You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -173,6 +173,7 @@ The following **254** rules are applied by this linter:
173
173
|[E3511<aname="E3511"></a>](../src/cfnlint/rules/resources/iam/RoleArnPattern.py)| Validate IAM role arn pattern | Validate an IAM role arn pattern matches ||[Source](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)|`parameters`,`iam`|
174
174
|[E3512<aname="E3512"></a>](../src/cfnlint/rules/resources/iam/ResourcePolicy.py)| Validate resource based IAM polices | IAM resources polices are embedded JSON in CloudFormation. This rule validates those embedded policies. ||[Source](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html)|`resources`,`iam`|
175
175
|[E3513<aname="E3513"></a>](../src/cfnlint/rules/resources/iam/ResourceEcrPolicy.py)| Validate ECR repository policy | Private ECR repositories have a policy. This rule validates those policies. ||[Source](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html)|`resources`,`iam`,`ecr`|
176
+
|[E3514<aname="E3514"></a>](../src/cfnlint/rules/resources/iam/ResourcePolicyResourceArn.py)| Validate IAM resource policy resource ARNs | Validates an IAM resource policy has a compliant resource ARN ||[Source](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)|`parameters`,`iam`|
176
177
|[E3601<aname="E3601"></a>](../src/cfnlint/rules/resources/stepfunctions/StateMachineDefinition.py)| Validate the structure of a StateMachine definition | Validate the Definition or DefinitionString inside a AWS::StepFunctions::StateMachine resource ||[Source](https://docs.aws.amazon.com/step-functions/latest/dg/amazon-states-language-state-machine-structure.html)|`resources`,`statemachine`|
177
178
|[E3615<aname="E3615"></a>](../src/cfnlint/rules/resources/cloudwatch/AlarmPeriod.py)| Validate the period is a valid value | Valid values are 10, 30, 60, and any multiple of 60. ||[Source]()|`resources`,`cloudwatch`|
178
179
|[E3617<aname="E3617"></a>](../src/cfnlint/rules/resources/managedblockchain/NodeNodeConfigurationInstanceTypeEnum.py)| Validate ManagedBlockchain instance type | Validates the ManagedBlockchain instance types based on region and data gathered from the pricing APIs ||[Source]()|`resources`|
@@ -254,6 +255,7 @@ The following **254** rules are applied by this linter:
254
255
|[I3037<aname="I3037"></a>](../src/cfnlint/rules/resources/properties/UniqueItemsAllowed.py)| Check if a list that allows duplicates has any duplicates | Certain lists support duplicate items.Provide an alert when list of strings or numbers have repeats. ||[Source](https://github.com/aws-cloudformation/cfn-lint/blob/main/docs/rules.md#rules-1)|`resources`,`property`,`list`|
255
256
|[I3042<aname="I3042"></a>](../src/cfnlint/rules/resources/HardCodedArnProperties.py)| ARNs should use correctly placed Pseudo Parameters | Checks Resources if ARNs use correctly placed Pseudo Parameters instead of hardcoded Partition, Region, and Account Number | partition:boolean:True<br />region:boolean:False<br />accountId:boolean:False|[Source]()|`resources`|
256
257
|[I3100<aname="I3100"></a>](../src/cfnlint/rules/resources/PreviousGenerationInstanceType.py)| Checks for legacy instance type generations | New instance type generations increase performance and decrease cost ||[Source](https://aws.amazon.com/ec2/previous-generation/)|`resources`,`ec2`,`rds`,`elasticcache`,`elasticsearch`|
258
+
|[I3510<aname="I3510"></a>](../src/cfnlint/rules/resources/iam/StatementResources.py)| Validate statement resources match the actions | IAM policy statements have different constraints between actions and resources. This rule validates that resource ARNs or asterisks match the actions. ||[Source](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html)|`resources`,`iam`|
257
259
|[I6010<aname="I6010"></a>](../src/cfnlint/rules/outputs/ApproachingMaxProperties.py)| Output limit | Check the number of Outputs in the template is approaching the upper limit ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)|`outputs`,`limits`|
258
260
|[I6011<aname="I6011"></a>](../src/cfnlint/rules/outputs/ApproachingMaxLength.py)| Output name limit | Check the size of Output names in the template is approaching the upper limit ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)|`outputs`,`limits`|
259
261
|[I7002<aname="I7002"></a>](../src/cfnlint/rules/mappings/ApproachingMaxLength.py)| Mapping name limit | Check the size of Mapping names in the template is approaching the upper limit ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)|`mappings`,`limits`|
@@ -272,6 +274,7 @@ The following **254** rules are applied by this linter:
272
274
|[W1036<aname="W1036"></a>](../src/cfnlint/rules/functions/GetAzResolved.py)| Validate the values that come from a Fn::GetAZs function | Resolve the Fn::GetAZs and then validate the values against the schema ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getavailabilityzones.html)|`functions`,`getazs`|
273
275
|[W1040<aname="W1040"></a>](../src/cfnlint/rules/functions/ToJsonStringResolved.py)| Validate the values that come from a Fn::ToJsonString function | Resolve the Fn::ToJsonString and then validate the values against the schema ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ToJsonString.html)|`functions`,`tojsonstring`|
274
276
|[W1051<aname="W1051"></a>](../src/cfnlint/rules/functions/DynamicReferenceSecretsManagerArn.py)| Validate dynamic references to secrets manager are not used when a secrets manager ARN was expected | Certain properties expect a secret manager ARN. This rule validates if you may be accidently using a secret in place of the ARN ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager)|`functions`,`dynamic reference`|
277
+
|[W1100<aname="W1100"></a>](../src/cfnlint/rules/aws_cli/UsingMerge.py)| Validate if the template is using YAML merge | The CloudFormation service does not support YAML anchors, aliases, or merging. This rule validates if the merge capability is being used ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-formats.html)|`yaml`|
275
278
|[W2001<aname="W2001"></a>](../src/cfnlint/rules/parameters/Used.py)| Check if Parameters are Used | Making sure the parameters defined are used ||[Source](https://github.com/aws-cloudformation/cfn-lint)|`parameters`|
276
279
|[W2010<aname="W2010"></a>](../src/cfnlint/rules/parameters/NoEcho.py)| NoEcho parameters are not masked when used in Metadata and Outputs | Using the NoEcho attribute does not mask any information stored in the following: Metadata, Outputs, Resource Metadata ||[Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html)|`functions`,`dynamic reference`,`ref`|
277
280
|[W2030<aname="W2030"></a>](../src/cfnlint/rules/parameters/Enum.py)| Check if parameters have a valid value | Check if parameters have a valid value in case of an enumator. The Parameter's allowed values is based on the usages in property (Ref) ||[Source](https://github.com/aws-cloudformation/cfn-lint/blob/main/docs/cfn-schema-specification.md#enum)|`parameters`,`resources`,`property`,`allowed value`|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments