github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/documentdb/enable_log_export.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/documentdb/enable_log_export.tf.go (about)

     1  package documentdb
     2  
     3  var terraformEnableLogExportGoodExamples = []string{
     4  	`
     5   resource "aws_docdb_cluster" "good_example" {
     6     cluster_identifier      = "my-docdb-cluster"
     7     engine                  = "docdb"
     8     master_username         = "foo"
     9     master_password         = "mustbeeightchars"
    10     backup_retention_period = 5
    11     preferred_backup_window = "07:00-09:00"
    12     skip_final_snapshot     = true
    13     enabled_cloudwatch_logs_exports = "audit"
    14   }
    15   `,
    16  }
    17  
    18  var terraformEnableLogExportBadExamples = []string{
    19  	`
    20   resource "aws_docdb_cluster" "bad_example" {
    21     cluster_identifier      = "my-docdb-cluster"
    22     engine                  = "docdb"
    23     master_username         = "foo"
    24     master_password         = "mustbeeightchars"
    25     backup_retention_period = 5
    26     preferred_backup_window = "07:00-09:00"
    27     skip_final_snapshot     = true
    28     enabled_cloudwatch_logs_exports = "something"
    29   }
    30   `,
    31  }
    32  
    33  var terraformEnableLogExportLinks = []string{
    34  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports`,
    35  }
    36  
    37  var terraformEnableLogExportRemediationMarkdown = ``