github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/elasticsearch/use_secure_tls_policy.cf.go (about) 1 package elasticsearch 2 3 var cloudFormationUseSecureTlsPolicyGoodExamples = []string{ 4 `--- 5 Resources: 6 GoodExample: 7 Type: AWS::Elasticsearch::Domain 8 Properties: 9 DomainName: 'test' 10 ElasticsearchVersion: '7.10' 11 DomainEndpointOptions: 12 TLSSecurityPolicy: Policy-Min-TLS-1-2-2019-07 13 EncryptionAtRestOptions: 14 Enabled: true 15 KmsKeyId: alias/kmskey 16 ElasticsearchClusterConfig: 17 DedicatedMasterEnabled: true 18 InstanceCount: '2' 19 ZoneAwarenessEnabled: true 20 InstanceType: 'm3.medium.elasticsearch' 21 DedicatedMasterType: 'm3.medium.elasticsearch' 22 DedicatedMasterCount: '3' 23 EBSOptions: 24 EBSEnabled: true 25 Iops: '0' 26 VolumeSize: '20' 27 VolumeType: 'gp2' 28 `, 29 } 30 31 var cloudFormationUseSecureTlsPolicyBadExamples = []string{ 32 `--- 33 Resources: 34 BadExample: 35 Type: AWS::Elasticsearch::Domain 36 Properties: 37 DomainName: 'test' 38 ElasticsearchVersion: '7.10' 39 ElasticsearchClusterConfig: 40 DedicatedMasterEnabled: true 41 InstanceCount: '2' 42 ZoneAwarenessEnabled: true 43 InstanceType: 'm3.medium.elasticsearch' 44 DedicatedMasterType: 'm3.medium.elasticsearch' 45 DedicatedMasterCount: '3' 46 EBSOptions: 47 EBSEnabled: true 48 Iops: '0' 49 VolumeSize: '20' 50 VolumeType: 'gp2' 51 `, 52 } 53 54 var cloudFormationUseSecureTlsPolicyLinks = []string{} 55 56 var cloudFormationUseSecureTlsPolicyRemediationMarkdown = ``