QuickStart specific rules for cfn-python-lint

Related tags

Third-party APIs Wrappersqs-cfn-lint-rules
Overview

AWS Quick Start cfn-lint rules

This repo provides CloudFormation linting rules specific to AWS Quick Start guidelines, for more information see the Contributors Guide..

Installation and Usage

cd ~/
git clone https://github.com/aws-quickstart/qs-cfn-lint-rules.git
cd qs-cfn-lint-rules
pip install -e .

To add the rules when running on the command line use the -a flag to add the additional rules:

cfn-lint my-cfn-template.yaml -a ~/qs-cfn-lint-rules/qs_cfn_lint_rules/

To use in your IDE install the relevant cfn-lint plugin and add the rules to your cfn-lint config file (~/.cfnlintrc) as follows:

append_rules:
- ~/qs-cfn-lint-rules/qs_cfn_lint_rules/

Vim Specfic Instructions (using vundle and syntastic)

image

Install the plugins:

Add to syntastic and vim-cfn your ~/.vimrc:

Add to vundle plugin section:

"---------------------------=== Cloudfromation  ===------------------------------
Plugin 'scrooloose/syntastic'        " Syntax checking plugin for Vim
Plugin 'speshak/vim-cfn'             "CloudFormation syntax checking/highlighting

Install plugins

vim +PluginInstall +qall

Set statusline and triggers:

Append to the bottom of your ~/.vimrc:

"cfn-lint
set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%*

let g:syntastic_always_populate_loc_list = 1
let g:syntastic_auto_loc_list = 1
let g:syntastic_check_on_open = 1
let g:syntastic_check_on_wq = 0
let g:syntastic_cloudformation_checkers = ['cfn_lint']

Set FileTypes for vim-cfn:

Add to ~/.vim/bundle/vim-cfn/ftdetect/cloudformation.vim

autocmd BufNewFile,BufRead *.template setfiletype yaml.cloudformation
autocmd BufNewFile,BufRead *.template.yaml setfiletype yaml.cloudformation

Update syntastic pluging

Add the following to ~/.vim/after/plugin/syntastic.vim:

let g:syntastic_cloudformation_checkers = ['cfn_lint']

Comments
  • Add Child Stack parameter matching checks

    Add Child Stack parameter matching checks

    Issue #, if available:

    Adding support for AWS::CloudFormation::Stack to check for Parameter mismatching between parent and child templates.

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by gargana 4
  • Linting EncryptionKey problem

    Linting EncryptionKey problem

    Hello, I added Actions:

    kms:CancelKeyDeletion
kms:ConnectCustomKeyStore
kms:CreateAlias
kms:CreateCustomKeyStore
kms:CreateGrant
kms:CreateKey
kms:Decrypt
kms:DeleteAlias
...

    And I get an error:

    EIAMPolicyWildcardResource IAM policy should not allow * resource; This method in this in this policy support granular permissions

    Following the official documentation, I tried this:

    Effect: Allow
Principal:
  AWS: 'arn:aws:iam::111122223333:root'
Action: 'kms:*'
Resource: '*'

    And I get an error:

    EIAMPolicyActionWildcard IAM policy should not allow * Actions; List each required action explicitly instead matching actions for kms:* are: ["kms:GenerateDataKeyWithoutPlaintext", "kms:UpdatePrimaryRegion", "kms:CancelKeyDeletion", "kms:DisableKeyRotation", "kms:GenerateDataKey", "kms:EnableKeyRotation", "kms:GenerateDataKeyPairWithoutPlaintext", "kms:SynchronizeMultiRegionKey", "kms:EnableKey", "kms:ListKeyPolicies", "kms:DisableKey", "kms:DescribeKey", "kms:Decrypt", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:DescribeCustomKeyStores", "kms:ListKeys", "kms:GenerateDataKeyPair", "kms:GenerateRandom", "kms:ScheduleKeyDeletion", "kms:ImportKeyMaterial", "kms:Encrypt", "kms:GetPublicKey", "kms:CreateAlias", "kms:DeleteCustomKeyStore", "kms:Verify", "kms:CreateKey", "kms:Sign", "kms:ListGrants", "kms:RetireGrant", "kms:RevokeGrant", "kms:ListRetirableGrants", "kms:DeleteAlias", "kms:ReEncryptTo", "kms:PutKeyPolicy", "kms:UpdateCustomKeyStore", "kms:DisconnectCustomKeyStore", "kms:ReplicateKey", "kms:UntagResource", "kms:ListResourceTags", "kms:CreateCustomKeyStore", "kms:ConnectCustomKeyStore", "kms:UpdateKeyDescription", "kms:TagResource", "kms:GetParametersForImport", "kms:UpdateAlias", "kms:ListAliases", "kms:DeleteImportedKeyMaterial", "kms:ReEncryptFrom", "kms:CreateGrant"]

    How can I solve the problem?

    opened by grimmyson 1
  • Apply mixed-line-ending recommendations

    Apply mixed-line-ending recommendations

    Issue #, if available:

    Description of changes: Apply mixed-line-ending pre-commit-hook recommendations

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    enhancement 
    opened by tlindsay42 1
  • Failing stack creation on certain error codes.

    Failing stack creation on certain error codes.

    Hi,

    We have developed a cicd pipeline for creating resources through cfn. As a security checks, we use cfn-lint and cfn-nag for testing the templates. Is there any flags to pass so that we can fail the build if certain error codes met ?

    opened by sriram9707 1
  • Add custom dictionary words

    Add custom dictionary words

    • For quickstart-amazon-eks

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by tlindsay42 0
  • Add custom dictionary words

    Add custom dictionary words

    • For quickstart-amazon-eks

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by tlindsay42 0
  • Add custom dictionary words

    Add custom dictionary words

    • For quickstart-amazon-eks

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by tlindsay42 0
  • Add custom dictionary words

    Add custom dictionary words

    • For quickstart-eks-gitlab

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by tlindsay42 0
  • Restrict cfn-lint version

    Restrict cfn-lint version

    Description of changes: Restrict cfn-lint version

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by vsnyc 0
  • Add custom dictionary words

    Add custom dictionary words

    • For quickstart-eks-gitlab

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by tlindsay42 0
  • Add custom dictionary words

    Add custom dictionary words

    • For quickstart-eks-gitlab

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by tlindsay42 0
  • Update EBSVolumeEncryption.py

    Update EBSVolumeEncryption.py

    Description of changes: Incorrect property is being checked, it should be Encrypted, not StorageEncrypted for AWS::EC2::Volume

    By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

    opened by vsnyc 0
  • AWS::RDS::DBCluster/StorageEncrypted false positive

    AWS::RDS::DBCluster/StorageEncrypted false positive

    The AWS::RDS::DBCluster resource property StorageEncrypted is not property evaluated. When this value is set to true the lint rule violation persists.

    opened by andrew-glenn 0
  • New rule for : Linting Rule for LABELS PARAMETERS in Param Label structure

    New rule for : Linting Rule for LABELS PARAMETERS in Param Label structure

    Having bad indentation can break document generation:

        - Label:
        default: Aerospike configuration
      Parameters:
      - NumberOfInstances
      - Tenancy
      - EnableCloudWatch
      - InstanceType
      - EBS
      - NamespaceFile
      - FeatureKeyFile
    - Label:
        default: Linux bastion configuration
        Parameters:
          - BastionAMIOS
          - BastionInstanceType
          - NumBastionHosts
    opened by gargana 0
Releases(v1.5)
Owner
AWS Quick Start
Automated gold-standard deployments on AWS
AWS Quick Start
GitHub Repository
fair-test is a library to build and deploy FAIR metrics tests APIs supporting the specifications used by the FAIRMetrics working group.

☑️ FAIR test fair-test is a library to build and deploy FAIR metrics tests APIs supporting the specifications used by the FAIRMetrics working group. I

Maastricht University IDS 6 Oct 30, 2022
A Code that can make your Discord Account 24/7 on Voice Channels!

Voicecord Make your Discord Account Online 24/7 on Voice Channels! A Code written in Python that helps you to keep your account 24/7 on Voice Channels

Phantom 229 Jan 07, 2023
ChairBot is designed to be reliable, easy to use, and lightweight for every user, and easliy to code add-ons for ChairBot.

ChairBot is designed to be reliable, easy to use, and lightweight for every user, and easliy to code add-ons for ChairBot. Ready to see whats possible with ChairBot?

1 Nov 08, 2021
eBay Scraper Homework 3 With Python

eBay Scraper Homework 3 Description of Code My ebay-dl.py file is programmed with python to download 6 key pieces of information - name, if there are

1 Nov 10, 2021
This repo provides the source code for "Cross-Domain Adaptive Teacher for Object Detection".

Cross-Domain Adaptive Teacher for Object Detection This is the PyTorch implementation of our paper: Cross-Domain Adaptive Teacher for Object Detection

Meta Research 91 Dec 12, 2022
buys ethereum based on graphics card moving average price on ebay

ebay_trades buys ethereum based on graphics card moving average price on ebay Built as a meme, this application will scrape the first 3 pages of ebay

ConnorCreate 41 Jan 05, 2023
Backend.AI Client Library for Python

Backend.AI Client The official API client library for Backend.AI Usage (KeyPair mode) You should set the access key and secret key as environment vari

Lablup 10 Feb 10, 2022
A bot to get Statistics like the Playercount from your Minecraft-Server on your Discord-Server

Hey Thanks for reading me. Warning: My English is not the best I have programmed this bot to show me statistics about the player numbers and ping of m

spaffel 12 Sep 24, 2022
A module to get data about anime characters, news, info, lyrics and more.

Animec A module to get data about anime characters, news, info, lyrics and more. The module scrapes myanimelist to parse requested data. If you wish t

DriftAsimov 31 Aug 31, 2022
Utilizing the freqtrade high-frequency cryptocurrency trading framework to build and optimize trading strategies. The bot runs nonstop on a Rasberry Pi.

Freqtrade Strategy Repository Please test all scripts and dry run them before using them in live mode Contact me on discord if you have any questions!

Michael Fourie 90 Jan 01, 2023
SC4.0 - BEST EXPERIENCE · HEX EDITOR · Discord Nuker · Plugin Adder · Cheat Engine

smilecreator4 This site is for people who want to hack or want to learn it! Furthermore, this program does not work without turning off Antivirus or W

1 Jan 04, 2022
Easily update resume to naukri with one click

NAUKRI RESUME AUTO UPDATER I am using poetry for dependencies. you can check or change in data.txt file for username and password Resume file must be

Rahul.p 1 May 02, 2022
OAN Music - Highly advanced User Music Bot

ཧᜰ꙰ꦿ➢𝐎𝐀𝐍༒☛ 🎧 Advanced 𝐎𝐀𝐍 Music bot. 🔗 𝐏𝐨𝐰𝐞𝐫𝐞𝐝 𝐛𝐲 : ➢𝐀ttitude

Attitude king 5 Feb 25, 2022
Intelligent Trading Bot: Automatically generating signals and trading based on machine learning and feature engineering

Intelligent Trading Bot: Automatically generating signals and trading based on machine learning and feature engineering

Alexandr Savinov 326 Jan 03, 2023
historical code from reddit.com

This repository is archived. This repository is archived and will not receive any updates or accept issues or pull requests. To report bugs in reddit.

The Reddit Archives 16.3k Dec 31, 2022
A python script to download twitter space, only works on running spaces (for now).

A python script to download twitter space, only works on running spaces (for now).

279 Jan 02, 2023
Maintained wavelink fork for pycord

Pycord.Wavelink Wavelink is robust and powerful Lavalink wrapper for Pycord! Wavelink features a fully asynchronous API that's intuitive and easy to u

Pycord Development 23 Dec 11, 2022
Discord-Lite - A light weight discord client written in Python, for developers, by developers.

Discord-Lite - A light weight discord client written in Python, for developers, by developers.

Sachit 142 Jan 07, 2023
Wechat-file-cleaner - Clean files in PC WeChat FileStorage directory

Wechat-file-cleaner - Clean files in PC WeChat FileStorage directory

Xingjian Zhang 1 Feb 06, 2022
Fetch tracking numbers of Amazon orders, for the ease of the logistics.

Amazon-Tracking-Number Fetch tracking numbers of Amazon orders, for the ease of the logistics. Read Me First (How to use this code): Get Amazon "Items

Tony Yao 1 Nov 02, 2021