ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6327/javascript/rule.adoc
github-actions[bot] 792b2cd487
Create rule S6327 (#1298)
2022-10-03 11:21:43 +02:00

85 lines
2.1 KiB
Plaintext
Raw Blame History

include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
For https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_sns.Topic.html[`aws_cdk.aws_sns.Topic`]
[source,javascript]
----
import { Topic } from 'aws-cdk-lib/aws-sns';
new Topic(this, 'exampleTopic'); // Sensitive
----
For https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_sns.CfnTopic.html[`aws_cdk.aws_sns.CfnTopic`]
[source,javascript]
----
import { Topic, CfnTopic } from 'aws-cdk-lib/aws-sns';
new CfnTopic(this, 'exampleCfnTopic'); // Sensitive
----
== Compliant Solution
For https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_sns.Topic.html[`aws_cdk.aws_sns.Topic`]
[source,javascript]
----
import { Topic } from 'aws-cdk-lib/aws-sns';
const encryptionKey = new Key(this, 'exampleKey', {
enableKeyRotation: true,
});
new Topic(this, 'exampleTopic', {
masterKey: encryptionKey
});
----
For https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_sns.CfnTopic.html[`aws_cdk.aws_sns.CfnTopic`]
[source,javascript]
----
import { CfnTopic } from 'aws-cdk-lib/aws-sns';
const encryptionKey = new Key(this, 'exampleKey', {
enableKeyRotation: true,
});
cfnTopic = new CfnTopic(this, 'exampleCfnTopic', {
kmsMasterKeyId: encryptionKey.keyId
});
----
include::../see.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
=== Message
For Topic:
* Omitting "masterKey" disables SNS topics encryption. Make sure it is safe here.
For CfnTopic:
* Omitting "kmsMasterKeyId" disables SNS topics encryption. Make sure it is safe here.
=== Highlighting
* Highlight the initializer function if it does not contain the third argument `props` or `props` is set to `undefined`.
* For Topic: Highlight the `props` object if it does not contain the property `masterKey`.
* For Topic: Highlight the `masterKey` attribute if it is set to `undefined`.
* For CfnTopic: Highlight the `props` object if it does not contain the property `kmsMasterKeyId`.
* For CfnTopic: Highlight the `kmsMasterKeyId` attribute if it is set to `undefined`.
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink