ECR Repository ScanOnPush Rule Issue - Githubissues

stelligent / cfn_nag

Linting tool for CloudFormation templates

MIT License

1.26k stars 212 forks source link

ECR Repository ScanOnPush Rule Issue #533

Closed tabdunabi closed 3 years ago

tabdunabi commented 3 years ago

CloudFormation ECR scanOnPush property has changed to ScanOnPush.

References to the changes: CloudFormation https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html

CDK AWS-ECR https://github.com/aws/aws-cdk/blob/278fba5df4a3d785e49bdb57ccf88fd34bacacbb/packages/%40aws-cdk/aws-ecr/lib/repository.ts#L453

Issue cfn_nag ScanOnPush rule is still checking for scanOnPush https://github.com/stelligent/cfn_nag/blob/master/lib/cfn-nag/custom_rules/ECRRepositoryScanOnPushRule.rb#L23

A warning is thrown by the rule even if the scan is enabled using the new property name.

pethers commented 3 years ago

Thanks for reporting this, have created a PR fixing this.