Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
aws-cf-checker
Advanced tools
Checks AWS CloudFormation templates for security, reliability and conformity
Checks can guarantee high security, reliability and conformity of your CloudFormation templates. We provide a set of default checks that you can use to validate your templates.
install the module globally
npm install aws-cf-checker -g
reading template from file
cf-checker --templateFile ./path/to/template.json
cf-checker --templateFile ./path/to/template.json --checksFile ./path/to/checks.json
reading template from stdin
cat ./path/to/template.json | cf-checker
cat ./path/to/template.json | cf-checker --checksFile ./path/to/checks.json
as long as the exit code is 0
your template is fine
install the module locally
npm install aws-cf-checker
reading template from file
var checker = require("aws-cf-checker")
checker.checkFile("./path/to/template.json", {"logicalID": {"case": "pascal"}}, function(err, findings) {
if (err) {
throw err;
} else {
if (findings.length > 0) {
console.error("findings", findings);
} else {
console.log("no findings");
}
}
});
using a template object
var checker = require("aws-cf-checker")
var template = {
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "minimal template"
};
checker.checkFile(template, {"logicalID": {"case": "pascal"}}, function(err, findings) {
if (err) {
throw err;
} else {
if (findings.length > 0) {
console.error("findings", findings);
} else {
console.log("no findings");
}
}
});
as long as the findings
array is empty your template is fine
Checks are configured with a JSON file. Have a look at our default checks.
Checks logical ids of your template.
Options:
case
: Enum["pascal", "camel"] (default: "pascal")Checks if the resource types are allowed in the template.
If you deny
resource types everything that is not denied is allowed.
If you allow
resource types everything that is not allowed is denied.
Options:
deny
: Array[String]allow
: Array[String]Checks that only security groups attached to external load balancers allow traffic from public ip addresses. Security groups attached to internal load balancers, auto scaling groups (launch configuration), rds instances should only allow inbound traffic from other security groups or private ip addresses.
Options:
FAQs
Checks AWS CloudFormation templates for security, reliability and conformity
The npm package aws-cf-checker receives a total of 0 weekly downloads. As such, aws-cf-checker popularity was classified as not popular.
We found that aws-cf-checker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.