github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/redshift/encryption_customer_key.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/redshift/encryption_customer_key.tf.go (about)

     1  package redshift
     2  
     3  var terraformEncryptionCustomerKeyGoodExamples = []string{
     4  	`
     5   resource "aws_kms_key" "redshift" {
     6   	enable_key_rotation = true
     7   }
     8   
     9   resource "aws_redshift_cluster" "good_example" {
    10     cluster_identifier = "tf-redshift-cluster"
    11     database_name      = "mydb"
    12     master_username    = "foo"
    13     master_password    = "Mustbe8characters"
    14     node_type          = "dc1.large"
    15     cluster_type       = "single-node"
    16     encrypted          = true
    17     kms_key_id         = aws_kms_key.redshift.key_id
    18   }
    19   `,
    20  }
    21  
    22  var terraformEncryptionCustomerKeyBadExamples = []string{
    23  	`
    24   resource "aws_redshift_cluster" "bad_example" {
    25     cluster_identifier = "tf-redshift-cluster"
    26     database_name      = "mydb"
    27     master_username    = "foo"
    28     master_password    = "Mustbe8characters"
    29     node_type          = "dc1.large"
    30     cluster_type       = "single-node"
    31   }
    32   `,
    33  }
    34  
    35  var terraformEncryptionCustomerKeyLinks = []string{
    36  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted`,
    37  }
    38  
    39  var terraformEncryptionCustomerKeyRemediationMarkdown = ``