我收到此错误消息:
$ cfn_nag database/gitlab-rds-psql.cf.yml
{
"failure_count": 3,
"violations": [
{
"id": "F23",
"type": "FAIL",
"message": "RDS instance master user password must be Ref to NoEcho Parameter. Default credentials are not recommended",
"logical_resource_ids": [
"GitLabDB"
]
},
{
"id": "F24",
"type": "FAIL",
"message": "RDS instance master username must be Ref to NoEcho Parameter. Default credentials are not recommended",
"logical_resource_ids": [
"GitLabDB"
]
},
{
"id": "F22",
"type": "FAIL",
"message": "RDS instance should not be publicly accessible",
"logical_resource_ids": [
"GitLabDB"
]
}
]
}
但是我尝试在模板中将其设置为NoEcho:true:
GitLabDB:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceIdentifier: gitlab
AllocatedStorage: !Ref 'DBAllocatedStorage'
StorageType: gp2
DBInstanceClass: !Ref 'DBClass'
Engine: postgres
EngineVersion: 9.6.3
AutoMinorVersionUpgrade: true
BackupRetentionPeriod: 20
StorageEncrypted: !Ref EncryptData
DBName: gitlabhq_production
MasterUsername: gitlab
MasterUserPassword:
- !GetAtt DBPassword.RandomString
- NoEcho: true
DBSubnetGroupName: !Ref GitLabDBSubnetGroup
DBParameterGroupName: default.postgres9.6
MultiAZ: !Ref MultiAZ
VPCSecurityGroups:
- !Ref GitLabDBEC2SecurityGroup
Tags:
- Key: AlwaysOn
Value: true
- Key: Name
Value: GitLabDB
答案 0 :(得分:0)
NoEcho仅适用于import asyncio
import MySQLdb
async def test1():
conn = await MySQLdb.connect('host', 'user', 'password', 'db')
await conn.query('FIND * FROM table1')
conn.close()
return conn.store_result().fetch_row(numrows=0, how=1)
async def test1():
conn = await MySQLdb.connect('host', 'user', 'password', 'db')
await conn.query('FIND * FROM table2')
conn.close()
return conn.store_result().fetch_row(numrows=0, how=1)
if __name__ == '__main__':
loop = sayncio.get_event_loop()
loop.run_until_complete(asyncio.gather(test1(), test2()))
loop.close()
部分,不适用于Parameters部分。
我想应该是这样。
Properties