def match()

in shared/lint/rules/custom_rules.py [0:0]

• 14 lines of code
• 5 McCabe index (conditional complexity)

    def match(self, cfn):
        """
        Match IAM roles that don't have conditions for events:PutEvents actions
        """

        matches = []

        roles = cfn.get_resources("AWS::IAM::Role")
        for role_name, role in roles.items():
            found = False
            for policy in role.get("Properties", {}).get("Policies", []):
                if self._match_policy(policy):
                    found = True

            if found:
                matches.append(RuleMatch(
                    ["Resources", role_name],
                    self._message.format(role_name)
                ))

        return matches