🚀 Features
0.0.0 - 0.5.21 Changes
- ApiGateway UsagePlan rule @tmcelhattan (#390)
- Fix for W59 @tmcelhattan (#397)
- #394 Cleanup rspec output @pshelby (#395)
- #59 Two rules to validate EMR SecurityConfigurations @pshelby (#393)
- #74 Raise violations on administrator access for SAM functions @pshelby (#392)
- Update README.md @mtoothman (#391)
- [#63] Adding a Warning for VPCs Missing FlowLogs @archetypalsxe (#382)
- #337 Inherit proper Serverless generated resource handling from latest cfn-model @pshelby (#387)
- #388 Correcting logs:PutLogEvent permission to logs:PutLogEvents @pshelby (#389)
- init commit for issue 72 - API Gateway AuthType property - warning fo… @tmcelhattan (#385)
- #383 ApiGateway Security @pethers (#386)
- #76 Rule to validate Lambda permission to write CloudWatch Logs @pshelby (#358)
- #141 Upgrading cfn-model version to inherit Globals section parsing @pshelby (#381)
- update rule Ids @tmcelhattan (#375)
- Adding warning rule for cognito IdentityPool AllowUnauthenticatedIdentities - #68 @tmcelhattan (#372)
- Initial commit for Issue #67 - Adding rule to check for Cognito UserP… @tmcelhattan (#366)
- Feature/369 adjust vscode container build and deploy @phelewski (#370)
- #368 changing ssh and gpg to be mounted as a volume @phelewski (#371)
- Fix the Listener SslPolicy parameter name casing @thegonch (#363)
- Feature/vscode development @phelewski (#356)
- #53 Flag AWS::SDB::Domain resource as a violation @thegonch (#360)
- #60 Feature/60 elbv2 listener ssl policy rules @thegonch (#354)
- Updating deprecated 'version' property to 'ruby-version' for setup-ruby action @pshelby (#355)
- Feature/352 allow novalue in password rules @phelewski (#353)
- #268 Adding step in cfn_nag workflow to trigger workflow in stelligent/homebrew-tap repo. @pshelby (#348)
- #349 adding status badge for workflow @phelewski (#350)
- Feature/253 remaining password property rules @phelewski (#345)
- #253 updating AmazonMQ Broker Users Password rule to use password helper and to correct custom rule name to match property name @phelewski (#346)
- Feature/253 update iam user login profile password rule @phelewski (#347)
- Feature/253 emr cluster kerberos attributes password rules @phelewski (#343)
- Feature/253 aws pinpoint password rules @phelewski (#341)
- Feature/253 kinesis firehose delivery stream password rules @phelewski (#342)
- Feature/253 aws opsworks password rules @phelewski (#340)
- #335 Adding warning if a KMS key allows wildcarded principals in its policy @pshelby (#338)
- Feature/add secure rule for alexa ask skill authentication configuration @phelewski (#323)
- new rule :ElasticsearchcDomain should specify EncryptionAtRestOptions @pethers (#331)
- New rule : AmazonMQ Broker should specify EncryptionOptions @pethers (#330)
- Correcting Failing Unit Test @archetypalsxe (#333)
- Feature/253 amplify password rules @phelewski (#325)
- #253 adding AccountPassword rule for AppStream DirectoryConfig ServiceAccountCredentials @phelewski (#327)
- feature/253 dms endpoint mongodbsettings password rule @phelewski (#326)
- Issue #316 kinesis stream encryption @tmcelhattan (#328)
- Creating and Updating password helpers and updating opsworks stack rds password rule @phelewski (#324)
- Adding violation rule for SQS Queue - KmsMasterKeyId property. Issue #315 @tmcelhattan (#320)
- Feature/issue 314 sns topic kmsmasterkeyid - Issue #314 @tmcelhattan (#321)
- Missing access logging rule for AWS::ElasticLoadBalancingV2 @pethers (#313)
- ApiGateway V2 should have access logging configured @pethers (#312)
- Adding custom rules and tests for issue #253 - AWS::IAM::User.LoginPr… @tmcelhattan (#298)
- Feature/issue 253 ops works stack rds db password @tmcelhattan (#302)
- Feature/issue 253 amazonmq broker user password @tmcelhattan (#301)
- Rule for api gateway access logging enabled #299 @pethers (#300)
- Modify Rule W43 to include warning for PowerUserAccess and IAMFullAccess @mcahill7 (#294)
- Update netaddr to resolve CVE-2019-17383 @arothian (#296)
- Iam AdministratorAccess managed policy rule @mcahill7 (#293)
- #273 - New rule to warn on ipProtocol -1 @Mr-Lizard (#279)
- #278 - Create rule for S3 Bucket Encryption @Mr-Lizard (#282)
- #57 Look for wildcards in AWS::IoT::Policy @Mr-Lizard (#275)
- #86 install cfn_nag using brew on Mac and Linux @twellspring (#267)
- #269 Add output-format option to cfn_nag_rules @twellspring (#270)
- Dockerfile improvements @nevstokes (#264)
- #244 update dev dockerfile and documentation @twellspring (#259)
- #147 Feature/147 @twellspring (#243)
- #242 - Add new 'colortxt' output_format, 'txt' output_format no longer colorizes output @jesseadams (#257)
- Feature/adjust password base rule to work with sub properties @phelewski (#256)
- Updating tests for RDS DB Instance resource @phelewski (#241)
- Feature/148 @twellspring (#246)
- fix dockerfile when gemfile.lock is not present @kidbrax (#247)
- Create consolidated Password rule @phelewski (#239)
- Fail on not utilizing NoEcho for Password in AWS::DirectoryService::MicrosoftAD @phelewski (#235)
- Fail on not utilizing NoEcho for Password in AWS::DMS::Endpoint @phelewski (#236)
- Add Dynamic Reference checks for AWS::DirectoryService::SimpleAD Password @phelewski (#237)
- Fail on not utilizing NoEcho for MasterUserPassword in AWS::Redshift::Cluster @phelewski (#232)
- converted Make to Rake and added a few new commands @kidbrax (#229)
- Fail on not utilizing NoEcho for MasterUserPassword in AWS::RDS::DBCluster @phelewski (#228)
- #230 - More windows :io to :string fixes @jesseadams (#231)
- merge stelligent updates @fortunecookiezen (#1)
- Remove need for RVM @kidbrax (#227)
- #140 - Fixes input-path opt on Windows @jesseadams (#226)
- #224 - Fixes rule loading with Windows Command Prompt @jesseadams (#225)
- Prevent duplicate ids @jesseadams (#221)
- #211 - Refactoring boolean rules to be more DRY @jesseadams (#222)
- #214 - Restore output-type to cfn_nag @jesseadams (#215)
- Refactor CLI Interface, Add Scan fail-on-warnings @byronic (#197)
- Bugfix/account for false as string @seanmckinley (#219)
- Feature/fail if enable key rotation false or absent @seanmckinley (#218)