def _get_no_echo_params(self, cfn):
""" Get no Echo Params"""
no_echo_params = []
for parameter_name, parameter_value in cfn.get_parameters().items():
noecho = parameter_value.get('NoEcho', default=False)
if bool_compare(noecho, True):
no_echo_params.append(parameter_name)
return no_echo_params
def _test_cluster_settings(self, properties, path, pg_properties, pg_path, cfn, scenario):
""" test for each scenario """
results = []
pg_conditions = cfn.get_conditions_from_path(cfn.template, pg_path)
# test to make sure that any condition that may apply to the path for the Ref
# is not applicable
if pg_conditions and scenario:
for c_name, c_value in scenario.items():
if c_name in pg_conditions:
if c_value not in pg_conditions.get(c_name):
return results
if self.is_cluster_enabled(cfn.get_value_from_scenario(pg_properties, scenario)):
c_props = cfn.get_value_from_scenario(properties, scenario)
automatic_failover = c_props.get('AutomaticFailoverEnabled')
if bool_compare(automatic_failover, False):
pathmessage = path[:] + ['AutomaticFailoverEnabled']
if scenario is None:
message = '"AutomaticFailoverEnabled" must be misssing or True when setting up a cluster at {0}'
results.append(
RuleMatch(pathmessage, message.format('/'.join(map(str, pathmessage)))))
else:
message = '"AutomaticFailoverEnabled" must be misssing or True when setting up a cluster when {0} at {1}'
scenario_text = ' and '.join(
['when condition "%s" is %s' % (k, v) for (k, v) in scenario.items()])
results.append(
RuleMatch(pathmessage, message.format(scenario_text, '/'.join(map(str, pathmessage)))))
num_node_groups = c_props.get('NumNodeGroups')
if not num_node_groups:
# only test cache nodes if num node groups aren't specified
num_cache_nodes = c_props.get('NumCacheClusters', 0)
if num_cache_nodes <= 1:
pathmessage = path[:] + ['NumCacheClusters']
if scenario is None:
message = '"NumCacheClusters" must be greater than one when creating a cluster at {0}'
results.append(
RuleMatch(pathmessage, message.format('/'.join(map(str, pathmessage)))))
else:
message = '"NumCacheClusters" must be greater than one when creating a cluster when {0} at {1}'
scenario_text = ' and '.join(
['when condition "%s" is %s' % (k, v) for (k, v) in scenario.items()])
results.append(
RuleMatch(pathmessage, message.format(scenario_text, '/'.join(map(str, pathmessage)))))
return results
def match(self, cfn):
matches = []
no_echo_params = []
parameters = cfn.get_parameters()
for parameter_name, parameter_value in parameters.items():
noecho = parameter_value.get('NoEcho', default=False)
if bool_compare(noecho, True):
no_echo_params.append(parameter_name)
if not no_echo_params:
return no_echo_params
resource_properties = cfn.get_resources()
resource_dict = {
key: resource_properties[key]
for key in resource_properties
if isinstance(resource_properties[key], dict)
}
for resource_name, resource_values in resource_dict.items():
resource_values = {
key: resource_values[key]
for key in resource_values
if isinstance(resource_values[key], dict)
}
metadata = resource_values.get('Metadata', {})
if metadata is not None:
for prop_name, properties in metadata.items():
if isinstance(properties, dict):
for property_value in properties.values():
for param in no_echo_params and no_echo_params:
if str(property_value).find(str(param)) > -1:
path = [
'Resources', resource_name, 'Metadata',
prop_name
]
matches.append(
RuleMatch(
path,
'As the resource "metadata" section contains '
'reference to a "NoEcho" parameter '
+ str(param) +
', CloudFormation will display the parameter value in '
'plaintext'))
return matches