Skip to content

CFRipper

Build Status PyPI version

CFRipper is a Python tool that aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts.

Developing

The project comes with a set of commands you can use to run common operations:

  • make install: Installs run time dependencies.
  • make install-dev: Installs dev dependencies together with run time dependencies.
  • make freeze: Freezes dependencies from setup.py to requirements.txt (including transitive ones).
  • make lint: Runs static analysis.
  • make coverage: Runs all tests collecting coverage.
  • make test: Runs lint and component.

Contributing

See CONTRIBUTING.md file to add a contribution.

Attribution

Some of our rules were inspired by cfn-nag. We also use their example scripts in our test cases.