github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/elasticsearch/enable_domain_logging.cf.go (about) 1 package elasticsearch 2 3 var cloudFormationEnableDomainLoggingGoodExamples = []string{ 4 `--- 5 Resources: 6 GoodExample: 7 Type: AWS::Elasticsearch::Domain 8 Properties: 9 DomainName: 'test' 10 ElasticsearchVersion: '7.10' 11 EncryptionAtRestOptions: 12 Enabled: true 13 KmsKeyId: alias/kmskey 14 LogPublishingOptions: 15 AUDIT_LOGS: 16 Enabled: true 17 ElasticsearchClusterConfig: 18 DedicatedMasterEnabled: true 19 InstanceCount: '2' 20 ZoneAwarenessEnabled: true 21 InstanceType: 'm3.medium.elasticsearch' 22 DedicatedMasterType: 'm3.medium.elasticsearch' 23 DedicatedMasterCount: '3' 24 EBSOptions: 25 EBSEnabled: true 26 Iops: '0' 27 VolumeSize: '20' 28 VolumeType: 'gp2' 29 `, 30 } 31 32 var cloudFormationEnableDomainLoggingBadExamples = []string{ 33 `--- 34 Resources: 35 BadExample: 36 Type: AWS::Elasticsearch::Domain 37 Properties: 38 DomainName: 'test' 39 ElasticsearchVersion: '7.10' 40 ElasticsearchClusterConfig: 41 DedicatedMasterEnabled: true 42 InstanceCount: '2' 43 ZoneAwarenessEnabled: true 44 InstanceType: 'm3.medium.elasticsearch' 45 DedicatedMasterType: 'm3.medium.elasticsearch' 46 DedicatedMasterCount: '3' 47 EBSOptions: 48 EBSEnabled: true 49 Iops: '0' 50 VolumeSize: '20' 51 VolumeType: 'gp2' 52 `, 53 } 54 55 var cloudFormationEnableDomainLoggingLinks = []string{} 56 57 var cloudFormationEnableDomainLoggingRemediationMarkdown = ``