Comment": "Suppressing typical rules for sample purposes only",
+                "guard": {
+                    "SuppressedRules": [
+                        "S3_BUCKET_LOGGING_ENABLED",
+                        "S3_BUCKET_PUBLIC_READ_PROHIBITED",
+                        "S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
+                        "S3_BUCKET_REPLICATION_ENABLED",
+                        "S3_BUCKET_VERSIONING_ENABLED",
+                        "S3_BUCKET_DEFAULT_LOCK_ENABLED",
+                        "S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
+                    ]
+                }
+            },
             "Properties": {
                 "Tags": [
                     {

CloudFormation/MacrosExamples/Count/test.yaml

@@ -14,6 +14,17 @@ Transform: Count
 Resources:
   BucketToCopyA:
     Type: AWS::S3::Bucket
+    Metadata:
+      Comment: Suppressing typical rules for sample purposes only
+      guard:
+        SuppressedRules:
+          - S3_BUCKET_LOGGING_ENABLED
+          - S3_BUCKET_PUBLIC_READ_PROHIBITED
+          - S3_BUCKET_PUBLIC_WRITE_PROHIBITED
+          - S3_BUCKET_REPLICATION_ENABLED
+          - S3_BUCKET_VERSIONING_ENABLED
+          - S3_BUCKET_DEFAULT_LOCK_ENABLED
+          - S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
     Properties:
       Tags:
         - Key: TestKey
@@ -22,6 +33,17 @@ Resources:
 
   BucketToCopyB:
     Type: AWS::S3::Bucket
+    Metadata:
+      Comment: Suppressing typical rules for sample purposes only
+      guard:
+        SuppressedRules:
+          - S3_BUCKET_LOGGING_ENABLED
+          - S3_BUCKET_PUBLIC_READ_PROHIBITED
+          - S3_BUCKET_PUBLIC_WRITE_PROHIBITED
+          - S3_BUCKET_REPLICATION_ENABLED
+          - S3_BUCKET_VERSIONING_ENABLED
+          - S3_BUCKET_DEFAULT_LOCK_ENABLED
+          - S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
     Properties:
       Tags:
         - Key: TestKey
@@ -32,6 +54,17 @@ Resources:
 
   BucketToCopyC:
     Type: AWS::S3::Bucket
+    Metadata:
+      Comment: Suppressing typical rules for sample purposes only
+      guard:
+        SuppressedRules:
+          - S3_BUCKET_LOGGING_ENABLED
+          - S3_BUCKET_PUBLIC_READ_PROHIBITED
+          - S3_BUCKET_PUBLIC_WRITE_PROHIBITED
+          - S3_BUCKET_REPLICATION_ENABLED
+          - S3_BUCKET_VERSIONING_ENABLED
+          - S3_BUCKET_DEFAULT_LOCK_ENABLED
+          - S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
     Properties:
       Tags:
         - Key: TestKey
@@ -40,6 +73,17 @@ Resources:
 
   BucketToCopyD:
     Type: AWS::S3::Bucket
+    Metadata:
+      Comment: Suppressing typical rules for sample purposes only
+      guard:
+        SuppressedRules:
+          - S3_BUCKET_LOGGING_ENABLED
+          - S3_BUCKET_PUBLIC_READ_PROHIBITED
+          - S3_BUCKET_PUBLIC_WRITE_PROHIBITED
+          - S3_BUCKET_REPLICATION_ENABLED
+          - S3_BUCKET_VERSIONING_ENABLED
+          - S3_BUCKET_DEFAULT_LOCK_ENABLED
+          - S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
     Properties:
       Tags:
         - Key: TestKey

CloudFormation/MacrosExamples/DateFunctions/date.json

@@ -43,6 +43,14 @@
         },
         "TransformFunction": {
             "Type": "AWS::Lambda::Function",
+            "Metadata": {
+                "guard": {
+                    "SuppressedRules": [
+                        "LAMBDA_INSIDE_VPC",
+                        "LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
+                    ]
+                }
+            },
             "Properties": {
                 "Code": {
                     "ZipFile": {
@@ -61,6 +69,13 @@
         },
         "TransformFunctionPermissions": {
             "Type": "AWS::Lambda::Permission",
+            "Metadata": {
+                "guard": {
+                    "SuppressedRules": [
+                        "LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
+                    ]
+                }
+            },
             "Properties": {
                 "Action": "lambda:InvokeFunction",
                 "FunctionName": {

CloudFormation/MacrosExamples/DateFunctions/date.yaml

@@ -31,6 +31,11 @@ Resources:
   # Function we use for transformaton
   TransformFunction:
     Type: AWS::Lambda::Function
+    Metadata:
+      guard:
+        SuppressedRules:
+          - LAMBDA_INSIDE_VPC
+          - LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
     Properties:
       Code:
         ZipFile: !Rain::Embed handler.py
@@ -41,6 +46,10 @@ Resources:
   # Tranform function permissions
   TransformFunctionPermissions:
     Type: AWS::Lambda::Permission
+    Metadata:
+      guard:
+        SuppressedRules:
+          - LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
     Properties:
       Action: lambda:InvokeFunction
       FunctionName: !GetAtt TransformFunction.Arn

CloudFormation/MacrosExamples/DateFunctions/date_example.json

@@ -23,6 +23,20 @@
     "Resources": {
         "S3Bucket": {
             "Type": "AWS::S3::Bucket",
+            "Metadata": {
+                "Comment": "Suppressing typical rules for sample purposes only",
+                "guard": {
+                    "SuppressedRules": [
+                        "S3_BUCKET_LOGGING_ENABLED",
+                        "S3_BUCKET_PUBLIC_READ_PROHIBITED",
+                        "S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
+                        "S3_BUCKET_REPLICATION_ENABLED",
+                        "S3_BUCKET_VERSIONING_ENABLED",
+                        "S3_BUCKET_DEFAULT_LOCK_ENABLED",
+                        "S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
+                    ]
+                }
+            },
             "Properties": {
                 "Tags": [
                     {

CloudFormation/MacrosExamples/DateFunctions/date_example.yaml

@@ -23,6 +23,17 @@ Parameters:
 Resources:
   S3Bucket:
     Type: AWS::S3::Bucket
+    Metadata:
+      Comment: Suppressing typical rules for sample purposes only
+      guard:
+        SuppressedRules:
+          - S3_BUCKET_LOGGING_ENABLED
+          - S3_BUCKET_PUBLIC_READ_PROHIBITED
+          - S3_BUCKET_PUBLIC_WRITE_PROHIBITED
+          - S3_BUCKET_REPLICATION_ENABLED
+          - S3_BUCKET_VERSIONING_ENABLED
+          - S3_BUCKET_DEFAULT_LOCK_ENABLED
+          - S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
     Properties:
       Tags:
         - Key: Current

CloudFormation/MacrosExamples/DatetimeNow/datetimenow.json

@@ -4,6 +4,14 @@
     "Resources": {
         "TransformFunction": {
             "Type": "AWS::Serverless::Function",
+            "Metadata": {
+                "guard": {
+                    "SuppressedRules": [
+                        "LAMBDA_INSIDE_VPC",
+                        "LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
+                    ]
+                }
+            },
             "Properties": {
                 "Runtime": "python3.11",
                 "Handler": "index.handler",

CloudFormation/MacrosExamples/DatetimeNow/datetimenow.yaml

@@ -5,6 +5,11 @@ Transform: AWS::Serverless-2016-10-31
 Resources:
   TransformFunction:
     Type: AWS::Serverless::Function
+    Metadata:
+      guard:
+        SuppressedRules:
+          - LAMBDA_INSIDE_VPC
+          - LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
     Properties:
       Runtime: python3.11
       Handler: index.handler

CloudFormation/MacrosExamples/DatetimeNow/datetimenow_example.json

@@ -4,6 +4,20 @@
     "Resources": {
         "S3Bucket": {
             "Type": "AWS::S3::Bucket",
+            "Metadata": {
+                "Comment": "Suppressing typical rules for sample purposes only",
+                "guard": {
+                    "SuppressedRules": [
+                        "S3_BUCKET_LOGGING_ENABLED",
+                        "S3_BUCKET_PUBLIC_READ_PROHIBITED",
+                        "S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
+                        "S3_BUCKET_REPLICATION_ENABLED",
+                        "S3_BUCKET_VERSIONING_ENABLED",
+                        "S3_BUCKET_DEFAULT_LOCK_ENABLED",
+                        "S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
+                    ]
+                }
+            },
             "Properties": {
                 "Tags": [
                     {

CloudFormation/MacrosExamples/DatetimeNow/datetimenow_example.yaml

@@ -5,6 +5,17 @@ Description: tests DatetimeNow macro
 Resources:
   S3Bucket:
     Type: AWS::S3::Bucket
+    Metadata:
+      Comment: Suppressing typical rules for sample purposes only
+      guard:
+        SuppressedRules:
+          - S3_BUCKET_LOGGING_ENABLED
+          - S3_BUCKET_PUBLIC_READ_PROHIBITED
+          - S3_BUCKET_PUBLIC_WRITE_PROHIBITED
+          - S3_BUCKET_REPLICATION_ENABLED
+          - S3_BUCKET_VERSIONING_ENABLED
+          - S3_BUCKET_DEFAULT_LOCK_ENABLED
+          - S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
     Properties:
       Tags:
         - Key: DatetimeNow

CloudFormation/MacrosExamples/ExecutionRoleBuilder/macro.json

@@ -3,6 +3,14 @@
     "Resources": {
         "Function": {
             "Type": "AWS::Serverless::Function",
+            "Metadata": {
+                "guard": {
+                    "SuppressedRules": [
+                        "LAMBDA_INSIDE_VPC",
+                        "LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
+                    ]
+                }
+            },
             "Properties": {
                 "Runtime": "python3.11",
                 "CodeUri": "lambda",

CloudFormation/MacrosExamples/ExecutionRoleBuilder/macro.yaml

@@ -3,6 +3,11 @@ Transform: AWS::Serverless-2016-10-31
 Resources:
   Function:
     Type: AWS::Serverless::Function
+    Metadata:
+      guard:
+        SuppressedRules:
+          - LAMBDA_INSIDE_VPC
+          - LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
     Properties:
       Runtime: python3.11
       CodeUri: lambda