The CloudFormation Scanner can not currently follow complex conditional logic that uses CloudFormation references (Ref) or conditions (If). For example, a security group configured with inbound IP addresses set to the string “0.0.0.0/0” would trigger a failure while a reference of “Ref: SomeRefVar” would not.
What limitations does the CloudFormation scanner have? Print
Created by: Matt Fuller
Modified on: Sun, 10 Nov, 2019 at 11:59 AM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.