cdk-validator-cfnguard icon indicating copy to clipboard operation
cdk-validator-cfnguard copied to clipboard

Published 20 hours ago verified publisher icon cdklabs

Error: TypeError: Cannot read properties of undefined (reading 'to')

Open thijsdev opened this issue 1 year ago • 0 comments

When I run a cdk synth with the controlTowerRulesEnabled enabled I run into the following error.

Performing Policy Validations

Validation Report
-----------------

╔════════════════════════════════════╗
║           Plugin Report            ║
║   Plugin: cdk-validator-cfnguard   ║
║   Version: 0.0.54                  ║
║   Status: failure                  ║
╚════════════════════════════════════╝


Metadata:
	error: Validation plugin 'cdk-validator-cfnguard' failed:
        CfnGuardValidator plugin failed processing cfn-guard results.
        Please create an issue https://github.com/cdklabs/cdk-validator-cfnguard/issues/new
        Error: TypeError: Cannot read properties of undefined (reading 'to')

Policy Validation Report Summary

╔════════════════════════╤═════════╗
║ Plugin                 │ Status  ║
╟────────────────────────┼─────────╢
║ cdk-validator-cfnguard │ failure ║
╚════════════════════════╧═════════╝

Validation failed. See the validation report above for details

Subprocess exited with error 1

When I run the template agains the cfn-guard executable directly I get:

synthed.yml Status = FAIL
FAILED rules
ct-rds-pr-11.guard/rds_instance_deployed_in_vpc_check    FAIL
---
Evaluation of rules ct-rds-pr-11.guard against data synthed.yml
--
Property traversed until [] in data [synthed.yml] is not compliant with [rds_instance_deployed_in_vpc_check] due to retrieval error. Error Message [Could not find key AWSTemplateFormatVersion inside struct at path [L:0,C:0]]
Parameterized Rule check failed for synthed.yml. Reason ;         [CT.RDS.PR.11]: Require an Amazon RDS database instance to have a VPC configuration;         [FIX]: Set a 'DBSubnetGroupName'.;
--
Rule [rds_instance_deployed_in_vpc_check] is not applicable for template [synthed.yml]
--
synthed.yml Status = FAIL
FAILED rules
ct-rds-pr-13.guard/rds_instance_deletion_protection_enabled_check    FAIL
---
Evaluating data synthed.yml against rules ct-rds-pr-13.guard
Number of non-compliant resources 1
...

Not sure why this is going on.

thijsdev avatar Sep 28 '23 11:09 thijsdev