stelligent/cfn_nag v0.5.22 on GitHub

🚀 Features

#191 Create GitHub releases with corresponding changelog @pshelby (#398)

0.0.0 - 0.5.21 Changes

ApiGateway UsagePlan rule @tmcelhattan (#390)
Fix for W59 @tmcelhattan (#397)
#394 Cleanup rspec output @pshelby (#395)
#59 Two rules to validate EMR SecurityConfigurations @pshelby (#393)
#74 Raise violations on administrator access for SAM functions @pshelby (#392)
Update README.md @mtoothman (#391)
[#63] Adding a Warning for VPCs Missing FlowLogs @archetypalsxe (#382)
#337 Inherit proper Serverless generated resource handling from latest cfn-model @pshelby (#387)
#388 Correcting logs:PutLogEvent permission to logs:PutLogEvents @pshelby (#389)
init commit for issue 72 - API Gateway AuthType property - warning fo… @tmcelhattan (#385)
#383 ApiGateway Security @pethers (#386)
#76 Rule to validate Lambda permission to write CloudWatch Logs @pshelby (#358)
#141 Upgrading cfn-model version to inherit Globals section parsing @pshelby (#381)
update rule Ids @tmcelhattan (#375)
Adding warning rule for cognito IdentityPool AllowUnauthenticatedIdentities - #68 @tmcelhattan (#372)
Initial commit for Issue #67 - Adding rule to check for Cognito UserP… @tmcelhattan (#366)
Feature/369 adjust vscode container build and deploy @phelewski (#370)
#368 changing ssh and gpg to be mounted as a volume @phelewski (#371)
Fix the Listener SslPolicy parameter name casing @thegonch (#363)
Feature/vscode development @phelewski (#356)
#53 Flag AWS::SDB::Domain resource as a violation @thegonch (#360)
#60 Feature/60 elbv2 listener ssl policy rules @thegonch (#354)
Updating deprecated 'version' property to 'ruby-version' for setup-ruby action @pshelby (#355)
Feature/352 allow novalue in password rules @phelewski (#353)
#268 Adding step in cfn_nag workflow to trigger workflow in stelligent/homebrew-tap repo. @pshelby (#348)
#349 adding status badge for workflow @phelewski (#350)
Feature/253 remaining password property rules @phelewski (#345)
#253 updating AmazonMQ Broker Users Password rule to use password helper and to correct custom rule name to match property name @phelewski (#346)
Feature/253 update iam user login profile password rule @phelewski (#347)
Feature/253 emr cluster kerberos attributes password rules @phelewski (#343)
Feature/253 aws pinpoint password rules @phelewski (#341)
Feature/253 kinesis firehose delivery stream password rules @phelewski (#342)
Feature/253 aws opsworks password rules @phelewski (#340)
#335 Adding warning if a KMS key allows wildcarded principals in its policy @pshelby (#338)
Feature/add secure rule for alexa ask skill authentication configuration @phelewski (#323)
new rule :ElasticsearchcDomain should specify EncryptionAtRestOptions @pethers (#331)
New rule : AmazonMQ Broker should specify EncryptionOptions @pethers (#330)
Correcting Failing Unit Test @archetypalsxe (#333)
Feature/253 amplify password rules @phelewski (#325)
#253 adding AccountPassword rule for AppStream DirectoryConfig ServiceAccountCredentials @phelewski (#327)
feature/253 dms endpoint mongodbsettings password rule @phelewski (#326)
Issue #316 kinesis stream encryption @tmcelhattan (#328)
Creating and Updating password helpers and updating opsworks stack rds password rule @phelewski (#324)
Adding violation rule for SQS Queue - KmsMasterKeyId property. Issue #315 @tmcelhattan (#320)
Feature/issue 314 sns topic kmsmasterkeyid - Issue #314 @tmcelhattan (#321)
Missing access logging rule for AWS::ElasticLoadBalancingV2 @pethers (#313)
ApiGateway V2 should have access logging configured @pethers (#312)
Adding custom rules and tests for issue #253 - AWS::IAM::User.LoginPr… @tmcelhattan (#298)
Feature/issue 253 ops works stack rds db password @tmcelhattan (#302)
Feature/issue 253 amazonmq broker user password @tmcelhattan (#301)
Rule for api gateway access logging enabled #299 @pethers (#300)
Modify Rule W43 to include warning for PowerUserAccess and IAMFullAccess @mcahill7 (#294)
Update netaddr to resolve CVE-2019-17383 @arothian (#296)
Iam AdministratorAccess managed policy rule @mcahill7 (#293)
#273 - New rule to warn on ipProtocol -1 @Mr-Lizard (#279)
#278 - Create rule for S3 Bucket Encryption @Mr-Lizard (#282)
#57 Look for wildcards in AWS::IoT::Policy @Mr-Lizard (#275)
#86 install cfn_nag using brew on Mac and Linux @twellspring (#267)
#269 Add output-format option to cfn_nag_rules @twellspring (#270)
Dockerfile improvements @nevstokes (#264)
#244 update dev dockerfile and documentation @twellspring (#259)
#147 Feature/147 @twellspring (#243)
#242 - Add new 'colortxt' output_format, 'txt' output_format no longer colorizes output @jesseadams (#257)
Feature/adjust password base rule to work with sub properties @phelewski (#256)
Updating tests for RDS DB Instance resource @phelewski (#241)
Feature/148 @twellspring (#246)
fix dockerfile when gemfile.lock is not present @kidbrax (#247)
Create consolidated Password rule @phelewski (#239)
Fail on not utilizing NoEcho for Password in AWS::DirectoryService::MicrosoftAD @phelewski (#235)
Fail on not utilizing NoEcho for Password in AWS::DMS::Endpoint @phelewski (#236)
Add Dynamic Reference checks for AWS::DirectoryService::SimpleAD Password @phelewski (#237)
Fail on not utilizing NoEcho for MasterUserPassword in AWS::Redshift::Cluster @phelewski (#232)
converted Make to Rake and added a few new commands @kidbrax (#229)
Fail on not utilizing NoEcho for MasterUserPassword in AWS::RDS::DBCluster @phelewski (#228)
#230 - More windows :io to :string fixes @jesseadams (#231)
merge stelligent updates @fortunecookiezen (#1)
Remove need for RVM @kidbrax (#227)
#140 - Fixes input-path opt on Windows @jesseadams (#226)
#224 - Fixes rule loading with Windows Command Prompt @jesseadams (#225)
Prevent duplicate ids @jesseadams (#221)
#211 - Refactoring boolean rules to be more DRY @jesseadams (#222)
#214 - Restore output-type to cfn_nag @jesseadams (#215)
Refactor CLI Interface, Add Scan fail-on-warnings @byronic (#197)
Bugfix/account for false as string @seanmckinley (#219)
Feature/fail if enable key rotation false or absent @seanmckinley (#218)