@pulumi/aws-compliance-policies
Version:
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
44 lines (43 loc) • 1.6 kB
TypeScript
import { ResourceValidationPolicy } from "@pulumi/policy";
declare namespace Listener {
/**
* Checks that ALB Load Balancers uses secure/modern TLS encryption.
*
* @severity high
* @frameworks iso27001, pcidss
* @topics encryption, network
* @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html
*/
const configureSecureTls: ResourceValidationPolicy;
/**
* Check that ALB Load Balancers do not allow unencrypted (HTTP) traffic.
*
* @severity critical
* @frameworks iso27001, pcidss
* @topics network
* @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
*/
const disallowUnencryptedTraffic: ResourceValidationPolicy;
}
export { Listener };
declare namespace LoadBalancer {
/**
* Checks that ALB loadbalancers have access logging configured and enabled.
*
* @severity medium
* @frameworks iso27001, pcidss
* @topics logging, network
* @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
*/
const configureAccessLogging: ResourceValidationPolicy;
/**
* Checks that ALB loadbalancers have access logging enabled.
*
* @severity medium
* @frameworks iso27001, pcidss
* @topics logging, network
* @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
*/
const enableAccessLogging: ResourceValidationPolicy;
}
export { LoadBalancer };