in cfn-lint-custom-rules/rules/AMSSecurityGroupIngress.py [0:0]
def validate_security_groups(self, resources, allowed_security_group_ingress_rules):
"""Validate security group resources"""
for resource_name, rblock in resources.items():
if "SecurityGroupIngress" in rblock["Properties"]:
rproperties = rblock["Properties"]
rules = rproperties["SecurityGroupIngress"]
# Check if a list of ingress rules has been supplied
if isinstance(rules, list):
for rule in rules:
self.validate_security_group_rule(
rule, allowed_security_group_ingress_rules, resource_name
)
# Else check if an object is supplied - should contain a single ingress rule
elif isinstance(rules, dict):
self.validate_security_group_rule(
rules, allowed_security_group_ingress_rules, resource_name
)
elif rblock["Type"] == "AWS::EC2::SecurityGroupIngress":
rule = rblock["Properties"]
self.validate_security_group_rule(
rule, allowed_security_group_ingress_rules, resource_name
)