cdk-validator-cfnguard icon indicating copy to clipboard operation
cdk-validator-cfnguard copied to clipboard

Published 20 hours ago verified publisher icon cdklabs

Disabled rules are ignored

Open ukrainiansteak opened this issue 1 year ago • 0 comments

We are using aws-cdk version 2.92.0, Python 3.8 and cdklabs.cdk-validator-cfnguard 0.0.54

After defining the app stack the following way:

app = cdk.App(
    policy_validation_beta1=[
        CfnGuardValidator(
            control_tower_rules_enabled=True,
            disabled_rules=["ct-lambda-pr-3"]
        )
    ]
)

We are still getting the error:

Description: [CT.LAMBDA.PR.3]: Require an AWS Lambda function to be in a customer-managed Amazon Virtual Private Cloud (VPC)
  How to fix: [FIX]: In 'VpcConfig', provide the 'SubnetIds' property with one or more Subnet IDs, and provide the 'SecurityGroupIds' property with one or more Security Group IDs.
  Rule Metadata: 
        DocumentationUrl: https://github.com/cdklabs/cdk-validator-cfnguard#bundled-control-tower-rules

After I downgraded to v0.0.51 it started working properly. However, since it says in release notes for v0.0.54 that this problem was fixed, I figured it would make sense if I reported the issue.

ukrainiansteak avatar Aug 23 '23 12:08 ukrainiansteak