github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/enable_at_rest_encryption.cf.go (about) 1 package ec2 2 3 var cloudFormationEnableAtRestEncryptionGoodExamples = []string{ 4 `--- 5 Resources: 6 GoodExample: 7 Type: AWS::EC2::Instance 8 Properties: 9 ImageId: "ami-79fd7eee" 10 KeyName: "testkey" 11 UserData: export SSM_PATH=/database/creds 12 BlockDeviceMappings: 13 - DeviceName: "/dev/sdm" 14 Ebs: 15 Encrypted: True 16 VolumeType: "io1" 17 Iops: "200" 18 DeleteOnTermination: "false" 19 VolumeSize: "20" 20 21 `, 22 } 23 24 var cloudFormationEnableAtRestEncryptionBadExamples = []string{ 25 `--- 26 Resources: 27 BadExample: 28 Type: AWS::EC2::Instance 29 Properties: 30 ImageId: "ami-79fd7eee" 31 KeyName: "testkey" 32 UserData: export DATABASE_PASSWORD=password1234 33 BlockDeviceMappings: 34 - DeviceName: "/dev/sdm" 35 Ebs: 36 Encrypted: False 37 VolumeType: "io1" 38 Iops: "200" 39 DeleteOnTermination: "false" 40 VolumeSize: "20" 41 42 `, 43 } 44 45 var cloudFormationEnableAtRestEncryptionLinks = []string{} 46 47 var cloudFormationEnableAtRestEncryptionRemediationMarkdown = ``