github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/iam/no_policy_wildcards.cf.go (about) 1 package iam 2 3 var cloudFormationNoPolicyWildcardsGoodExamples = []string{ 4 `--- 5 AWSTemplateFormatVersion: 2010-09-09 6 Description: Good example of policy 7 Resources: 8 GoodPolicy: 9 Type: 'AWS::IAM::Policy' 10 Properties: 11 PolicyName: CFNUsers 12 PolicyDocument: 13 Version: "2012-10-17" 14 Statement: 15 - Effect: Allow 16 Action: 17 - 's3:ListBuckets' 18 Resource: 'specific-bucket' 19 `, 20 } 21 22 var cloudFormationNoPolicyWildcardsBadExamples = []string{ 23 `--- 24 AWSTemplateFormatVersion: 2010-09-09 25 Description: Bad example of policy 26 Resources: 27 BadPolicy: 28 Type: 'AWS::IAM::Policy' 29 Properties: 30 PolicyName: CFNUsers 31 PolicyDocument: 32 Version: "2012-10-17" 33 Statement: 34 - Effect: Allow 35 Action: 36 - 'cloudformation:Describe*' 37 - 'cloudformation:List*' 38 - 'cloudformation:Get*' 39 Resource: '*' 40 `, 41 } 42 43 var cloudFormationNoPolicyWildcardsLinks = []string{} 44 45 var cloudFormationNoPolicyWildcardsRemediationMarkdown = ``