404

[ Avaa Bypassed ]




Upload:

Command:

botdev@3.23.60.252: ~ $
"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0
"""
from cfnlint.helpers import valid_snapshot_types
from cfnlint.rules import CloudFormationLintRule, RuleMatch


class UpdateReplacePolicy(CloudFormationLintRule):
    """Check Base Resource Configuration"""

    id = "E3036"
    shortdesc = "Check UpdateReplacePolicy values for Resources"
    description = "Check that the UpdateReplacePolicy values are valid"
    source_url = "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html"
    tags = ["resources", "updatereplacepolicy"]

    def check_value(self, key, path, res_type, has_lang_exten_transform):
        """Check resource names for UpdateReplacePolicy"""
        matches = []

        valid_values = ["Delete", "Retain", "Snapshot"]

        supported_functions = ["Fn::FindInMap", "Fn::If", "Ref"]

        supported_functions_joined = ", ".join(supported_functions)

        if has_lang_exten_transform and isinstance(key, dict):
            if len(key) == 1:
                for index_key, _ in key.items():
                    if index_key not in supported_functions:
                        message = (
                            "UpdateReplacePolicy only supports one of the "
                            + supported_functions_joined
                            + " intrinsic functions for {0}"
                        )
                        matches.append(
                            RuleMatch(path, message.format("/".join(map(str, path))))
                        )
            else:
                message = "UpdateReplacePolicy should have one mapping for {0}"
                matches.append(
                    RuleMatch(path, message.format("/".join(map(str, path))))
                )
        else:
            if not isinstance(key, (str)):
                message = "UpdateReplacePolicy values should be of string at {0}"
                matches.append(
                    RuleMatch(path, message.format("/".join(map(str, path))))
                )
                return matches
            if key not in valid_values:
                message = "UpdateReplacePolicy should be only one of {0} at {1}"
                matches.append(
                    RuleMatch(
                        path,
                        message.format(
                            ", ".join(map(str, valid_values)), "/".join(map(str, path))
                        ),
                    )
                )
            if key == "Snapshot" and res_type not in valid_snapshot_types:
                message = "UpdateReplacePolicy cannot be Snapshot for resources of type {0} at {1}"
                matches.append(
                    RuleMatch(path, message.format(res_type, "/".join(map(str, path))))
                )

        return matches

    def match(self, cfn):
        matches = []

        resources = cfn.get_resources()

        for resource_name, resource_values in resources.items():
            updatereplace_policies = resource_values.get("UpdateReplacePolicy")
            if updatereplace_policies:
                path = ["Resources", resource_name, "UpdateReplacePolicy"]
                res_type = resource_values.get("Type")
                self.logger.debug(
                    "Validating UpdateReplacePolicy for %s base configuration",
                    resource_name,
                )
                if isinstance(updatereplace_policies, list):
                    message = "Only one UpdateReplacePolicy allowed per resource at {0}"
                    matches.append(
                        RuleMatch(path, message.format("/".join(map(str, path))))
                    )
                else:
                    has_lang_exten_transform = cfn.has_language_extensions_transform()
                    matches.extend(
                        self.check_value(
                            updatereplace_policies,
                            path,
                            res_type,
                            has_lang_exten_transform,
                        )
                    )

        return matches

Filemanager

Name Type Size Permission Actions
__pycache__ Folder 0755
backup Folder 0755
certificatemanager Folder 0755
cloudformation Folder 0755
cloudfront Folder 0755
codepipeline Folder 0755
dynamodb Folder 0755
ecs Folder 0755
ectwo Folder 0755
elasticache Folder 0755
elb Folder 0755
events Folder 0755
iam Folder 0755
lmbd Folder 0755
properties Folder 0755
rds Folder 0755
route53 Folder 0755
stepfunctions Folder 0755
updatepolicy Folder 0755
ApproachingLimitName.py File 686 B 0644
ApproachingLimitNumber.py File 690 B 0644
BothUpdateReplacePolicyDeletionPolicyNeeded.py File 1.74 KB 0644
CircularDependency.py File 1.18 KB 0644
Configuration.py File 6.97 KB 0644
DeletionPolicy.py File 3.91 KB 0644
DependsOn.py File 2.7 KB 0644
DependsOnObsolete.py File 3.01 KB 0644
HardCodedArnProperties.py File 4.71 KB 0644
LimitName.py File 704 B 0644
LimitNumber.py File 692 B 0644
Modules.py File 2.8 KB 0644
Name.py File 688 B 0644
NoEcho.py File 3.2 KB 0644
PreviousGenerationInstanceType.py File 4.2 KB 0644
ResourceSchema.py File 1.74 KB 0644
RetentionPeriodOnResourceTypesWithAutoExpiringContent.py File 6.42 KB 0644
ServerlessTransform.py File 1.59 KB 0644
UniqueNames.py File 924 B 0644
UpdateReplacePolicy.py File 4.07 KB 0644
UpdateReplacePolicyDeletionPolicyOnStatefulResourceTypes.py File 2.09 KB 0644
__init__.py File 106 B 0644