search

aws-solutions / aws-control-tower-customizations

The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices.
https://docs.aws.amazon.com/controltower/latest/userguide/cfct-overview.html
Apache License 2.0
353 stars 205 forks source link

New CloudFormation features fail to deploy because cfn_nag is not longer maintained #197

Open word opened 1 week ago

word commented 1 week ago

Describe the bug

cfn_nag is no longer maintained (last update over two years ago) and is missing support for recent CloudFormation features such as Fn::ForEach:

It's not possible to work around this using the usual rule suppression mechanisms because cfn_nag itself is failing.

I would propose either removing cfn_nag or adding a parameter to disable it in the CfCT CloudFormation template.

To Reproduce Use CloudFormation features released in the last two years such as Fn::ForEach

Expected behavior CfCT should support all modern CloudFormation features.

Please complete the following information about the solution:

Additional context

Related issue: https://github.com/aws-solutions/aws-control-tower-customizations/issues/119

word commented 1 week ago

Another related issue: https://github.com/aws-solutions/aws-control-tower-customizations/issues/115