-
Notifications
You must be signed in to change notification settings - Fork 598
/
Copy pathImageId.py
59 lines (51 loc) · 2.23 KB
/
ImageId.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0
"""
from collections import deque
from typing import Any
from cfnlint.helpers import FUNCTIONS
from cfnlint.jsonschema import Validator
from cfnlint.rules.jsonschema import CfnLintKeyword
class ImageId(CfnLintKeyword):
id = "W2506"
shortdesc = "Check if ImageId Parameters have the correct type"
description = (
"See if there are any refs for ImageId to a parameter "
+ "of inappropriate type. Appropriate Types are "
+ "[AWS::EC2::Image::Id, AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>]"
)
source_url = "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#parmtypes"
tags = ["parameters", "ec2", "imageid"]
def __init__(self):
super().__init__(
keywords=[
"Resources/AWS::AutoScaling::LaunchConfiguration/Properties/ImageId",
"Resources/AWS::Batch::ComputeEnvironment/Properties/ComputeResources/ImageId",
"Resources/AWS::Cloud9::EnvironmentEC2/Properties/ImageId",
"Resources/AWS::EC2::Instance/Properties/ImageId",
"Resources/AWS::EC2::LaunchTemplate/Properties/LaunchTemplateData/ImageId",
"Resources/AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/*/ImageId",
"Resources/AWS::ImageBuilder::Image/Properties/ImageId",
]
)
self.parent_rules = ["E1020"]
def validate(self, validator: Validator, _, instance: Any, schema: Any):
if any(fn in validator.context.path.path for fn in FUNCTIONS):
return
value = instance.get("Ref")
if value not in validator.context.parameters:
return
parameter_type = validator.context.parameters[value].type
for err in validator.descend(
instance=parameter_type,
schema={
"enum": [
"AWS::EC2::Image::Id",
"AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>",
]
},
):
err.rule = self
err.path_override = deque(["Parameters", value, "Type"])
yield err