github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/dynamodb/enable_at_rest_encryption.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/dynamodb/enable_at_rest_encryption.tf.go (about)

     1  package dynamodb
     2  
     3  var terraformEnableAtRestEncryptionGoodExamples = []string{
     4  	`
     5   resource "aws_dax_cluster" "good_example" {
     6   	// other DAX config
     7   
     8   	server_side_encryption {
     9   		enabled = true // enabled server side encryption
    10   	}
    11   }
    12   `,
    13  }
    14  
    15  var terraformEnableAtRestEncryptionBadExamples = []string{
    16  	`
    17   resource "aws_dax_cluster" "bad_example" {
    18   	// no server side encryption at all
    19   }
    20   
    21   resource "aws_dax_cluster" "bad_example" {
    22   	// other DAX config
    23   
    24   	server_side_encryption {
    25   		// empty server side encryption config
    26   	}
    27   }
    28   
    29   resource "aws_dax_cluster" "bad_example" {
    30   	// other DAX config
    31   
    32   	server_side_encryption {
    33   		enabled = false // disabled server side encryption
    34   	}
    35   }
    36   `,
    37  }
    38  
    39  var terraformEnableAtRestEncryptionLinks = []string{
    40  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dax_cluster#server_side_encryption`,
    41  }
    42  
    43  var terraformEnableAtRestEncryptionRemediationMarkdown = ``