forked from aquasecurity/tfsec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ensure_key_expiry.tf.go
48 lines (42 loc) · 1016 Bytes
/
ensure_key_expiry.tf.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package keyvault
var terraformEnsureKeyExpiryGoodExamples = []string{
`
resource "azurerm_key_vault_key" "good_example" {
name = "generated-certificate"
key_vault_id = azurerm_key_vault.example.id
key_type = "RSA"
key_size = 2048
expiration_date = "1982-12-31T00:00:00Z"
key_opts = [
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
]
}
`,
}
var terraformEnsureKeyExpiryBadExamples = []string{
`
resource "azurerm_key_vault_key" "bad_example" {
name = "generated-certificate"
key_vault_id = azurerm_key_vault.example.id
key_type = "RSA"
key_size = 2048
key_opts = [
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
]
}
`,
}
var terraformEnsureKeyExpiryLinks = []string{
`https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key#expiration_date`,
}
var terraformEnsureKeyExpiryRemediationMarkdown = ``