github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/cloudfront/enable_waf.cf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/cloudfront/enable_waf.cf.go (about)

     1  package cloudfront
     2  
     3  var cloudFormationEnableWafGoodExamples = []string{
     4  	`---
     5  Resources:
     6    GoodExample:
     7      Properties:
     8        DistributionConfig:
     9          DefaultCacheBehavior:
    10            TargetOriginId: target
    11            ViewerProtocolPolicy: https-only
    12          Enabled: true
    13          Logging:
    14            Bucket: logging-bucket
    15          Origins:
    16            - DomainName: https://some.domain
    17              Id: somedomain1
    18          WebACLId: waf_id
    19      Type: AWS::CloudFront::Distribution
    20  `,
    21  }
    22  
    23  var cloudFormationEnableWafBadExamples = []string{
    24  	`---
    25  Resources:
    26    BadExample:
    27      Properties:
    28        DistributionConfig:
    29          DefaultCacheBehavior:
    30            TargetOriginId: target
    31            ViewerProtocolPolicy: https-only
    32          Enabled: true
    33          Logging:
    34            Bucket: logging-bucket
    35          Origins:
    36            - DomainName: https://some.domain
    37              Id: somedomain1
    38      Type: AWS::CloudFront::Distribution
    39  `,
    40  }
    41  
    42  var cloudFormationEnableWafLinks = []string{}
    43  
    44  var cloudFormationEnableWafRemediationMarkdown = ``