16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
52 lines
1.1 KiB
Plaintext
52 lines
1.1 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
For https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html[AWS::SNS::Topic]:
|
|
|
|
[source,yaml]
|
|
----
|
|
AWSTemplateFormatVersion: '2010-09-09'
|
|
Resources:
|
|
Topic: # Sensitive, encryption disabled by default
|
|
Type: AWS::SNS::Topic
|
|
Properties:
|
|
DisplayName: "unencrypted_topic"
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
For https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html[AWS::SNS::Topic]:
|
|
|
|
[source,yaml]
|
|
----
|
|
AWSTemplateFormatVersion: '2010-09-09'
|
|
Resources:
|
|
Topic:
|
|
Type: AWS::SNS::Topic
|
|
Properties:
|
|
DisplayName: "encrypted_topic"
|
|
KmsMasterKeyId:
|
|
Fn::GetAtt:
|
|
- TestKey
|
|
- KeyId
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
=== Message
|
|
|
|
* Omitting "KmsMasterKeyId" disables SNS topics encryption. Make sure it is safe here.
|
|
|
|
|
|
endif::env-github,rspecator-view[] |