github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/lambda/restrict_source_arn.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/lambda/restrict_source_arn.tf.go (about)

     1  package lambda
     2  
     3  var terraformRestrictSourceArnGoodExamples = []string{
     4  	`
     5  resource "aws_lambda_permission" "good_example" {
     6  	statement_id = "AllowExecutionFromSNS"
     7  	action = "lambda:InvokeFunction"
     8  	function_name = aws_lambda_function.func.function_name
     9  	principal = "sns.amazonaws.com"
    10  	source_arn = aws_sns_topic.default.arn
    11  }
    12  		`,
    13  }
    14  
    15  var terraformRestrictSourceArnBadExamples = []string{
    16  	`
    17  resource "aws_lambda_permission" "bad_example" {
    18  	statement_id = "AllowExecutionFromSNS"
    19  	action = "lambda:InvokeFunction"
    20  	function_name = aws_lambda_function.func.function_name
    21  	principal = "sns.amazonaws.com"
    22  }
    23  		`,
    24  }
    25  
    26  var terraformRestrictSourceArnLinks = []string{
    27  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission`,
    28  }
    29  
    30  var terraformRestrictSourceArnRemediationMarkdown = ``