github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/keyvault/ensure_key_expiry.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/keyvault/ensure_key_expiry.tf.go (about)

     1  package keyvault
     2  
     3  var terraformEnsureKeyExpiryGoodExamples = []string{
     4  	`
     5   resource "azurerm_key_vault_key" "good_example" {
     6     name         = "generated-certificate"
     7     key_vault_id = azurerm_key_vault.example.id
     8     key_type     = "RSA"
     9     key_size     = 2048
    10     expiration_date = "1982-12-31T00:00:00Z"
    11   
    12     key_opts = [
    13       "decrypt",
    14       "encrypt",
    15       "sign",
    16       "unwrapKey",
    17       "verify",
    18       "wrapKey",
    19     ]
    20   }
    21   `,
    22  }
    23  
    24  var terraformEnsureKeyExpiryBadExamples = []string{
    25  	`
    26   resource "azurerm_key_vault_key" "bad_example" {
    27     name         = "generated-certificate"
    28     key_vault_id = azurerm_key_vault.example.id
    29     key_type     = "RSA"
    30     key_size     = 2048
    31   
    32     key_opts = [
    33       "decrypt",
    34       "encrypt",
    35       "sign",
    36       "unwrapKey",
    37       "verify",
    38       "wrapKey",
    39     ]
    40   }
    41   `,
    42  }
    43  
    44  var terraformEnsureKeyExpiryLinks = []string{
    45  	`https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key#expiration_date`,
    46  }
    47  
    48  var terraformEnsureKeyExpiryRemediationMarkdown = ``