All Resources

This class is used for all resource types that we haven't had time to implement yet

Properties:

• Properties: A IAM Group properties object.

More info at AWS Docs

Properties:

• GroupName: Name of the group.
• ManagedPolicyArns: ARN of the IAM policies to attach.
• Path: Path to the group. See IAM Identifiers.
• Policies: Inline policies embedded in the IAM group.

More info at AWS Docs

Properties:

• Properties: A IAM Managed Policy properties object.

More info at AWS Docs

Properties:

• Description: Description of the policy.
• Groups: Friendly name of the IAM groups to attach the policy to.
• ManagedPolicyName: Name of the policy.
• Path: Path to the policy.
• PolicyDocument: A policy document object.
• Roles: Friendly name of the IAM roles to attach the policy to.
• Users: Friendly name of the IAM users to attach the policy to.

More info at AWS Docs

Properties:

• Properties: A IAM Policy properties object.

More info at AWS Docs

Properties:

• Groups: Friendly name of the IAM groups to attach the policy to.
• PolicyDocument: A policy document object.
• PolicyName: Name of the policy.
• Roles: Friendly name of the IAM roles to attach the policy to.
• Users: Friendly name of the IAM users to attach the policy to.

More info at AWS Docs

Properties:

• Properties: A IAM Role properties object.

More info at AWS Docs

Properties:

• AssumeRolePolicyDocument: A policy document object.
• ManagedPolicyArns: List of ARNs of the IAM managed policies to attach.
• MaxSessionDuration: Maximum session duration (in seconds).
• Path: Path to the role.
• PermissionsBoundary: ARN of the policy used to set the permissions boundary.
• Policies: A list of policy objects.
• RoleName: Name of the role.

More info at AWS Docs

Properties:

• Properties: A IAM User properties object.

More info at AWS Docs

47
48
49
50
51
52
53
54
55

def has_hardcoded_credentials(self) -> bool:
    """ Returns True if login profile password contains a hardcoded string, otherwise False. """
    if self.Properties:
        login_profile = self.Properties.LoginProfile
        if login_profile and login_profile.get("Password"):
            if login_profile["Password"] != Parameter.NO_ECHO_NO_DEFAULT:
                return True

    return super().has_hardcoded_credentials()

Properties:

• Groups: List of groups to attach.
• LoginProfile: Name and password for the user.
• ManagedPolicyArns: List of ARNs of the IAM managed policies to attach.
• Path: Path to the user.
• PermissionsBoundary: ARN of the policy used to set the permissions boundary.
• Policies: A list of policy objects.
• UserName: Name of the user.

More info at AWS Docs

Properties:

• Properties: A KMS Key properties object.

More info at AWS Docs

Properties:

• Description: Description of the CMK.
• EnableKeyRotation: Enables automatic rotation of the key for the customer master key.
• Enabled: Specifies whether the customer master key (CMK) is enabled.
• KeyPolicy: A policy document object.
• KeyUsage: Determines the cryptographic operations.
• PendingWindowInDays: Number of days in the waiting period before AWS KMS deletes a CMK that has been removed from a CloudFormation stack.
• Tags: Array of key-value pairs.

More info at AWS Docs

Properties:

• Properties: A S3 Bucket Policy Properties object.

More info at AWS Docs

Properties:

• Bucket: Name of the Amazon S3 bucket to which the policy applies.
• PolicyDocument: A policy document object.

More info at AWS Docs

Properties:

• Properties: A Security Group Properties object.

More info at AWS Docs

Properties:

• GroupDescription: Description for the security group.
• GroupName: Name of the security group.
• SecurityGroupEgress: Outbound rules associated with the security group.
• SecurityGroupIngress: Inbound rules associated with the security group.
• Tags: Array of key-value pairs.
• VpcId: ID of the VPC for the security group.

More info at AWS Docs

Properties:

• Properties: A Security Group Egress Properties object.

More info at AWS Docs

Properties:

• CidrIp: IPv4 address range.
• CidrIpv6: IPv6 address range.
• Description: Description for the security group rule.
• DestinationPrefixListId: The prefix list IDs for an AWS service.
• DestinationSecurityGroupId: ID of the destination VPC security group.
• FromPort: Start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types.
• GroupId: ID of the security group.
• IpProtocol: IP protocol name.
• ToPort: End of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes.

More info at AWS Docs

Properties:

• Properties: A Security Group Ingress Properties object.

More info at AWS Docs

Properties:

• CidrIp: IPv4 address range.
• CidrIpv6: IPv6 address range.
• Description: Description for the security group rule.
• FromPort: Start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types.
• GroupId: ID of the security group.
• GroupName: Name of the security group.
• IpProtocol: IP protocol name.
• SourcePrefixListId: The prefix list IDs for an AWS service.
• SourceSecurityGroupId: ID of the security group.
• SourceSecurityGroupName: Name of the source security group.
• SourceSecurityGroupOwnerId: AWS account ID for the source security group.
• ToPort: End of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes.

More info at AWS Docs

Properties:

• Properties: A SNS Topic Policy object.

More info at AWS Docs

Properties:

• PolicyDocument: A policy document object.
• Topics: ARNs of the topics to add the policy.

More info at AWS Docs

Properties:

• Properties: A SQS Queue Policy Properties object.

More info at AWS Docs

Properties:

• PolicyDocument: A policy document object.
• Queues: URLs of the queues to add the policy.

More info at AWS Docs