From a019e71bfdf3c1d6b7e6a237c8bd71fa80025166 Mon Sep 17 00:00:00 2001 From: Kevin DeJong Date: Thu, 29 Aug 2024 08:47:43 -0700 Subject: [PATCH 1/2] Add more exceptions E1040 --- src/cfnlint/rules/functions/GetAttFormat.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/cfnlint/rules/functions/GetAttFormat.py b/src/cfnlint/rules/functions/GetAttFormat.py index 4d1bdb4377..91f5c1808a 100644 --- a/src/cfnlint/rules/functions/GetAttFormat.py +++ b/src/cfnlint/rules/functions/GetAttFormat.py @@ -33,6 +33,8 @@ def __init__(self): "AWS::ServiceCatalog::CloudFormationProvisionedProduct", ] + self._resource_type_attribute_exceptions = [("AWS::SSM::Parameter", "Value")] + def validate( self, validator: Validator, _, instance: Any, schema: Any ) -> ValidationResult: @@ -50,11 +52,15 @@ def validate( t, validator.context.regions ): region = regions[0] - getatt_ptr = validator.context.resources[resource].get_atts(region)[attr] if t in self._resource_type_exceptions: return + if (t, attr) in self._resource_type_attribute_exceptions: + return + + getatt_ptr = validator.context.resources[resource].get_atts(region)[attr] + getatt_schema = resource_schema.resolver.resolve_cfn_pointer(getatt_ptr) getatt_fmt = getatt_schema.get("format") if getatt_fmt != fmt: From b9fcf313596d3a1a7f580fd8633d08ab98ed9313 Mon Sep 17 00:00:00 2001 From: Kevin DeJong Date: Thu, 29 Aug 2024 08:50:00 -0700 Subject: [PATCH 2/2] Update format testing --- test/unit/rules/functions/test_getatt_format.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/test/unit/rules/functions/test_getatt_format.py b/test/unit/rules/functions/test_getatt_format.py index 24cc0cf540..e3b3d596b6 100644 --- a/test/unit/rules/functions/test_getatt_format.py +++ b/test/unit/rules/functions/test_getatt_format.py @@ -27,6 +27,7 @@ def template(): "MyProvisionedProduct": { "Type": "AWS::ServiceCatalog::CloudFormationProvisionedProduct" }, + "MySSMParameter": {"Type": "AWS::SSM::Parameter"}, }, } @@ -64,6 +65,12 @@ def template(): {"format": "AWS::EC2::SecurityGroup.GroupId"}, [], ), + ( + "Valid GetAtt because of exception with attribute", + ["MySSMParameter", "Value"], + {"format": "AWS::EC2::Image.Id"}, + [], + ), ( "Invalid GetAtt with a bad format", ["MyBucket", "Arn"],