github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ecs/enable_in_transit_encryption.tf.go (about) 1 package ecs 2 3 var terraformEnableInTransitEncryptionGoodExamples = []string{ 4 ` 5 resource "aws_ecs_task_definition" "good_example" { 6 family = "service" 7 container_definitions = file("task-definitions/service.json") 8 9 volume { 10 name = "service-storage" 11 12 efs_volume_configuration { 13 file_system_id = aws_efs_file_system.fs.id 14 root_directory = "/opt/data" 15 transit_encryption = "ENABLED" 16 transit_encryption_port = 2999 17 authorization_config { 18 access_point_id = aws_efs_access_point.test.id 19 iam = "ENABLED" 20 } 21 } 22 } 23 } 24 `, 25 } 26 27 var terraformEnableInTransitEncryptionBadExamples = []string{ 28 ` 29 resource "aws_ecs_task_definition" "bad_example" { 30 family = "service" 31 container_definitions = file("task-definitions/service.json") 32 33 volume { 34 name = "service-storage" 35 36 efs_volume_configuration { 37 file_system_id = aws_efs_file_system.fs.id 38 root_directory = "/opt/data" 39 authorization_config { 40 access_point_id = aws_efs_access_point.test.id 41 iam = "ENABLED" 42 } 43 } 44 } 45 } 46 `, 47 } 48 49 var terraformEnableInTransitEncryptionLinks = []string{ 50 `https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#transit_encryption`, 51 } 52 53 var terraformEnableInTransitEncryptionRemediationMarkdown = ``