cloudformation-guard
cloudformation-guard copied to clipboard
Published
20 hours ago •
aws-cloudformation
aws-cloudformation
Fix the example for resources that do not support the Tags property
Issue #, if available:
Tests "FAIL" for CloudFormation resources that do not support the Tags property.
Description of changes:
Add resources that do not support the Tag property as an exclusion. Also, remove the example from other examples.
Each region's CloudFormation resource specification can be found at https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-resource-specification.html.
Example of resources in us-east-1 that do not support the Tags property:
curl https://d1uauaxba7bl26.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json|gunzip | jq -r '.ResourceTypes | keys_unsorted[] as $resourceKey | { "name": "\($resourceKey)", "tags": ."\($resourceKey)".Properties.Tags } | select( ."tags" == null)|.name' | sort -u
Any resource in any region that did not support the Tags property has been added.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license
FYI: List was generated by this script:
#!/bin/sh
set -e
# The locations are derived from https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-resource-specification.html
curl https://dnwj8swjjbsbt.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip > CloudFormationResourceSpecification.njson;
curl https://d1uauaxba7bl26.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d68hl49wbnanq.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d201a2mn26r7lk.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-af-south-1-prod.s3.af-south-1.amazonaws.com/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-ap-east-1-prod.s3.ap-east-1.amazonaws.com/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-ap-southeast-3-prod.s3.ap-southeast-3.amazonaws.com/latest/CloudFormationResourceSpecification.json >> CloudFormationResourceSpecification.njson;
curl https://d2senuesg1djtx.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d2zq80gdmjim8k.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d1ane3fvebulky.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://doigdx0kgq9el.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d2stg8d246z9di.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d33vqc0rt9ld30.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d2s8ygphhesbe7.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-cn-north-1-prod.s3.cn-north-1.amazonaws.com.cn/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-cn-northwest-1-prod.s3.cn-northwest-1.amazonaws.com.cn/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d1mta8qj7i28i2.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d3teyb21fexa9r.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d1742qcu2c1ncx.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d2d0mfegowb3wk.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://diy8iv58sj6ba.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-eu-south-1-prod.s3.eu-south-1.amazonaws.com/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://cfn-resource-specifications-me-south-1-prod.s3.me-south-1.amazonaws.com/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://d3c9jyj3w509b0.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json | gunzip >> CloudFormationResourceSpecification.njson;
curl https://s3.us-gov-east-1.amazonaws.com/cfn-resource-specifications-us-gov-east-1-prod/latest/CloudFormationResourceSpecification.json >> CloudFormationResourceSpecification.njson;
curl https://s3.us-gov-west-1.amazonaws.com/cfn-resource-specifications-us-gov-west-1-prod/latest/CloudFormationResourceSpecification.json >> CloudFormationResourceSpecification.njson;
cat CloudFormationResourceSpecification.njson | jq -r '.ResourceTypes | keys_unsorted[] as $resourceKey | { "name": "\($resourceKey)", "tags": ."\($resourceKey)".Properties.Tags } | select( ."tags" == null)|.name' | sort -u;