github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/s3/enable_object_read_logging.tf.go (about) 1 package s3 2 3 var terraformEnableObjectReadLoggingGoodExamples = []string{ 4 ` 5 resource "aws_s3_bucket" "good_example" { 6 bucket = "my-bucket" 7 } 8 9 resource "aws_cloudtrail" "example" { 10 event_selector { 11 read_write_type = "ReadOnly" # or "All" 12 data_resource { 13 type = "AWS::S3::Object" 14 values = ["arn:aws:s3:::${aws_s3_bucket.good_example.bucket}/"] 15 } 16 } 17 } 18 19 `, 20 } 21 22 var terraformEnableObjectReadLoggingBadExamples = []string{ 23 ` 24 resource "aws_s3_bucket" "bad_example" { 25 bucket = "my-bucket" 26 } 27 `, 28 } 29 30 var terraformEnableObjectReadLoggingLinks = []string{ 31 `https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning`, 32 } 33 34 var terraformEnableObjectReadLoggingRemediationMarkdown = ``