""" Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: MIT-0 """ from cfnlint.rules import CloudFormationLintRule, RuleMatch class FindInMapKeys(CloudFormationLintRule): """Check if FindInMap values are correct""" id = "W1011" shortdesc = "FindInMap keys exist in the map" description = ( "Checks the keys in a FindInMap to make sure they exist. " "Check only if the Map Name is a string and if the key is a string." ) source_url = "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-findinmap.html" tags = ["functions", "findinmap"] def check_keys(self, map_name, keys, mappings, tree): """Check the validity of the first key""" matches = [] first_key = keys[0] second_key = keys[1] if isinstance(second_key, (str, int)): if isinstance(map_name, (str)): mapping = mappings.get(map_name) if mapping: if isinstance(first_key, (str, int)): if isinstance(map_name, (str)): if mapping.get(first_key) is None: message = 'FindInMap first key "{0}" doesn\'t exist in map "{1}" at {3}' matches.append( RuleMatch( tree[:] + [1], message.format( first_key, map_name, first_key, "/".join(map(str, tree)), ), ) ) if mapping.get(first_key): # Don't double error if they first key doesn't exist if mapping.get(first_key, {}).get(second_key) is None: message = 'FindInMap second key "{0}" doesn\'t exist in map "{1}" under "{2}" at {3}' matches.append( RuleMatch( tree[:] + [2], message.format( second_key, map_name, first_key, "/".join(map(str, tree)), ), ) ) else: for key, value in mapping.items(): if value.get(second_key) is None: message = 'FindInMap second key "{0}" doesn\'t exist in map "{1}" under "{2}" at {3}' matches.append( RuleMatch( tree[:] + [2], message.format( second_key, map_name, key, "/".join(map(str, tree)), ), ) ) return matches def match(self, cfn): matches = [] findinmaps = cfn.search_deep_keys("Fn::FindInMap") mappings = cfn.get_mappings() for findinmap in findinmaps: tree = findinmap[:-1] map_obj = findinmap[-1] if len(map_obj) == 3: matches.extend(self.check_keys(map_obj[0], map_obj[1:], mappings, tree)) return matches
Name | Type | Size | Permission | Actions |
---|---|---|---|---|
__pycache__ | Folder | 0755 |
|
|
Base64.py | File | 1.72 KB | 0644 |
|
Cidr.py | File | 11.94 KB | 0644 |
|
DynamicReferenceSecureString.py | File | 5.72 KB | 0644 |
|
FindInMap.py | File | 11.25 KB | 0644 |
|
FindInMapKeys.py | File | 3.89 KB | 0644 |
|
GetAtt.py | File | 6.05 KB | 0644 |
|
GetAz.py | File | 2.76 KB | 0644 |
|
If.py | File | 1.45 KB | 0644 |
|
ImportValue.py | File | 2.45 KB | 0644 |
|
Join.py | File | 8.63 KB | 0644 |
|
Length.py | File | 3.31 KB | 0644 |
|
Not.py | File | 978 B | 0644 |
|
Ref.py | File | 1.02 KB | 0644 |
|
RefExist.py | File | 1.26 KB | 0644 |
|
RefInCondition.py | File | 1.36 KB | 0644 |
|
RelationshipConditions.py | File | 5.35 KB | 0644 |
|
Select.py | File | 4.41 KB | 0644 |
|
Split.py | File | 3.11 KB | 0644 |
|
Sub.py | File | 9.49 KB | 0644 |
|
SubNeeded.py | File | 5.48 KB | 0644 |
|
SubNotJoin.py | File | 2 KB | 0644 |
|
SubParametersUsed.py | File | 1.4 KB | 0644 |
|
SubUnneeded.py | File | 1.27 KB | 0644 |
|
ToJsonString.py | File | 1.75 KB | 0644 |
|
__init__.py | File | 106 B | 0644 |
|