in qs_cfn_lint_rules/IAMPartition.py [0:0]
def verify_agnostic_partition(cfn, resource_path, arndata):
def _not_partition_agnostic_str(arnstr):
if re.search('^arn:aws(-*)?', arnstr):
return True
def _not_partition_agnostic_list(resource_path, arnlist):
matches = []
for idx, subitem in enumerate(arnlist):
if isinstance(subitem, six.string_types):
if _not_partition_agnostic_str(subitem):
matches.append(resource_path + [idx])
elif isinstance(subitem, dict):
matches += _not_partition_agnostic_dict(resource_path + [idx], subitem)
elif isinstance(subitem, list):
matches += _not_partition_agnostic_list(resource_path + [idx], subitem)
return matches
def _not_partition_agnostic_dict(resource_path, subitem):
matches = []
for key, value in subitem.items():
if not key == 'Fn::Sub':
return []
if isinstance(value, list):
if len(value) == 2:
sub_str = value[0]
params = value[1]
if _not_partition_agnostic_str(sub_str):
matches.append(resource_path + [key, 0])
elif isinstance(value, six.string_types):
if _not_partition_agnostic_str(value):
matches.append(resource_path)
return matches
matches = []
if isinstance(arndata, six.string_types):
if _not_partition_agnostic_str(arndata):
matches.append(RuleMatch(resource_path, LINT_ERROR_MESSAGE))
elif hasattr(arndata, 'update'):
_t = arndata.copy()
if isinstance(_t, dict):
lm = _not_partition_agnostic_dict(resource_path, arndata)
for rp in lm:
matches.append(RuleMatch(rp, LINT_ERROR_MESSAGE))
elif hasattr(arndata, 'copy'):
_t = arndata.copy()
if isinstance(arndata, list):
lm = _not_partition_agnostic_list(resource_path, _t)
for rp in lm:
matches.append(RuleMatch(rp, LINT_ERROR_MESSAGE))
return matches