Create rule S6258[terraform]: Add AWS Redshift Clusters (#531)

* Create rule S6258[terraform]: Add AWS Redshift Clusters * Update rules/S6258/terraform/rule.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> * Update rules/S6258/terraform/rule.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> * Update rules/S6258/terraform/rule.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> * Update rules/S6258/terraform/rule.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> Co-authored-by: Nils Werner <64034005+nils-werner-sonarsource@users.noreply.github.com>
2021-11-10 10:24:04 +01:00 · 2021-11-10 10:24:04 +01:00 · 69da2594e3
commit 69da2594e3
parent eff069b4cb
1 changed files with 26 additions and 0 deletions
--- a/rules/S6258/terraform/rule.adoc
+++ b/rules/S6258/terraform/rule.adoc
@ -14,6 +14,18 @@ resource "aws_s3_bucket" "mynoncompliantbucket" { # Sensitive
 }
 ----

+For https://aws.amazon.com/redshift/[Amazon Redshift]:
+
+----
+resource "aws_redshift_cluster" "cluster" {
+  cluster_identifier = "redshift-cluster"
+
+  logging {
+    enable = false # Sensitive
+  }
+}
+----
+
 For https://aws.amazon.com/global-accelerator/[Amazon Global Accelerator]:

 ----
@ -78,6 +90,20 @@ resource "aws_s3_bucket" "mycompliantbucket" { # Compliant
 }
 ----

+
+For https://aws.amazon.com/redshift/[Amazon Redshift]:
+
+----
+resource "aws_redshift_cluster" "cluster" {
+  cluster_identifier = "compliant-redshift-cluster"
+  logging {
+    enable           = true
+    bucket_name      = "infra_logs"
+    s3_key_prefix    = "log/redshift-"
+  }
+}
+----
+
 For https://aws.amazon.com/global-accelerator/[Amazon Global Accelerator]:

 ----