Skip to content

API Reference

Constructs

PDKNagApp

Initializers

import software.aws.pdk.pdk_nag.PDKNagApp;

PDKNagApp.Builder.create()
//  .analyticsReporting(java.lang.Boolean)
//  .autoSynth(java.lang.Boolean)
//  .context(java.util.Map<java.lang.String, java.lang.Object>)
//  .defaultStackSynthesizer(IReusableStackSynthesizer)
//  .outdir(java.lang.String)
//  .policyValidationBeta1(java.util.List<IPolicyValidationPluginBeta1>)
//  .postCliContext(java.util.Map<java.lang.String, java.lang.Object>)
//  .stackTraces(java.lang.Boolean)
//  .treeMetadata(java.lang.Boolean)
//  .failOnError(java.lang.Boolean)
//  .failOnWarning(java.lang.Boolean)
//  .nagPacks(java.util.List<NagPack>)
    .build();
Name Type Description
analyticsReporting java.lang.Boolean Include runtime versioning information in the Stacks of this app.
autoSynth java.lang.Boolean Automatically call synth() before the program exits.
context java.util.Map Additional context values for the application.
defaultStackSynthesizer software.amazon.awscdk.IReusableStackSynthesizer The stack synthesizer to use by default for all Stacks in the App.
outdir java.lang.String The output directory into which to emit synthesized artifacts.
policyValidationBeta1 java.util.List Validation plugins to run after synthesis.
postCliContext java.util.Map Additional context values for the application.
stackTraces java.lang.Boolean Include construct creation stack trace in the aws:cdk:trace metadata key of all constructs.
treeMetadata java.lang.Boolean Include construct tree metadata as part of the Cloud Assembly.
failOnError java.lang.Boolean Determines whether any errors encountered should trigger a test failure.
failOnWarning java.lang.Boolean Determines whether any warnings encountered should trigger a test failure.
nagPacks java.util.List Custom nag packs to execute.

analyticsReportingOptional
  • Type: java.lang.Boolean
  • Default: Value of 'aws:cdk:version-reporting' context key

Include runtime versioning information in the Stacks of this app.


autoSynthOptional
  • Type: java.lang.Boolean
  • Default: true if running via CDK CLI (CDK_OUTDIR is set), false otherwise

Automatically call synth() before the program exits.

If you set this, you don't have to call synth() explicitly. Note that this feature is only available for certain programming languages, and calling synth() is still recommended.


contextOptional
  • Type: java.util.Map
  • Default: no additional context

Additional context values for the application.

Context set by the CLI or the context key in cdk.json has precedence.

Context can be read from any construct using node.getContext(key).


defaultStackSynthesizerOptional
  • Type: software.amazon.awscdk.IReusableStackSynthesizer
  • Default: A DefaultStackSynthesizer with default settings

The stack synthesizer to use by default for all Stacks in the App.

The Stack Synthesizer controls aspects of synthesis and deployment, like how assets are referenced and what IAM roles to use. For more information, see the README of the main CDK package.


outdirOptional
  • Type: java.lang.String
  • Default: If this value is not set, considers the environment variable CDK_OUTDIR. If CDK_OUTDIR is not defined, uses a temp directory.

The output directory into which to emit synthesized artifacts.

You should never need to set this value. By default, the value you pass to the CLI's --output flag will be used, and if you change it to a different directory the CLI will fail to pick up the generated Cloud Assembly.

This property is intended for internal and testing use.


policyValidationBeta1Optional
  • Type: java.util.List
  • Default: no validation plugins

Validation plugins to run after synthesis.


postCliContextOptional
  • Type: java.util.Map
  • Default: no additional context

Additional context values for the application.

Context provided here has precedence over context set by:

  • The CLI via --context
  • The context key in cdk.json
  • The AppProps.context property

This property is recommended over the AppProps.context property since you can make final decision over which context value to take in your app.

Context can be read from any construct using node.getContext(key).


Example

// context from the CLI and from `cdk.json` are stored in the
// CDK_CONTEXT env variable
const cliContext = JSON.parse(process.env.CDK_CONTEXT!);

// determine whether to take the context passed in the CLI or not
const determineValue = process.env.PROD ? cliContext.SOMEKEY : 'my-prod-value';
new App({
  postCliContext: {
    SOMEKEY: determineValue,
  },
});
stackTracesOptional
  • Type: java.lang.Boolean
  • Default: true stack traces are included unless aws:cdk:disable-stack-trace is set in the context.

Include construct creation stack trace in the aws:cdk:trace metadata key of all constructs.


treeMetadataOptional
  • Type: java.lang.Boolean
  • Default: true

Include construct tree metadata as part of the Cloud Assembly.


failOnErrorOptional
  • Type: java.lang.Boolean
  • Default: false

Determines whether any errors encountered should trigger a test failure.


failOnWarningOptional
  • Type: java.lang.Boolean
  • Default: false

Determines whether any warnings encountered should trigger a test failure.


nagPacksOptional
  • Type: java.util.List
  • Default: DEFAULT_NAG_PACKS

Custom nag packs to execute.


Methods

Name Description
toString Returns a string representation of this construct.
synth Synthesize this stage into a cloud assembly.
addExtendedNagResults No description.
addNagResult No description.
extendedNagResults Returns a list of ExtendedNagResult.
nagResults Returns a list of NagResult.

toString
public java.lang.String toString()

Returns a string representation of this construct.

synth
public CloudAssembly synth()
public CloudAssembly synth(StageSynthesisOptions options)

Synthesize this stage into a cloud assembly.

Once an assembly has been synthesized, it cannot be modified. Subsequent calls will return the same assembly.

optionsOptional
  • Type: software.amazon.awscdk.StageSynthesisOptions

addExtendedNagResults
public void addExtendedNagResults(ExtendedNagResult results)
resultsRequired

addNagResult
public void addNagResult(NagResult result)
resultRequired

extendedNagResults
public java.util.List<ExtendedNagResult> extendedNagResults()

Returns a list of ExtendedNagResult.

Note: app.synth() must be called before this to retrieve results.

nagResults
public java.util.List<NagResult> nagResults()

Returns a list of NagResult.

Note: app.synth() must be called before this to retrieve results.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isStage Test whether the given construct is a stage.
of Return the stage this construct is contained with, if available.
isApp Checks if an object is an instance of the App class.

isConstruct
import software.aws.pdk.pdk_nag.PDKNagApp;

PDKNagApp.isConstruct(java.lang.Object x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: java.lang.Object

Any object.


isStage
import software.aws.pdk.pdk_nag.PDKNagApp;

PDKNagApp.isStage(java.lang.Object x)

Test whether the given construct is a stage.

xRequired
  • Type: java.lang.Object

of
import software.aws.pdk.pdk_nag.PDKNagApp;

PDKNagApp.of(IConstruct construct)

Return the stage this construct is contained with, if available.

If called on a nested stage, returns its parent.

constructRequired
  • Type: software.constructs.IConstruct

isApp
import software.aws.pdk.pdk_nag.PDKNagApp;

PDKNagApp.isApp(java.lang.Object obj)

Checks if an object is an instance of the App class.

objRequired
  • Type: java.lang.Object

The object to evaluate.


Properties

Name Type Description
node software.constructs.Node The tree node.
artifactId java.lang.String Artifact ID of the assembly if it is a nested stage. The root stage (app) will return an empty string.
assetOutdir java.lang.String The cloud assembly asset output directory.
outdir java.lang.String The cloud assembly output directory.
policyValidationBeta1 java.util.List Validation plugins to run during synthesis.
stageName java.lang.String The name of the stage.
account java.lang.String The default account for all resources defined within this stage.
parentStage software.amazon.awscdk.Stage The parent stage or undefined if this is the app.
region java.lang.String The default region for all resources defined within this stage.
nagPacks java.util.List No description.

nodeRequired
public Node getNode();
  • Type: software.constructs.Node

The tree node.


artifactIdRequired
public java.lang.String getArtifactId();
  • Type: java.lang.String

Artifact ID of the assembly if it is a nested stage. The root stage (app) will return an empty string.

Derived from the construct path.


assetOutdirRequired
public java.lang.String getAssetOutdir();
  • Type: java.lang.String

The cloud assembly asset output directory.


outdirRequired
public java.lang.String getOutdir();
  • Type: java.lang.String

The cloud assembly output directory.


policyValidationBeta1Required
public java.util.List<IPolicyValidationPluginBeta1> getPolicyValidationBeta1();
  • Type: java.util.List
  • Default: no validation plugins are used

Validation plugins to run during synthesis.

If any plugin reports any violation, synthesis will be interrupted and the report displayed to the user.


stageNameRequired
public java.lang.String getStageName();
  • Type: java.lang.String

The name of the stage.

Based on names of the parent stages separated by hypens.


accountOptional
public java.lang.String getAccount();
  • Type: java.lang.String

The default account for all resources defined within this stage.


parentStageOptional
public Stage getParentStage();
  • Type: software.amazon.awscdk.Stage

The parent stage or undefined if this is the app.

*


regionOptional
public java.lang.String getRegion();
  • Type: java.lang.String

The default region for all resources defined within this stage.


nagPacksRequired
public java.util.List<NagPack> getNagPacks();
  • Type: java.util.List

Structs

ExtendedNagResult

Represents the result of applying a CDK Nag rule to a resource.

Initializer

import software.aws.pdk.pdk_nag.ExtendedNagResult;

ExtendedNagResult.builder()
    .compliance(NagResultCompliance)
    .nagPackName(java.lang.String)
    .resource(CfnResource)
    .ruleExplanation(java.lang.String)
    .ruleId(java.lang.String)
    .ruleInfo(java.lang.String)
    .ruleLevel(NagMessageLevel)
    .ruleOriginalName(java.lang.String)
//  .errorMessage(java.lang.String)
//  .findingId(java.lang.String)
//  .suppressionReason(java.lang.String)
    .build();

Properties

Name Type Description
compliance NagResultCompliance Compliance status of the rule against the resource.
nagPackName java.lang.String The name of the nag pack this rule is from.
resource software.amazon.awscdk.CfnResource The resource the rule was applied to.
ruleExplanation java.lang.String Why the rule exists.
ruleId java.lang.String The ID of the rule in this nag pack.
ruleInfo java.lang.String Why the rule was triggered.
ruleLevel io.github.cdklabs.cdknag.NagMessageLevel The severity level of the rule.
ruleOriginalName java.lang.String The original name of the rule (regardless of nag pack).
errorMessage java.lang.String The error that was thrown, only set for error results.
findingId java.lang.String The finding that was checked, only set for non-compliant results.
suppressionReason java.lang.String The reason the rule was suppressed, if any.

complianceRequired
public NagResultCompliance getCompliance();

Compliance status of the rule against the resource.


nagPackNameRequired
public java.lang.String getNagPackName();
  • Type: java.lang.String

The name of the nag pack this rule is from.


resourceRequired
public CfnResource getResource();
  • Type: software.amazon.awscdk.CfnResource

The resource the rule was applied to.


ruleExplanationRequired
public java.lang.String getRuleExplanation();
  • Type: java.lang.String

Why the rule exists.


ruleIdRequired
public java.lang.String getRuleId();
  • Type: java.lang.String

The ID of the rule in this nag pack.


ruleInfoRequired
public java.lang.String getRuleInfo();
  • Type: java.lang.String

Why the rule was triggered.


ruleLevelRequired
public NagMessageLevel getRuleLevel();
  • Type: io.github.cdklabs.cdknag.NagMessageLevel

The severity level of the rule.


ruleOriginalNameRequired
public java.lang.String getRuleOriginalName();
  • Type: java.lang.String

The original name of the rule (regardless of nag pack).


errorMessageOptional
public java.lang.String getErrorMessage();
  • Type: java.lang.String

The error that was thrown, only set for error results.


findingIdOptional
public java.lang.String getFindingId();
  • Type: java.lang.String

The finding that was checked, only set for non-compliant results.


suppressionReasonOptional
public java.lang.String getSuppressionReason();
  • Type: java.lang.String

The reason the rule was suppressed, if any.


Message

Message instance.

Initializer

import software.aws.pdk.pdk_nag.Message;

Message.builder()
    .messageDescription(java.lang.String)
    .messageType(java.lang.String)
    .build();

Properties

Name Type Description
messageDescription java.lang.String Message description.
messageType java.lang.String Message type as returned from cdk-nag.

messageDescriptionRequired
public java.lang.String getMessageDescription();
  • Type: java.lang.String

Message description.


messageTypeRequired
public java.lang.String getMessageType();
  • Type: java.lang.String

Message type as returned from cdk-nag.


NagResult

Nag result.

Initializer

import software.aws.pdk.pdk_nag.NagResult;

NagResult.builder()
    .messages(java.util.List<Message>)
    .resource(java.lang.String)
    .build();

Properties

Name Type Description
messages java.util.List<Message> List of messages.
resource java.lang.String Resource which triggered the message.

messagesRequired
public java.util.List<Message> getMessages();

List of messages.


resourceRequired
public java.lang.String getResource();
  • Type: java.lang.String

Resource which triggered the message.


PDKNagAppProps

Initializer

import software.aws.pdk.pdk_nag.PDKNagAppProps;

PDKNagAppProps.builder()
//  .analyticsReporting(java.lang.Boolean)
//  .autoSynth(java.lang.Boolean)
//  .context(java.util.Map<java.lang.String, java.lang.Object>)
//  .defaultStackSynthesizer(IReusableStackSynthesizer)
//  .outdir(java.lang.String)
//  .policyValidationBeta1(java.util.List<IPolicyValidationPluginBeta1>)
//  .postCliContext(java.util.Map<java.lang.String, java.lang.Object>)
//  .stackTraces(java.lang.Boolean)
//  .treeMetadata(java.lang.Boolean)
//  .failOnError(java.lang.Boolean)
//  .failOnWarning(java.lang.Boolean)
//  .nagPacks(java.util.List<NagPack>)
    .build();

Properties

Name Type Description
analyticsReporting java.lang.Boolean Include runtime versioning information in the Stacks of this app.
autoSynth java.lang.Boolean Automatically call synth() before the program exits.
context java.util.Map Additional context values for the application.
defaultStackSynthesizer software.amazon.awscdk.IReusableStackSynthesizer The stack synthesizer to use by default for all Stacks in the App.
outdir java.lang.String The output directory into which to emit synthesized artifacts.
policyValidationBeta1 java.util.List Validation plugins to run after synthesis.
postCliContext java.util.Map Additional context values for the application.
stackTraces java.lang.Boolean Include construct creation stack trace in the aws:cdk:trace metadata key of all constructs.
treeMetadata java.lang.Boolean Include construct tree metadata as part of the Cloud Assembly.
failOnError java.lang.Boolean Determines whether any errors encountered should trigger a test failure.
failOnWarning java.lang.Boolean Determines whether any warnings encountered should trigger a test failure.
nagPacks java.util.List Custom nag packs to execute.

analyticsReportingOptional
public java.lang.Boolean getAnalyticsReporting();
  • Type: java.lang.Boolean
  • Default: Value of 'aws:cdk:version-reporting' context key

Include runtime versioning information in the Stacks of this app.


autoSynthOptional
public java.lang.Boolean getAutoSynth();
  • Type: java.lang.Boolean
  • Default: true if running via CDK CLI (CDK_OUTDIR is set), false otherwise

Automatically call synth() before the program exits.

If you set this, you don't have to call synth() explicitly. Note that this feature is only available for certain programming languages, and calling synth() is still recommended.


contextOptional
public java.util.Map<java.lang.String, java.lang.Object> getContext();
  • Type: java.util.Map
  • Default: no additional context

Additional context values for the application.

Context set by the CLI or the context key in cdk.json has precedence.

Context can be read from any construct using node.getContext(key).


defaultStackSynthesizerOptional
public IReusableStackSynthesizer getDefaultStackSynthesizer();
  • Type: software.amazon.awscdk.IReusableStackSynthesizer
  • Default: A DefaultStackSynthesizer with default settings

The stack synthesizer to use by default for all Stacks in the App.

The Stack Synthesizer controls aspects of synthesis and deployment, like how assets are referenced and what IAM roles to use. For more information, see the README of the main CDK package.


outdirOptional
public java.lang.String getOutdir();
  • Type: java.lang.String
  • Default: If this value is not set, considers the environment variable CDK_OUTDIR. If CDK_OUTDIR is not defined, uses a temp directory.

The output directory into which to emit synthesized artifacts.

You should never need to set this value. By default, the value you pass to the CLI's --output flag will be used, and if you change it to a different directory the CLI will fail to pick up the generated Cloud Assembly.

This property is intended for internal and testing use.


policyValidationBeta1Optional
public java.util.List<IPolicyValidationPluginBeta1> getPolicyValidationBeta1();
  • Type: java.util.List
  • Default: no validation plugins

Validation plugins to run after synthesis.


postCliContextOptional
public java.util.Map<java.lang.String, java.lang.Object> getPostCliContext();
  • Type: java.util.Map
  • Default: no additional context

Additional context values for the application.

Context provided here has precedence over context set by:

  • The CLI via --context
  • The context key in cdk.json
  • The AppProps.context property

This property is recommended over the AppProps.context property since you can make final decision over which context value to take in your app.

Context can be read from any construct using node.getContext(key).


Example

// context from the CLI and from `cdk.json` are stored in the
// CDK_CONTEXT env variable
const cliContext = JSON.parse(process.env.CDK_CONTEXT!);

// determine whether to take the context passed in the CLI or not
const determineValue = process.env.PROD ? cliContext.SOMEKEY : 'my-prod-value';
new App({
  postCliContext: {
    SOMEKEY: determineValue,
  },
});
stackTracesOptional
public java.lang.Boolean getStackTraces();
  • Type: java.lang.Boolean
  • Default: true stack traces are included unless aws:cdk:disable-stack-trace is set in the context.

Include construct creation stack trace in the aws:cdk:trace metadata key of all constructs.


treeMetadataOptional
public java.lang.Boolean getTreeMetadata();
  • Type: java.lang.Boolean
  • Default: true

Include construct tree metadata as part of the Cloud Assembly.


failOnErrorOptional
public java.lang.Boolean getFailOnError();
  • Type: java.lang.Boolean
  • Default: false

Determines whether any errors encountered should trigger a test failure.


failOnWarningOptional
public java.lang.Boolean getFailOnWarning();
  • Type: java.lang.Boolean
  • Default: false

Determines whether any warnings encountered should trigger a test failure.


nagPacksOptional
public java.util.List<NagPack> getNagPacks();
  • Type: java.util.List
  • Default: DEFAULT_NAG_PACKS

Custom nag packs to execute.


Classes

AwsPrototypingChecks

Check best practices for prototypes.

Initializers

import software.aws.pdk.pdk_nag.AwsPrototypingChecks;

AwsPrototypingChecks.Builder.create()
//  .additionalLoggers(java.util.List<INagLogger>)
//  .logIgnores(java.lang.Boolean)
//  .reportFormats(java.util.List<NagReportFormat>)
//  .reports(java.lang.Boolean)
//  .suppressionIgnoreCondition(INagSuppressionIgnore)
//  .verbose(java.lang.Boolean)
    .build();
Name Type Description
additionalLoggers java.util.List Additional NagLoggers for logging rule validation outputs.
logIgnores java.lang.Boolean Whether or not to log suppressed rule violations as informational messages (default: false).
reportFormats java.util.List If reports are enabled, the output formats of compliance reports in the App's output directory (default: only CSV).
reports java.lang.Boolean Whether or not to generate compliance reports for applied Stacks in the App's output directory (default: true).
suppressionIgnoreCondition io.github.cdklabs.cdknag.INagSuppressionIgnore Conditionally prevent rules from being suppressed (default: no user provided condition).
verbose java.lang.Boolean Whether or not to enable extended explanatory descriptions on warning, error, and logged ignore messages (default: false).

additionalLoggersOptional
  • Type: java.util.List

Additional NagLoggers for logging rule validation outputs.


logIgnoresOptional
  • Type: java.lang.Boolean

Whether or not to log suppressed rule violations as informational messages (default: false).


reportFormatsOptional
  • Type: java.util.List

If reports are enabled, the output formats of compliance reports in the App's output directory (default: only CSV).


reportsOptional
  • Type: java.lang.Boolean

Whether or not to generate compliance reports for applied Stacks in the App's output directory (default: true).


suppressionIgnoreConditionOptional
  • Type: io.github.cdklabs.cdknag.INagSuppressionIgnore

Conditionally prevent rules from being suppressed (default: no user provided condition).


verboseOptional
  • Type: java.lang.Boolean

Whether or not to enable extended explanatory descriptions on warning, error, and logged ignore messages (default: false).


Methods

Name Description
visit Check if CfnResource and apply rules.

visit
public void visit(IConstruct node)

Check if CfnResource and apply rules.

nodeRequired
  • Type: software.constructs.IConstruct

Properties

Name Type Description
readPackName java.lang.String No description.

readPackNameRequired
public java.lang.String getReadPackName();
  • Type: java.lang.String

PDKNag

Helper for create a Nag Enabled App.

Initializers

import software.aws.pdk.pdk_nag.PDKNag;

new PDKNag();
Name Type Description

Static Functions

Name Description
addResourceSuppressionsByPathNoThrow Wrapper around NagSuppressions which does not throw.
app Returns an instance of an App with Nag enabled.
getStackAccountRegex Returns a stack account regex.
getStackPartitionRegex Returns a stack partition regex.
getStackPrefix Returns a prefix comprising of a delimited set of Stack Ids.
getStackRegionRegex Returns a stack region regex.

addResourceSuppressionsByPathNoThrow
import software.aws.pdk.pdk_nag.PDKNag;

PDKNag.addResourceSuppressionsByPathNoThrow(Stack stack, java.lang.String path, java.util.List<NagPackSuppression> suppressions),PDKNag.addResourceSuppressionsByPathNoThrow(Stack stack, java.lang.String path, java.util.List<NagPackSuppression> suppressions, java.lang.Boolean applyToChildren)

Wrapper around NagSuppressions which does not throw.

stackRequired
  • Type: software.amazon.awscdk.Stack

stack instance.


pathRequired
  • Type: java.lang.String

resource path.


suppressionsRequired
  • Type: java.util.List

list of suppressions to apply.


applyToChildrenOptional
  • Type: java.lang.Boolean

whether to apply to children.


app
import software.aws.pdk.pdk_nag.PDKNag;

PDKNag.app(),PDKNag.app(PDKNagAppProps props)

Returns an instance of an App with Nag enabled.

propsOptional

props to initialize the app with.


getStackAccountRegex
import software.aws.pdk.pdk_nag.PDKNag;

PDKNag.getStackAccountRegex(Stack stack)

Returns a stack account regex.

stackRequired
  • Type: software.amazon.awscdk.Stack

stack instance.


getStackPartitionRegex
import software.aws.pdk.pdk_nag.PDKNag;

PDKNag.getStackPartitionRegex(Stack stack)

Returns a stack partition regex.

stackRequired
  • Type: software.amazon.awscdk.Stack

stack instance.


getStackPrefix
import software.aws.pdk.pdk_nag.PDKNag;

PDKNag.getStackPrefix(Stack stack)

Returns a prefix comprising of a delimited set of Stack Ids.

For example: StackA/NestedStackB/

stackRequired
  • Type: software.amazon.awscdk.Stack

stack instance.


getStackRegionRegex
import software.aws.pdk.pdk_nag.PDKNag;

PDKNag.getStackRegionRegex(Stack stack)

Returns a stack region regex.

stackRequired
  • Type: software.amazon.awscdk.Stack

stack instance.


Enums

NagResultCompliance

Possible statuses for nag rules.

Members

Name Description
COMPLIANT Resource complies with the rule.
NON_COMPLIANT Resource does not comply with the rule.
NON_COMPLIANT_SUPPRESSED Resource does not comply with the rule, but the rule was suppressed.
ERROR An error occurred applying the rule.
ERROR_SUPPRESSED An error occurred applying the rule, but the rule was suppressed.
NOT_APPLICABLE The rule is not applicable to the resource.

COMPLIANT

Resource complies with the rule.


NON_COMPLIANT

Resource does not comply with the rule.


NON_COMPLIANT_SUPPRESSED

Resource does not comply with the rule, but the rule was suppressed.


ERROR

An error occurred applying the rule.


ERROR_SUPPRESSED

An error occurred applying the rule, but the rule was suppressed.


NOT_APPLICABLE

The rule is not applicable to the resource.



Last update: 2024-12-20