github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/s3/enable_object_write_logging.tf.go (about) 1 package s3 2 3 var terraformEnableObjectWriteLoggingGoodExamples = []string{ 4 ` 5 resource "aws_s3_bucket" "good_example" { 6 bucket = "my-bucket" 7 } 8 9 resource "aws_cloudtrail" "example" { 10 event_selector { 11 read_write_type = "WriteOnly" # or "All" 12 data_resource { 13 type = "AWS::S3::Object" 14 values = ["arn:aws:s3:::${aws_s3_bucket.good_example.bucket}/"] 15 } 16 } 17 } 18 `, 19 } 20 21 var terraformEnableObjectWriteLoggingBadExamples = []string{ 22 ` 23 resource "aws_s3_bucket" "bad_example" { 24 bucket = "my-bucket" 25 } 26 `, 27 } 28 29 var terraformEnableObjectWriteLoggingLinks = []string{ 30 `https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning`, 31 } 32 33 var terraformEnableObjectWriteLoggingRemediationMarkdown = ``