github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/cloudtrail/no_public_log_access.cf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/cloudtrail/no_public_log_access.cf.go (about)

     1  package cloudtrail
     2  
     3  var cloudFormationNoPublicLogAccessGoodExamples = []string{
     4  	`---
     5  Resources:
     6    GoodExampleTrail:
     7      Type: AWS::CloudTrail::Trail
     8      Properties:
     9        IsLogging: true
    10        S3BucketName: "my-bucket"
    11        TrailName: "Cloudtrail"
    12    GoodExampleBucket:
    13      Type: AWS::S3::Bucket
    14      Properties:
    15        BucketName: "my-bucket"
    16        AccessControl: Private
    17  `,
    18  }
    19  
    20  var cloudFormationNoPublicLogAccessBadExamples = []string{
    21  	`---
    22  Resources:
    23    BadExampleTrail:
    24      Type: AWS::CloudTrail::Trail
    25      Properties:
    26        IsLogging: true
    27        S3BucketName: "my-bucket"
    28        TrailName: "Cloudtrail"
    29    BadExampleBucket:
    30      Type: AWS::S3::Bucket
    31      Properties:
    32        BucketName: "my-bucket"
    33        AccessControl: AuthenticatedRead
    34  `,
    35  }
    36  
    37  var cloudFormationNoPublicLogAccessLinks = []string{}
    38  
    39  var cloudFormationNoPublicLogAccessRemediationMarkdown = ``