Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

aws-cf-checker

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

aws-cf-checker - npm Package Compare versions

Comparing version 0.2.0 to 0.2.1

37

lib/securityGroupInbound.js

@@ -22,2 +22,11 @@ // TODO what about port ranges? I think we should not allow them

function mapIdOrReferenceToId(entry) {
"use strict";
if (entry.Ref) {
return entry.Ref;
} else {
return entry;
}
}
function normalizeSecurityGroupAttachmentIds(propertyName) {

@@ -29,3 +38,3 @@ "use strict";

}
return _.map(object.Properties[propertyName], "Ref");
return _.map(object.Properties[propertyName], mapIdOrReferenceToId);
};

@@ -76,4 +85,15 @@ }

"AWS::EC2::Instance": {
"normalizationFun": normalizeSecurityGroupAttachmentIds("SecurityGroupIds"), // TODO could also be NetworkInterfaces
"isPublicFun": alwaysPrivate// TODO is the assumption that a single instance should be never accessible from the outside valid?
"normalizationFun": function(object) {
"use strict";
if (object.Properties.NetworkInterfaces) {
return _.chain(object.Properties.NetworkInterfaces)
.map("GroupSet")
.flatten()
.map(mapIdOrReferenceToId)
.value();
} else {
return normalizeSecurityGroupAttachmentIds("SecurityGroupIds")(object);
}
},
"isPublicFun": alwaysPrivate // TODO is the assumption that a standalone EC2 instance should be never accessible from the outside valid?
},

@@ -85,9 +105,8 @@ "AWS::EFS::MountTarget": {

"AWS::EC2::SpotFleet": {
"normalizationFun": //normalizeSecurityGroupAttachmentIds("SpotFleetRequestConfigData.LaunchSpecifications[].SecurityGroups[]")
function(object) {
"normalizationFun": function(object) {
"use strict";
_.chain(object.Properties.SpotFleetRequestConfigData.LaunchSpecifications)
return _.chain(object.Properties.SpotFleetRequestConfigData.LaunchSpecifications)
.map("SecurityGroups")
.flatten()
.map("Ref")
.map(mapIdOrReferenceToId)
.value();

@@ -100,2 +119,6 @@ },

"isPublicFun": alwaysPrivate
},
"AWS::EC2::NetworkInterface": {
"normalizationFun": normalizeSecurityGroupAttachmentIds("GroupSet"),
"isPublicFun": alwaysPrivate // TODO is the assumption that a standalone ENI should be never accessible from the outside valid?
}

@@ -102,0 +125,0 @@ };

2

package.json
{
"name": "aws-cf-checker",
"version": "0.2.0",
"version": "0.2.1",
"description": "Checks AWS CloudFormation templates for security, reliability and conformity",

@@ -5,0 +5,0 @@ "keywords": ["aws", "cloudformation", "cf"],

@@ -120,2 +120,3 @@ [![Build Status](https://secure.travis-ci.org/widdix/aws-cf-checker.png)](http://travis-ci.org/widdix/aws-cf-checker)

* AWS::AutoScaling::LaunchConfiguration
* AWS::EC2::NetworkInterface
* AWS::EC2::Instance

@@ -122,0 +123,0 @@ * AWS::EC2::SpotFleet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc