github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/s3/encryption_customer_key.cf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/s3/encryption_customer_key.cf.go (about)

     1  package s3
     2  
     3  var cloudFormationCheckEncryptionCustomerKeyGoodExamples = []string{
     4  	`
     5  Resources:
     6    GoodExample:
     7      Properties:
     8        BucketEncryption:
     9          ServerSideEncryptionConfiguration:
    10            - BucketKeyEnabled: true
    11              ServerSideEncryptionByDefault:
    12                KMSMasterKeyID: kms-arn
    13                SSEAlgorithm: aws:kms
    14      Type: AWS::S3::Bucket
    15  `,
    16  }
    17  
    18  var cloudFormationCheckEncryptionCustomerKeyBadExamples = []string{
    19  	`---
    20  Resources:
    21    BadExample:
    22      Properties:
    23        BucketEncryption:
    24          ServerSideEncryptionConfiguration:
    25            - BucketKeyEnabled: false
    26              ServerSideEncryptionByDefault:
    27                SSEAlgorithm: AES256
    28      Type: AWS::S3::Bucket
    29  `,
    30  }
    31  
    32  var cloudFormationCheckEncryptionCustomerKeyLinks = []string{}
    33  
    34  var cloudFormationCheckEncryptionCustomerKeyRemediationMarkdown = ``