github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ecr/enforce_immutable_repository.cf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ecr/enforce_immutable_repository.cf.go (about)

     1  package ecr
     2  
     3  var cloudFormationEnforceImmutableRepositoryGoodExamples = []string{
     4  	`---
     5  Resources:
     6    GoodExample:
     7      Type: AWS::ECR::Repository
     8      Properties:
     9        RepositoryName: "test-repository"
    10        ImageTagMutability: IMMUTABLE
    11        ImageScanningConfiguration:
    12          ScanOnPush: false
    13        EncryptionConfiguration:
    14          EncryptionType: KMS
    15          KmsKey: "alias/ecr-key"
    16  `,
    17  }
    18  
    19  var cloudFormationEnforceImmutableRepositoryBadExamples = []string{
    20  	`---
    21  Resources:
    22    BadExample:
    23      Type: AWS::ECR::Repository
    24      Properties:
    25        RepositoryName: "test-repository"
    26        ImageScanningConfiguration:
    27          ScanOnPush: false
    28  `,
    29  }
    30  
    31  var cloudFormationEnforceImmutableRepositoryLinks = []string{}
    32  
    33  var cloudFormationEnforceImmutableRepositoryRemediationMarkdown = ``