github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/mq/enable_audit_logging.go (about) 1 package mq 2 3 import ( 4 "github.com/khulnasoft-lab/defsec/internal/rules" 5 "github.com/khulnasoft-lab/defsec/pkg/providers" 6 "github.com/khulnasoft-lab/defsec/pkg/scan" 7 "github.com/khulnasoft-lab/defsec/pkg/severity" 8 "github.com/khulnasoft-lab/defsec/pkg/state" 9 ) 10 11 var CheckEnableAuditLogging = rules.Register( 12 scan.Rule{ 13 AVDID: "AVD-AWS-0070", 14 Provider: providers.AWSProvider, 15 Service: "mq", 16 ShortCode: "enable-audit-logging", 17 Summary: "MQ Broker should have audit logging enabled", 18 Impact: "Without audit logging it is difficult to trace activity in the MQ broker", 19 Resolution: "Enable audit logging", 20 Explanation: `Logging should be enabled to allow tracing of issues and activity to be investigated more fully. Logs provide additional information and context which is often invalauble during investigation`, 21 Links: []string{ 22 "https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.html", 23 }, 24 Terraform: &scan.EngineMetadata{ 25 GoodExamples: terraformEnableAuditLoggingGoodExamples, 26 BadExamples: terraformEnableAuditLoggingBadExamples, 27 Links: terraformEnableAuditLoggingLinks, 28 RemediationMarkdown: terraformEnableAuditLoggingRemediationMarkdown, 29 }, 30 CloudFormation: &scan.EngineMetadata{ 31 GoodExamples: cloudFormationEnableAuditLoggingGoodExamples, 32 BadExamples: cloudFormationEnableAuditLoggingBadExamples, 33 Links: cloudFormationEnableAuditLoggingLinks, 34 RemediationMarkdown: cloudFormationEnableAuditLoggingRemediationMarkdown, 35 }, 36 Severity: severity.Medium, 37 }, 38 func(s *state.State) (results scan.Results) { 39 for _, broker := range s.AWS.MQ.Brokers { 40 if broker.Logging.Audit.IsFalse() { 41 results.Add( 42 "Broker does not have audit logging enabled.", 43 broker.Logging.Audit, 44 ) 45 } else { 46 results.AddPassed(&broker) 47 } 48 } 49 return 50 }, 51 )