Add inline "AND" form #2

nathanataws · 2020-06-15T21:47:38Z

Customers may need to have explicit in-line "AND's" (as opposed to the implicit AND's that are already part of a ruleset) for clarity:

AWS::EC2::SecurityGroup SecurityGroupIngress.*.ToPort != 3306 |AND| SecurityGroupIngress.*.CidrIp != 0.0.0.0/0

The text was updated successfully, but these errors were encountered:

jeffmarcinko · 2020-11-05T20:57:34Z

This enhancement would be helpful for checking templates that often have multiple of the same resource type where the desire is to enforce a compliance rule only on a subset of those resources. Example; a rule that requires insecure ALB listeners (those with protocol == HTTP) to redirect to HTTPS, but ignores HTTP Listeners that with DefaultAction Type == fixed-response.

AWS::ElasticLoadBalancingV2::Listener WHEN Protocol == HTTP |AND| DefaultActions.*.Type == redirect

nathanataws added this to Backlog in Roadmap Jun 16, 2020

nathanataws added the enhancement New feature or request label Jun 16, 2020

nathanataws moved this from Backlog to In Progress in Roadmap Jun 30, 2020

nathanataws added the release-0.6.0 label Jun 30, 2020

nathanataws removed the release-0.6.0 label Aug 3, 2020

nathanataws moved this from In Progress to Backlog in Roadmap Aug 3, 2020

shreyasdamle added the needs-research label Nov 16, 2021

alfonso-clip mentioned this issue Sep 16, 2022

Help creating required tags rule #176

Closed

joshfried-aws added the good first issue Good for newcomers label Apr 18, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add inline "AND" form #2

Add inline "AND" form #2

nathanataws commented Jun 15, 2020 •

edited

jeffmarcinko commented Nov 5, 2020

Add inline "AND" form #2

Add inline "AND" form #2

Comments

nathanataws commented Jun 15, 2020 • edited

jeffmarcinko commented Nov 5, 2020

nathanataws commented Jun 15, 2020 •

edited