fluidasserts.cloud.aws.cloudformation package

Fluid Asserts AWS cloud package.

Some rules were taken from CFN_NAG

class fluidasserts.cloud.aws.cloudformation.Vulnerability(path, entity, identifier, reason, line)

Bases: tuple

Create new instance of Vulnerability(path, entity, identifier, reason, line)

property entity

Alias for field number 1

property identifier

Alias for field number 2

property line

Alias for field number 4

property path

Alias for field number 0

property reason

Alias for field number 3

fluidasserts.cloud.aws.cloudformation.get_graph(path, exclude=None)

Returns a graph with all the templates inside the path

Return type

networkx.classes.digraph.DiGraph

fluidasserts.cloud.aws.cloudformation.get_predecessor(graph, node, label)

Returns the node of the first predecessor that contains the label.

Parameters
  • graph (networkx.classes.digraph.DiGraph) – Templates converted into a DiGraph.

  • node (int) – Id of node.

  • label (str) – Nodes that can be found within the predecessors.

Return type

int

fluidasserts.cloud.aws.cloudformation.get_ref_nodes(graph, node, condition=None)

Returns the value of a node the value of its reference.

If the node already has a value, the same node is returned, otherwise the references that meet the condition are searched.

Parameters
  • graph (networkx.classes.digraph.DiGraph) – Templates converted into a DiGraph.

  • node (int) – Id of node.

  • condition (typing.Optional[typing.Callable]) – Condition that the reference value must meet, a boolean must return.

Return type

typing.List[int]

fluidasserts.cloud.aws.cloudformation.get_templates(graph, exclude=None)

Returns the templates that are inside a graph.

Return type

typing.List[typing.Tuple[int, typing.Dict]]

fluidasserts.cloud.aws.cloudformation.get_type(graph, node, allowed_types)

Returns the predecessor that are within the allowed types.

Parameters
  • graph (networkx.classes.digraph.DiGraph) – Templates converted into a DiGraph.

  • node (int) – Id of node.

  • allowed_types (typing.Set[str]) – Nodes that can be found within the predecessors.

Return type

str

fluidasserts.cloud.aws.cloudformation.templates_as_graph(path, exclude=None)

Yield a graph with all the templates inside the path.

Return type

networkx.classes.digraph.DiGraph