BOM - AWS EFS
- Query id: f53f16d6-46a9-4277-9fbe-617b1e24cdca
- Query name: BOM - AWS EFS
- Platform: Terraform
- Severity: Trace
- Category: Bill Of Materials
- URL: Github
Description¶
A list of EFS resources found. Amazon Elastic File System (Amazon EFS) automatically grows and shrinks as you add and remove files with no need for management or provisioning.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - tf file
resource "aws_efs_file_system" "positive1" {
creation_token = "my-product"
encrypted = true
tags = {
Name = "MyProduct"
}
}
Postitive test num. 2 - tf file
resource "aws_efs_file_system" "positive2" {
creation_token = "my-product"
encrypted = true
tags = {
Name = "MyProduct"
}
}
resource "aws_efs_file_system_policy" "policy" {
file_system_id = aws_efs_file_system.positive2.id
bypass_policy_lockout_safety_check = true
policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "ExamplePolicy01",
"Statement": [
{
"Sid": "ExampleStatement01",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Resource": "${aws_efs_file_system.test.arn}",
"Action": [
"elasticfilesystem:ClientMount",
"elasticfilesystem:ClientWrite"
],
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
}
}
]
}
POLICY
}