-
Notifications
You must be signed in to change notification settings - Fork 598
/
Copy pathCreationPolicy.py
102 lines (90 loc) · 3.48 KB
/
CreationPolicy.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0
"""
from __future__ import annotations
from typing import Any
from cfnlint.jsonschema import Validator
from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema
class CreationPolicy(CfnLintJsonSchema):
id = "E3055"
shortdesc = "Check CreationPolicy values for Resources"
description = "Check that the CreationPolicy values are valid"
source_url = "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-creationpolicy.html"
tags = ["resources", "creationPolicy"]
def __init__(self) -> None:
super().__init__(
keywords=["Resources/*/CreationPolicy"],
all_matches=True,
)
def _get_schema(self, resource_type: str) -> dict[str, Any]:
if resource_type == "AWS::AppStream::Fleet":
return {
"type": "object",
"additionalProperties": False,
"properties": {
"StartFleet": {
"additionalProperties": False,
"type": "object",
"properties": {"Type": {"type": "boolean"}},
}
},
}
if resource_type == "AWS::AutoScaling::AutoScalingGroup":
return {
"type": "object",
"additionalProperties": False,
"properties": {
"AutoScalingCreationPolicy": {
"type": "object",
"additionalProperties": False,
"properties": {
"MinSuccessfulInstancesPercent": {"type": "integer"}
},
},
"ResourceSignal": {
"additionalProperties": False,
"type": "object",
"properties": {
"Timeout": {"type": "string"},
"Count": {"type": "integer"},
},
},
},
}
if resource_type == "AWS::CloudFormation::WaitCondition":
return {
"type": "object",
"additionalProperties": False,
"properties": {
"ResourceSignal": {
"additionalProperties": False,
"type": "object",
"properties": {
"Timeout": {"type": "string"},
"Count": {"type": "integer"},
},
}
},
}
return {}
# pylint: disable=unused-argument, arguments-renamed
def validate(self, validator: Validator, dP: str, instance, schema):
resource_name = validator.context.path.path[1]
if not isinstance(resource_name, str):
return
resource_type = validator.context.resources[resource_name].type
validator = validator.evolve(
context=validator.context.evolve(
functions=[
"Fn::Sub",
"Fn::Select",
"Fn::FindInMap",
"Fn::If",
"Ref",
],
strict_types=False,
),
schema=self._get_schema(resource_type),
)
yield from self._iter_errors(validator, instance)