Skip to content

Commit

Permalink
tests(terraform): add Terraform test for the CKV2_AWS_5 check
Browse files Browse the repository at this point in the history
  • Loading branch information
@bhean
bhean committed Aug 27, 2024
1 parent 59e5077 commit 9de662c
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 0 deletions.
1 change: 1 addition & 0 deletions tests/terraform/graph/checks/resources/SGAttachedToResource/expected.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ pass:
- "aws_security_group.pass_dax_cluster"
- "aws_security_group.pass_dms"
- "aws_security_group.pass_docdb"
- "aws_security_group.pass_docdbelastic"
- "aws_security_group.pass_ec2"
- "aws_security_group.pass_ec2_client_vpn"
- "aws_security_group.pass_ec2_client_vpn_endpoint"
Expand Down
25 changes: 25 additions & 0 deletions tests/terraform/graph/checks/resources/SGAttachedToResource/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,31 @@ resource "aws_docdb_cluster" "pass_docdb" {
vpc_security_group_ids = [aws_security_group.pass_docdb.id]
}

# DocDB Elastic

resource "aws_security_group" "pass_docdbelastic" {
ingress {
description = "TLS from VPC"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}

resource "aws_docdbelastic_cluster" "pass_docdbelastic" {
name = "docdbelastic_cluster"

admin_user_name = "admin"
admin_user_password = "4dm1np4ssw0rd"

auth_type = "PLAIN_TEXT"
shard_capacity = 2
shard_count = 1

vpc_security_group_ids = [aws_security_group.pass_docdbelastic.id]
}

# EC2

resource "aws_security_group" "pass_ec2" {
Expand Down

0 comments on commit 9de662c

Please sign in to comment.