github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/apigateway/no_public_access.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/apigateway/no_public_access.tf.go (about)

     1  package apigateway
     2  
     3  var terraformNoPublicAccessGoodExamples = []string{
     4  	`
     5   resource "aws_api_gateway_rest_api" "MyDemoAPI" {
     6  	
     7   }
     8  
     9   resource "aws_api_gateway_resource" "MyDemoResource" {
    10  	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
    11   }
    12  
    13   resource "aws_api_gateway_method" "good_example" {
    14     rest_api_id   = aws_api_gateway_rest_api.MyDemoAPI.id
    15     resource_id   = aws_api_gateway_resource.MyDemoResource.id
    16     http_method   = "GET"
    17     authorization = "AWS_IAM"
    18   }
    19   `, `
    20   resource "aws_api_gateway_rest_api" "MyDemoAPI" {
    21  	
    22   }
    23  
    24   resource "aws_api_gateway_resource" "MyDemoResource" {
    25  	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
    26   }
    27  
    28   resource "aws_api_gateway_method" "good_example" {
    29     rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
    30     resource_id      = aws_api_gateway_resource.MyDemoResource.id
    31     http_method      = "GET"
    32     authorization    = "NONE"
    33     api_key_required = true
    34   }
    35   `, `
    36   resource "aws_api_gateway_rest_api" "MyDemoAPI" {
    37  	
    38   }
    39  
    40   resource "aws_api_gateway_resource" "MyDemoResource" {
    41  	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
    42   }
    43  
    44   resource "aws_api_gateway_method" "good_example" {
    45     rest_api_id   = aws_api_gateway_rest_api.MyDemoAPI.id
    46     resource_id   = aws_api_gateway_resource.MyDemoResource.id
    47     http_method   = "OPTION"
    48     authorization = "NONE"
    49   }
    50   `,
    51  }
    52  
    53  var terraformNoPublicAccessBadExamples = []string{
    54  	`
    55   resource "aws_api_gateway_rest_api" "MyDemoAPI" {
    56  	
    57   }
    58  
    59   resource "aws_api_gateway_resource" "MyDemoResource" {
    60  	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
    61   }
    62  
    63   resource "aws_api_gateway_method" "bad_example" {
    64     rest_api_id   = aws_api_gateway_rest_api.MyDemoAPI.id
    65     resource_id   = aws_api_gateway_resource.MyDemoResource.id
    66     http_method   = "GET"
    67     authorization = "NONE"
    68   }
    69   `,
    70  }
    71  
    72  var terraformNoPublicAccessLinks = []string{
    73  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method#authorization`,
    74  }
    75  
    76  var terraformNoPublicAccessRemediationMarkdown = ``