github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/no_secrets_in_user_data.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/no_secrets_in_user_data.tf.go (about)

     1  package ec2
     2  
     3  var terraformNoSecretsInUserDataGoodExamples = []string{
     4  	`
     5   resource "aws_iam_instance_profile" "good_example" {
     6  		 // ...
     7   }
     8   
     9   resource "aws_instance" "good_example" {
    10  	 ami           = "ami-12345667"
    11  	 instance_type = "t2.small"
    12   
    13  	 iam_instance_profile = aws_iam_instance_profile.good_profile.arn
    14   
    15  	 user_data = <<EOF
    16  	 export GREETING=hello
    17   EOF
    18   }
    19   `,
    20  }
    21  
    22  var terraformNoSecretsInUserDataBadExamples = []string{
    23  	`
    24   resource "aws_instance" "bad_example" {
    25   
    26  	 ami           = "ami-12345667"
    27  	 instance_type = "t2.small"
    28   
    29  	 user_data = <<EOF
    30   export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
    31   export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
    32   export AWS_DEFAULT_REGION=us-west-2 
    33   EOF
    34   }
    35   `,
    36  }
    37  
    38  var terraformNoSecretsInUserDataLinks = []string{
    39  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#user_data`,
    40  }
    41  
    42  var terraformNoSecretsInUserDataRemediationMarkdown = ``