github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ssm/secret_use_customer_key.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ssm/secret_use_customer_key.tf.go (about)

     1  package ssm
     2  
     3  var terraformSecretUseCustomerKeyGoodExamples = []string{
     4  	`
     5   resource "aws_kms_key" "secrets" {
     6   	enable_key_rotation = true
     7   }
     8   
     9   resource "aws_secretsmanager_secret" "good_example" {
    10     name       = "lambda_password"
    11     kms_key_id = aws_kms_key.secrets.arn
    12   }
    13   `,
    14  }
    15  
    16  var terraformSecretUseCustomerKeyBadExamples = []string{
    17  	`
    18   resource "aws_secretsmanager_secret" "bad_example" {
    19     name       = "lambda_password"
    20   }
    21   `,
    22  }
    23  
    24  var terraformSecretUseCustomerKeyLinks = []string{
    25  	`https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id`,
    26  }
    27  
    28  var terraformSecretUseCustomerKeyRemediationMarkdown = ``