github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/as_no_secrets_in_user_data.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/as_no_secrets_in_user_data.tf.go (about)

     1  package ec2
     2  
     3  var terraformASNoSecretsInUserDataGoodExamples = []string{
     4  	`
     5   resource "aws_iam_instance_profile" "good_example" {
     6  		 // ...
     7   }
     8   
     9   resource "aws_launch_template" "good_example" {
    10  	 image_id      = "ami-12345667"
    11  	 instance_type = "t2.small"
    12   
    13  	 iam_instance_profile {
    14  		 name = aws_iam_instance_profile.good_profile.arn
    15  	 }
    16  	 user_data = <<EOF
    17  	 export GREETING=hello
    18  EOF
    19  }
    20   `,
    21  }
    22  
    23  var terraformASNoSecretsInUserDataBadExamples = []string{
    24  	`
    25   resource "aws_launch_template" "bad_example" {
    26   
    27  	 image_id      = "ami-12345667"
    28  	 instance_type = "t2.small"
    29   
    30  	 user_data = <<EOF
    31   export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
    32   export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
    33   export AWS_DEFAULT_REGION=us-west-2 
    34  EOF
    35  }
    36   `,
    37  }
    38  
    39  var terraformASNoSecretsInUserDataLinks = []string{
    40  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#user_data`,
    41  }
    42  
    43  var terraformASNoSecretsInUserDataRemediationMarkdown = ``