github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/dynamodb/table_customer_key.tf.go (about) 1 package dynamodb 2 3 var terraformTableCustomerKeyGoodExamples = []string{ 4 ` 5 resource "aws_kms_key" "dynamo_db_kms" { 6 enable_key_rotation = true 7 } 8 9 resource "aws_dynamodb_table" "good_example" { 10 name = "example" 11 hash_key = "TestTableHashKey" 12 billing_mode = "PAY_PER_REQUEST" 13 stream_enabled = true 14 stream_view_type = "NEW_AND_OLD_IMAGES" 15 16 attribute { 17 name = "TestTableHashKey" 18 type = "S" 19 } 20 21 replica { 22 region_name = "us-east-2" 23 } 24 25 replica { 26 region_name = "us-west-2" 27 } 28 29 server_side_encryption { 30 enabled = true 31 kms_key_arn = aws_kms_key.dynamo_db_kms.key_id 32 } 33 } 34 `, 35 } 36 37 var terraformTableCustomerKeyBadExamples = []string{ 38 ` 39 resource "aws_dynamodb_table" "bad_example" { 40 name = "example" 41 hash_key = "TestTableHashKey" 42 billing_mode = "PAY_PER_REQUEST" 43 stream_enabled = true 44 stream_view_type = "NEW_AND_OLD_IMAGES" 45 46 attribute { 47 name = "TestTableHashKey" 48 type = "S" 49 } 50 51 replica { 52 region_name = "us-east-2" 53 } 54 55 replica { 56 region_name = "us-west-2" 57 } 58 } 59 `, 60 } 61 62 var terraformTableCustomerKeyLinks = []string{ 63 `https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#server_side_encryption`, 64 } 65 66 var terraformTableCustomerKeyRemediationMarkdown = ``