github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/elasticsearch/enable_domain_encryption.cf.go (about) 1 package elasticsearch 2 3 var cloudFormationEnableDomainEncryptionGoodExamples = []string{ 4 `--- 5 Resources: 6 GoodExample: 7 Type: AWS::Elasticsearch::Domain 8 Properties: 9 DomainName: 'test' 10 ElasticsearchVersion: '7.10' 11 EncryptionAtRestOptions: 12 Enabled: true 13 KmsKeyId: alias/kmskey 14 ElasticsearchClusterConfig: 15 DedicatedMasterEnabled: true 16 InstanceCount: '2' 17 ZoneAwarenessEnabled: true 18 InstanceType: 'm3.medium.elasticsearch' 19 DedicatedMasterType: 'm3.medium.elasticsearch' 20 DedicatedMasterCount: '3' 21 EBSOptions: 22 EBSEnabled: true 23 Iops: '0' 24 VolumeSize: '20' 25 VolumeType: 'gp2' 26 `, 27 } 28 29 var cloudFormationEnableDomainEncryptionBadExamples = []string{ 30 `--- 31 Resources: 32 BadExample: 33 Type: AWS::Elasticsearch::Domain 34 Properties: 35 DomainName: 'test' 36 ElasticsearchVersion: '7.10' 37 ElasticsearchClusterConfig: 38 DedicatedMasterEnabled: true 39 InstanceCount: '2' 40 ZoneAwarenessEnabled: true 41 InstanceType: 'm3.medium.elasticsearch' 42 DedicatedMasterType: 'm3.medium.elasticsearch' 43 DedicatedMasterCount: '3' 44 EBSOptions: 45 EBSEnabled: true 46 Iops: '0' 47 VolumeSize: '20' 48 VolumeType: 'gp2' 49 `, 50 } 51 52 var cloudFormationEnableDomainEncryptionLinks = []string{} 53 54 var cloudFormationEnableDomainEncryptionRemediationMarkdown = ``