"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0
"""
import regex as re
from jsonschema import ValidationError, validate
from cfnlint.helpers import (
FN_PREFIX,
PSEUDOPARAMS,
REGEX_DYN_REF,
REGISTRY_SCHEMAS,
UNCONVERTED_SUFFIXES,
)
from cfnlint.rules import CloudFormationLintRule, RuleMatch
class ResourceSchema(CloudFormationLintRule):
id = "E3000"
shortdesc = "Resource schema"
description = "CloudFormation Registry resource schema validation"
source_url = (
"https://github.com/aws-cloudformation/aws-cloudformation-resource-schema/"
)
tags = ["resources"]
def match(self, cfn):
matches = []
for schema in REGISTRY_SCHEMAS:
resource_type = schema["typeName"]
for resource_name, resource_values in cfn.get_resources(
[resource_type]
).items():
properties = resource_values.get("Properties", {})
# ignoring resources with CloudFormation template syntax in Properties
if (
not re.match(REGEX_DYN_REF, str(properties))
and not any(
x in str(properties)
for x in PSEUDOPARAMS + UNCONVERTED_SUFFIXES
)
and FN_PREFIX not in str(properties)
):
try:
validate(properties, schema)
except ValidationError as e:
matches.append(
RuleMatch(
["Resources", resource_name, "Properties"], e.message
)
)
return matches
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| __pycache__ | Folder | 0755 |
|
|
| backup | Folder | 0755 |
|
|
| certificatemanager | Folder | 0755 |
|
|
| cloudformation | Folder | 0755 |
|
|
| cloudfront | Folder | 0755 |
|
|
| codepipeline | Folder | 0755 |
|
|
| dynamodb | Folder | 0755 |
|
|
| ecs | Folder | 0755 |
|
|
| ectwo | Folder | 0755 |
|
|
| elasticache | Folder | 0755 |
|
|
| elb | Folder | 0755 |
|
|
| events | Folder | 0755 |
|
|
| iam | Folder | 0755 |
|
|
| lmbd | Folder | 0755 |
|
|
| properties | Folder | 0755 |
|
|
| rds | Folder | 0755 |
|
|
| route53 | Folder | 0755 |
|
|
| stepfunctions | Folder | 0755 |
|
|
| updatepolicy | Folder | 0755 |
|
|
| ApproachingLimitName.py | File | 686 B | 0644 |
|
| ApproachingLimitNumber.py | File | 690 B | 0644 |
|
| BothUpdateReplacePolicyDeletionPolicyNeeded.py | File | 1.74 KB | 0644 |
|
| CircularDependency.py | File | 1.18 KB | 0644 |
|
| Configuration.py | File | 6.97 KB | 0644 |
|
| DeletionPolicy.py | File | 3.91 KB | 0644 |
|
| DependsOn.py | File | 2.7 KB | 0644 |
|
| DependsOnObsolete.py | File | 3.01 KB | 0644 |
|
| HardCodedArnProperties.py | File | 4.71 KB | 0644 |
|
| LimitName.py | File | 704 B | 0644 |
|
| LimitNumber.py | File | 692 B | 0644 |
|
| Modules.py | File | 2.8 KB | 0644 |
|
| Name.py | File | 688 B | 0644 |
|
| NoEcho.py | File | 3.2 KB | 0644 |
|
| PreviousGenerationInstanceType.py | File | 4.2 KB | 0644 |
|
| ResourceSchema.py | File | 1.74 KB | 0644 |
|
| RetentionPeriodOnResourceTypesWithAutoExpiringContent.py | File | 6.42 KB | 0644 |
|
| ServerlessTransform.py | File | 1.59 KB | 0644 |
|
| UniqueNames.py | File | 924 B | 0644 |
|
| UpdateReplacePolicy.py | File | 4.07 KB | 0644 |
|
| UpdateReplacePolicyDeletionPolicyOnStatefulResourceTypes.py | File | 2.09 KB | 0644 |
|
| __init__.py | File | 106 B | 0644 |
|