BOM - AWS MQ
- Query id: fcb1b388-f558-4b7f-9b6e-f4e98abb7380
- Query name: BOM - AWS MQ
- Platform: Terraform
- Severity: Trace
- Category: Bill Of Materials
- URL: Github
Description¶
A list of MQ resources found. Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers on AWS.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_mq_broker" "positive1" {
broker_name = "example"
configuration {
id = aws_mq_configuration.test.id
revision = aws_mq_configuration.test.latest_revision
}
engine_type = "ActiveMQ"
engine_version = "5.15.9"
host_instance_type = "mq.t2.micro"
security_groups = [aws_security_group.test.id]
user {
username = "ExampleUser"
password = "MindTheGap"
}
}
Positive test num. 2 - tf file
resource "aws_mq_broker" "positive2" {
broker_name = "example"
configuration {
id = aws_mq_configuration.test.id
revision = aws_mq_configuration.test.latest_revision
}
engine_type = "RabbitMQ"
engine_version = "5.15.9"
host_instance_type = "mq.t2.micro"
security_groups = [aws_security_group.test.id]
user {
username = "ExampleUser"
password = "111111111111"
}
user {
username = "ExampleUser"
password = "MindTheGap"
}
encryption_options {
kms_key_id = var.encryption_options.kms_key_id
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
module "mq_broker" {
source = "cloudposse/mq-broker/aws"
version = "0.14.0"
namespace = "eg"
stage = "test"
name = "mq-broker"
apply_immediately = true
auto_minor_version_upgrade = true
deployment_mode = "ACTIVE_STANDBY_MULTI_AZ"
engine_type = "ActiveMQ"
engine_version = "5.15.14"
host_instance_type = "mq.t3.micro"
publicly_accessible = false
general_log_enabled = true
audit_log_enabled = true
encryption_enabled = true
use_aws_owned_key = true
vpc_id = var.vpc_id
subnet_ids = var.subnet_ids
security_groups = var.security_groups
}