in src/helper.py [0:0]
def compare_template_items(dynamodb_item, cp_template):
"""Does the actual DynamoDB rule and CloudFormation Template compare
Args:
dynamodb_item (dict): Security / governance rule policy to scan against
cp_template (dict): AWS CodePipeline CloudFormation Template
Returns:
:obj: Returns scan results
"""
_result = ""
_order_result = True
logger.info(f"DynamoDB Item:{dynamodb_item}")
logger.info("Determining whether DynamoDB Item is scanning for a Stage or an Action")
dyn_scan_stages = dynamodb_item['Contents'].get('Stages')
dyn_scan_actions = dynamodb_item['Contents'].get('Actions')
if dyn_scan_stages:
if len(dyn_scan_stages) > 1:
_order_result = check_for_stage_order(dyn_scan_stages, cp_template['Stages'])
for dyn_scan_stage in dyn_scan_stages:
_result = scan_for_stage(dyn_scan_stage, cp_template['Stages'])
elif dyn_scan_actions:
for dyn_scan_action in dyn_scan_actions:
_result = scan_for_action(dyn_scan_action, cp_template['Stages'])
if _result and _order_result:
return f"Passed:{dynamodb_item['RuleNumber']}"
return f"Failed:{dynamodb_item}"