github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/cloudfront/enforce_https.cf.go (about) 1 package cloudfront 2 3 var cloudFormationEnforceHttpsGoodExamples = []string{ 4 `--- 5 Resources: 6 GoodExample: 7 Properties: 8 DistributionConfig: 9 DefaultCacheBehavior: 10 TargetOriginId: target 11 ViewerProtocolPolicy: https-only 12 Enabled: true 13 Logging: 14 Bucket: logging-bucket 15 Origins: 16 - DomainName: https://some.domain 17 Id: somedomain1 18 WebACLId: waf_id 19 Type: AWS::CloudFront::Distribution 20 `, 21 } 22 23 var cloudFormationEnforceHttpsBadExamples = []string{ 24 `--- 25 Resources: 26 BadExample: 27 Properties: 28 DistributionConfig: 29 DefaultCacheBehavior: 30 TargetOriginId: target 31 ViewerProtocolPolicy: allow-all 32 Enabled: true 33 Logging: 34 Bucket: logging-bucket 35 Origins: 36 - DomainName: https://some.domain 37 Id: somedomain1 38 WebACLId: waf_id 39 Type: AWS::CloudFront::Distribution 40 `, 41 } 42 43 var cloudFormationEnforceHttpsLinks = []string{} 44 45 var cloudFormationEnforceHttpsRemediationMarkdown = ``