github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ecs/enable_in_transit_encryption.cf.go (about) 1 package ecs 2 3 var cloudFormationEnableInTransitEncryptionGoodExamples = []string{ 4 `--- 5 Resources: 6 GoodExample: 7 Type: 'AWS::ECS::Cluster' 8 Properties: 9 ClusterName: MyCluster 10 ClusterSettings: 11 - Name: containerInsights 12 Value: enabled 13 GoodTask: 14 Type: AWS::ECS::TaskDefinition 15 Properties: 16 Family: "CFSec scan" 17 Cpu: 512 18 Memory: 1024 19 NetworkMode: awsvpc 20 RequiresCompatibilities: 21 - FARGATE 22 - EC2 23 ContainerDefinitions: 24 - Name: cfsec 25 Image: cfsec/cfsec:latest 26 MountPoints: 27 - SourceVolume: src 28 ContainerPath: /src 29 LogConfiguration: 30 LogDriver: awslogs 31 Options: 32 awslogs-group: "cfsec-logs" 33 awslogs-region: !Ref AWS::Region 34 awslogs-stream-prefix: "cfsec" 35 Volumes: 36 - Name: jenkins-home 37 EFSVolumeConfiguration: 38 FilesystemId: "fs1" 39 TransitEncryption: ENABLED 40 `, 41 } 42 43 var cloudFormationEnableInTransitEncryptionBadExamples = []string{ 44 `--- 45 Resources: 46 BadExample: 47 Type: 'AWS::ECS::Cluster' 48 Properties: 49 ClusterName: MyCluster 50 ClusterSettings: 51 - Name: containerInsights 52 Value: enabled 53 BadTask: 54 Type: AWS::ECS::TaskDefinition 55 Properties: 56 Family: "CFSec scan" 57 Cpu: 512 58 Memory: 1024 59 NetworkMode: awsvpc 60 RequiresCompatibilities: 61 - FARGATE 62 - EC2 63 ContainerDefinitions: 64 - Name: cfsec 65 Image: cfsec/cfsec:latest 66 MountPoints: 67 - SourceVolume: src 68 ContainerPath: /src 69 LogConfiguration: 70 LogDriver: awslogs 71 Options: 72 awslogs-group: "cfsec-logs" 73 awslogs-region: !Ref AWS::Region 74 awslogs-stream-prefix: "cfsec" 75 Volumes: 76 - Name: jenkins-home 77 EFSVolumeConfiguration: 78 FilesystemId: "fs1" 79 TransitEncryption: DISABLED`, 80 } 81 82 var cloudFormationEnableInTransitEncryptionLinks = []string{} 83 84 var cloudFormationEnableInTransitEncryptionRemediationMarkdown = ``