github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/sam/no_state_machine_policy_wildcards.cf.go (about) 1 package sam 2 3 var cloudFormationNoStateMachinePolicyWildcardsGoodExamples = []string{ 4 `--- 5 AWSTemplateFormatVersion: 2010-09-09 6 Description: Good Example of SAM Function 7 Resources: 8 GoodFunction: 9 Type: AWS::Serverless::StateMachine 10 Properties: 11 Definition: 12 StartAt: MyLambdaState 13 States: 14 MyLambdaState: 15 Type: Task 16 Resource: arn:aws:lambda:us-east-1:123456123456:function:my-sample-lambda-app 17 End: true 18 Role: arn:aws:iam::123456123456:role/service-role/my-sample-role 19 Tracing: 20 Enabled: true 21 Policies: 22 - AWSLambdaExecute 23 - Version: '2012-10-17' 24 Statement: 25 - Effect: Allow 26 Action: 27 - s3:GetObject 28 - s3:GetObjectACL 29 Resource: 'arn:aws:s3:::my-bucket/*' 30 `, 31 } 32 33 var cloudFormationNoStateMachinePolicyWildcardsBadExamples = []string{ 34 `--- 35 AWSTemplateFormatVersion: 2010-09-09 36 Description: Bad Example of SAM Function 37 Resources: 38 BadFunction: 39 Type: AWS::Serverless::StateMachine 40 Properties: 41 Definition: 42 StartAt: MyLambdaState 43 States: 44 MyLambdaState: 45 Type: Task 46 Resource: arn:aws:lambda:us-east-1:123456123456:function:my-sample-lambda-app 47 End: true 48 Role: arn:aws:iam::123456123456:role/service-role/my-sample-role 49 Tracing: 50 Enabled: true 51 Policies: 52 - AWSLambdaExecute 53 - Version: '2012-10-17' 54 Statement: 55 - Effect: Allow 56 Action: 57 - s3:* 58 Resource: 'arn:aws:s3:::my-bucket/*' 59 `, 60 } 61 62 var cloudFormationNoStateMachinePolicyWildcardsLinks = []string{} 63 64 var cloudFormationNoStateMachinePolicyWildcardsRemediationMarkdown = ``