UNPKG

@pulumi/aws-compliance-policies

Version:

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

44 lines (43 loc) 1.6 kB
import { ResourceValidationPolicy } from "@pulumi/policy"; declare namespace Listener { /** * Checks that ALB Load Balancers uses secure/modern TLS encryption. * * @severity high * @frameworks iso27001, pcidss * @topics encryption, network * @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html */ const configureSecureTls: ResourceValidationPolicy; /** * Check that ALB Load Balancers do not allow unencrypted (HTTP) traffic. * * @severity critical * @frameworks iso27001, pcidss * @topics network * @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html */ const disallowUnencryptedTraffic: ResourceValidationPolicy; } export { Listener }; declare namespace LoadBalancer { /** * Checks that ALB loadbalancers have access logging configured and enabled. * * @severity medium * @frameworks iso27001, pcidss * @topics logging, network * @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html */ const configureAccessLogging: ResourceValidationPolicy; /** * Checks that ALB loadbalancers have access logging enabled. * * @severity medium * @frameworks iso27001, pcidss * @topics logging, network * @link https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html */ const enableAccessLogging: ResourceValidationPolicy; } export { LoadBalancer };