forked from aws-cloudformation/cfn-lint
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathLimitValue.py
72 lines (57 loc) · 2.85 KB
/
LimitValue.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0
"""
from cfnlint.rules import CloudFormationLintRule
from cfnlint.rules import RuleMatch
from cfnlint.helpers import LIMITS
class LimitValue(CloudFormationLintRule):
"""Check if maximum Parameter value size limit is exceeded"""
id = 'E2012'
shortdesc = 'Parameter value limit not exceeded'
description = 'Check if the size of Parameter values in the template is less than the upper limit'
source_url = 'https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html'
tags = ['parameters', 'limits']
def match(self, cfn):
matches = []
value_limit = LIMITS['Parameters']['value']
# There are no real "Values" in the template, check the "meta" information
# (Default, AllowedValue and MaxLength) against the limit
for paramname, paramvalue in cfn.get_parameters_valid().items():
# Check Default value
default_value = paramvalue.get('Default')
if isinstance(default_value, (str)):
if len(default_value) > value_limit:
path = ['Parameters', paramname, 'Default']
message = 'The length of parameter default value ({0}) exceeds the limit ({1})'
matches.append(
RuleMatch(path, message.format(len(default_value), value_limit))
)
# Check MaxLength parameters
max_length = paramvalue.get('MaxLength', 0)
if isinstance(max_length, (str)):
try:
max_length = int(max_length)
except ValueError:
# Configuration errors are not the responsibility of this rule
max_length = 0
if isinstance(max_length, int):
if max_length > value_limit:
path = ['Parameters', paramname, 'MaxLength']
message = 'The MaxLength of parameter ({0}) exceeds the limit ({1})'
matches.append(
RuleMatch(path, message.format(max_length, value_limit))
)
# Check AllowedValues
allowed_values = paramvalue.get('AllowedValues', [])
for allowed_value in allowed_values:
if isinstance(allowed_value, (str)):
if len(allowed_value) > value_limit:
path = ['Parameters', paramname, 'AllowedValues']
message = 'The length of parameter allowed value ({0}) exceeds the limit ({1})'
matches.append(
RuleMatch(
path, message.format(len(allowed_value), value_limit)
)
)
return matches