Skip to content

Commit 4e49074

Browse files
ericzbeardericzbeard
committed
Fixed last of guard issues
1 parent d92ae9b commit 4e49074

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

53 files changed

+621
-628
lines changed

CloudFormation/MacrosExamples/Boto3/macro.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,14 @@
1212
},
1313
"MacroFunction": {
1414
"Type": "AWS::Serverless::Function",
15+
"Metadata": {
16+
"guard": {
17+
"SuppressedRules": [
18+
"LAMBDA_INSIDE_VPC",
19+
"LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
20+
]
21+
}
22+
},
1523
"Properties": {
1624
"Runtime": "python3.11",
1725
"CodeUri": "lambda",

CloudFormation/MacrosExamples/Boto3/macro.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,11 @@ Resources:
1111

1212
MacroFunction:
1313
Type: AWS::Serverless::Function
14+
Metadata:
15+
guard:
16+
SuppressedRules:
17+
- LAMBDA_INSIDE_VPC
18+
- LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
1419
Properties:
1520
Runtime: python3.11
1621
CodeUri: lambda

CloudFormation/MacrosExamples/Count/template.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,14 @@
1717
},
1818
"CountMacroFunction": {
1919
"Type": "AWS::Serverless::Function",
20+
"Metadata": {
21+
"guard": {
22+
"SuppressedRules": [
23+
"LAMBDA_INSIDE_VPC",
24+
"LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
25+
]
26+
}
27+
},
2028
"Properties": {
2129
"CodeUri": "src",
2230
"Handler": "index.handler",

CloudFormation/MacrosExamples/Count/template.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,11 @@ Resources:
1414

1515
CountMacroFunction:
1616
Type: AWS::Serverless::Function
17+
Metadata:
18+
guard:
19+
SuppressedRules:
20+
- LAMBDA_INSIDE_VPC
21+
- LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
1722
Properties:
1823
CodeUri: src
1924
Handler: index.handler

CloudFormation/MacrosExamples/Count/test.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,20 @@
1414
"Resources": {
1515
"BucketToCopyA": {
1616
"Type": "AWS::S3::Bucket",
17+
"Metadata": {
18+
"Comment": "Suppressing typical rules for sample purposes only",
19+
"guard": {
20+
"SuppressedRules": [
21+
"S3_BUCKET_LOGGING_ENABLED",
22+
"S3_BUCKET_PUBLIC_READ_PROHIBITED",
23+
"S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
24+
"S3_BUCKET_REPLICATION_ENABLED",
25+
"S3_BUCKET_VERSIONING_ENABLED",
26+
"S3_BUCKET_DEFAULT_LOCK_ENABLED",
27+
"S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
28+
]
29+
}
30+
},
1731
"Properties": {
1832
"Tags": [
1933
{
@@ -26,6 +40,20 @@
2640
},
2741
"BucketToCopyB": {
2842
"Type": "AWS::S3::Bucket",
43+
"Metadata": {
44+
"Comment": "Suppressing typical rules for sample purposes only",
45+
"guard": {
46+
"SuppressedRules": [
47+
"S3_BUCKET_LOGGING_ENABLED",
48+
"S3_BUCKET_PUBLIC_READ_PROHIBITED",
49+
"S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
50+
"S3_BUCKET_REPLICATION_ENABLED",
51+
"S3_BUCKET_VERSIONING_ENABLED",
52+
"S3_BUCKET_DEFAULT_LOCK_ENABLED",
53+
"S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
54+
]
55+
}
56+
},
2957
"Properties": {
3058
"Tags": [
3159
{
@@ -41,6 +69,20 @@
4169
},
4270
"BucketToCopyC": {
4371
"Type": "AWS::S3::Bucket",
72+
"Metadata": {
73+
"Comment": "Suppressing typical rules for sample purposes only",
74+
"guard": {
75+
"SuppressedRules": [
76+
"S3_BUCKET_LOGGING_ENABLED",
77+
"S3_BUCKET_PUBLIC_READ_PROHIBITED",
78+
"S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
79+
"S3_BUCKET_REPLICATION_ENABLED",
80+
"S3_BUCKET_VERSIONING_ENABLED",
81+
"S3_BUCKET_DEFAULT_LOCK_ENABLED",
82+
"S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
83+
]
84+
}
85+
},
4486
"Properties": {
4587
"Tags": [
4688
{
@@ -55,6 +97,20 @@
5597
},
5698
"BucketToCopyD": {
5799
"Type": "AWS::S3::Bucket",
100+
"Metadata": {
101+
"Comment": "Suppressing typical rules for sample purposes only",
102+
"guard": {
103+
"SuppressedRules": [
104+
"S3_BUCKET_LOGGING_ENABLED",
105+
"S3_BUCKET_PUBLIC_READ_PROHIBITED",
106+
"S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
107+
"S3_BUCKET_REPLICATION_ENABLED",
108+
"S3_BUCKET_VERSIONING_ENABLED",
109+
"S3_BUCKET_DEFAULT_LOCK_ENABLED",
110+
"S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
111+
]
112+
}
113+
},
58114
"Properties": {
59115
"Tags": [
60116
{

CloudFormation/MacrosExamples/Count/test.yaml

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,17 @@ Transform: Count
1414
Resources:
1515
BucketToCopyA:
1616
Type: AWS::S3::Bucket
17+
Metadata:
18+
Comment: Suppressing typical rules for sample purposes only
19+
guard:
20+
SuppressedRules:
21+
- S3_BUCKET_LOGGING_ENABLED
22+
- S3_BUCKET_PUBLIC_READ_PROHIBITED
23+
- S3_BUCKET_PUBLIC_WRITE_PROHIBITED
24+
- S3_BUCKET_REPLICATION_ENABLED
25+
- S3_BUCKET_VERSIONING_ENABLED
26+
- S3_BUCKET_DEFAULT_LOCK_ENABLED
27+
- S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
1728
Properties:
1829
Tags:
1930
- Key: TestKey
@@ -22,6 +33,17 @@ Resources:
2233

2334
BucketToCopyB:
2435
Type: AWS::S3::Bucket
36+
Metadata:
37+
Comment: Suppressing typical rules for sample purposes only
38+
guard:
39+
SuppressedRules:
40+
- S3_BUCKET_LOGGING_ENABLED
41+
- S3_BUCKET_PUBLIC_READ_PROHIBITED
42+
- S3_BUCKET_PUBLIC_WRITE_PROHIBITED
43+
- S3_BUCKET_REPLICATION_ENABLED
44+
- S3_BUCKET_VERSIONING_ENABLED
45+
- S3_BUCKET_DEFAULT_LOCK_ENABLED
46+
- S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
2547
Properties:
2648
Tags:
2749
- Key: TestKey
@@ -32,6 +54,17 @@ Resources:
3254

3355
BucketToCopyC:
3456
Type: AWS::S3::Bucket
57+
Metadata:
58+
Comment: Suppressing typical rules for sample purposes only
59+
guard:
60+
SuppressedRules:
61+
- S3_BUCKET_LOGGING_ENABLED
62+
- S3_BUCKET_PUBLIC_READ_PROHIBITED
63+
- S3_BUCKET_PUBLIC_WRITE_PROHIBITED
64+
- S3_BUCKET_REPLICATION_ENABLED
65+
- S3_BUCKET_VERSIONING_ENABLED
66+
- S3_BUCKET_DEFAULT_LOCK_ENABLED
67+
- S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
3568
Properties:
3669
Tags:
3770
- Key: TestKey
@@ -40,6 +73,17 @@ Resources:
4073

4174
BucketToCopyD:
4275
Type: AWS::S3::Bucket
76+
Metadata:
77+
Comment: Suppressing typical rules for sample purposes only
78+
guard:
79+
SuppressedRules:
80+
- S3_BUCKET_LOGGING_ENABLED
81+
- S3_BUCKET_PUBLIC_READ_PROHIBITED
82+
- S3_BUCKET_PUBLIC_WRITE_PROHIBITED
83+
- S3_BUCKET_REPLICATION_ENABLED
84+
- S3_BUCKET_VERSIONING_ENABLED
85+
- S3_BUCKET_DEFAULT_LOCK_ENABLED
86+
- S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
4387
Properties:
4488
Tags:
4589
- Key: TestKey

CloudFormation/MacrosExamples/DateFunctions/date.json

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,14 @@
4343
},
4444
"TransformFunction": {
4545
"Type": "AWS::Lambda::Function",
46+
"Metadata": {
47+
"guard": {
48+
"SuppressedRules": [
49+
"LAMBDA_INSIDE_VPC",
50+
"LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
51+
]
52+
}
53+
},
4654
"Properties": {
4755
"Code": {
4856
"ZipFile": {
@@ -61,6 +69,13 @@
6169
},
6270
"TransformFunctionPermissions": {
6371
"Type": "AWS::Lambda::Permission",
72+
"Metadata": {
73+
"guard": {
74+
"SuppressedRules": [
75+
"LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED"
76+
]
77+
}
78+
},
6479
"Properties": {
6580
"Action": "lambda:InvokeFunction",
6681
"FunctionName": {

CloudFormation/MacrosExamples/DateFunctions/date.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,11 @@ Resources:
3131
# Function we use for transformaton
3232
TransformFunction:
3333
Type: AWS::Lambda::Function
34+
Metadata:
35+
guard:
36+
SuppressedRules:
37+
- LAMBDA_INSIDE_VPC
38+
- LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
3439
Properties:
3540
Code:
3641
ZipFile: !Rain::Embed handler.py
@@ -41,6 +46,10 @@ Resources:
4146
# Tranform function permissions
4247
TransformFunctionPermissions:
4348
Type: AWS::Lambda::Permission
49+
Metadata:
50+
guard:
51+
SuppressedRules:
52+
- LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED
4453
Properties:
4554
Action: lambda:InvokeFunction
4655
FunctionName: !GetAtt TransformFunction.Arn

CloudFormation/MacrosExamples/DateFunctions/date_example.json

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,20 @@
2323
"Resources": {
2424
"S3Bucket": {
2525
"Type": "AWS::S3::Bucket",
26+
"Metadata": {
27+
"Comment": "Suppressing typical rules for sample purposes only",
28+
"guard": {
29+
"SuppressedRules": [
30+
"S3_BUCKET_LOGGING_ENABLED",
31+
"S3_BUCKET_PUBLIC_READ_PROHIBITED",
32+
"S3_BUCKET_PUBLIC_WRITE_PROHIBITED",
33+
"S3_BUCKET_REPLICATION_ENABLED",
34+
"S3_BUCKET_VERSIONING_ENABLED",
35+
"S3_BUCKET_DEFAULT_LOCK_ENABLED",
36+
"S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED"
37+
]
38+
}
39+
},
2640
"Properties": {
2741
"Tags": [
2842
{

CloudFormation/MacrosExamples/DateFunctions/date_example.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,17 @@ Parameters:
2323
Resources:
2424
S3Bucket:
2525
Type: AWS::S3::Bucket
26+
Metadata:
27+
Comment: Suppressing typical rules for sample purposes only
28+
guard:
29+
SuppressedRules:
30+
- S3_BUCKET_LOGGING_ENABLED
31+
- S3_BUCKET_PUBLIC_READ_PROHIBITED
32+
- S3_BUCKET_PUBLIC_WRITE_PROHIBITED
33+
- S3_BUCKET_REPLICATION_ENABLED
34+
- S3_BUCKET_VERSIONING_ENABLED
35+
- S3_BUCKET_DEFAULT_LOCK_ENABLED
36+
- S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED
2637
Properties:
2738
Tags:
2839
- Key: Current

0 commit comments

Comments
 (0)