Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var CheckAggregateAllRegions = rules.Register( scan.Rule{ AVDID: "AVD-AWS-0019", Provider: providers.AWSProvider, Service: "config", ShortCode: "aggregate-all-regions", Summary: "Config configuration aggregator should be using all regions for source", Impact: "Sources that aren't covered by the aggregator are not include in the configuration", Resolution: "Set the aggregator to cover all regions", Explanation: `The configuration aggregator should be configured with all_regions for the source. This will help limit the risk of any unmonitored configuration in regions that are thought to be unused.`, Links: []string{ "https://docs.aws.amazon.com/config/latest/developerguide/aggregate-data.html", }, Terraform: &scan.EngineMetadata{ GoodExamples: terraformAggregateAllRegionsGoodExamples, BadExamples: terraformAggregateAllRegionsBadExamples, Links: terraformAggregateAllRegionsLinks, RemediationMarkdown: terraformAggregateAllRegionsRemediationMarkdown, }, CloudFormation: &scan.EngineMetadata{ GoodExamples: cloudFormationAggregateAllRegionsGoodExamples, BadExamples: cloudFormationAggregateAllRegionsBadExamples, Links: cloudFormationAggregateAllRegionsLinks, RemediationMarkdown: cloudFormationAggregateAllRegionsRemediationMarkdown, }, Severity: severity.High, }, func(s *state.State) (results scan.Results) { if s.AWS.Config.ConfigurationAggregrator.IsUnmanaged() { return } if s.AWS.Config.ConfigurationAggregrator.SourceAllRegions.IsFalse() { results.Add( "Configuration aggregation is not set to source from all regions.", s.AWS.Config.ConfigurationAggregrator.SourceAllRegions, ) } else { results.AddPassed(s.AWS.Config.ConfigurationAggregrator.SourceAllRegions) } return }, )
Functions ¶
This section is empty.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.