github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/eks/AVD-AWS-0038/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/eks/AVD-AWS-0038/Terraform.md (about)

     1  
     2  Enable logging for the EKS control plane
     3  
     4  ```hcl
     5   resource "aws_eks_cluster" "good_example" {
     6       encryption_config {
     7           resources = [ "secrets" ]
     8           provider {
     9               key_arn = var.kms_arn
    10           }
    11       }
    12   
    13   	enabled_cluster_log_types = ["api", "authenticator", "audit", "scheduler", "controllerManager"]
    14   
    15       name = "good_example_cluster"
    16       role_arn = var.cluster_arn
    17       vpc_config {
    18           endpoint_public_access = false
    19       }
    20   }
    21   
    22  ```
    23  
    24  #### Remediation Links
    25   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabled_cluster_log_types
    26