github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/documentdb/encryption_customer_key.cf.go (about)

     1  package documentdb
     2  
     3  var cloudFormationEncryptionCustomerKeyGoodExamples = []string{
     4  	`---
     5  Resources:
     6    GoodExample:
     7      Type: "AWS::DocDB::DBCluster"
     8      Properties:
     9        BackupRetentionPeriod : 8
    10        DBClusterIdentifier : "sample-cluster"
    11        DBClusterParameterGroupName : "default.docdb3.6"
    12        KmsKeyId : "your-kms-key-id"
    13        EnableCloudwatchLogsExports:
    14        - audit
    15        - profiler
    16    InstanceInstanceExample:
    17      Type: "AWS::DocDB::DBInstance"
    18      Properties:
    19        AutoMinorVersionUpgrade: true
    20        AvailabilityZone: "us-east-1c"
    21        DBClusterIdentifier: "sample-cluster"
    22        DBInstanceClass: "db.r5.large"
    23        DBInstanceIdentifier: "sample-cluster-instance-0"
    24        PreferredMaintenanceWindow: "sat:06:54-sat:07:24"
    25  `,
    26  }
    27  
    28  var cloudFormationEncryptionCustomerKeyBadExamples = []string{
    29  	`---
    30   Resources:
    31    BadExample:
    32      Type: "AWS::DocDB::DBCluster"
    33      Properties:
    34        BackupRetentionPeriod: 8
    35        DBClusterIdentifier: sample-cluster
    36        DBClusterParameterGroupName: default.docdb3.6
    37    BadInstanceExample:
    38      Type: "AWS::DocDB::DBInstance"
    39      Properties:
    40        AutoMinorVersionUpgrade: true
    41        AvailabilityZone: us-east-1c
    42        DBClusterIdentifier: sample-cluster
    43        DBInstanceClass: db.r5.large
    44        DBInstanceIdentifier: sample-cluster-instance-0
    45        PreferredMaintenanceWindow: 'sat:06:54-sat:07:24'
    46  `,
    47  }
    48  
    49  var cloudFormationEncryptionCustomerKeyLinks = []string{}
    50  
    51  var cloudFormationEncryptionCustomerKeyRemediationMarkdown = ``