github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/eks/encrypt_secrets.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/eks/encrypt_secrets.tf.go (about)

     1  package eks
     2  
     3  var terraformEncryptSecretsGoodExamples = []string{
     4  	`
     5   resource "aws_eks_cluster" "good_example" {
     6       encryption_config {
     7           resources = [ "secrets" ]
     8           provider {
     9               key_arn = var.kms_arn
    10           }
    11       }
    12   
    13       name = "good_example_cluster"
    14       role_arn = var.cluster_arn
    15       vpc_config {
    16           endpoint_public_access = false
    17       }
    18   }
    19   `,
    20  }
    21  
    22  var terraformEncryptSecretsBadExamples = []string{
    23  	`
    24   resource "aws_eks_cluster" "bad_example" {
    25       name = "bad_example_cluster"
    26   
    27       role_arn = var.cluster_arn
    28       vpc_config {
    29           endpoint_public_access = false
    30       }
    31   }
    32   `,
    33  }
    34  
    35  var terraformEncryptSecretsLinks = []string{
    36  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#encryption_config`,
    37  }
    38  
    39  var terraformEncryptSecretsRemediationMarkdown = ``