UNPKG

@pulumi/aws-compliance-policies

Version:

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

32 lines (31 loc) 1.13 kB
import { ResourceValidationPolicy } from "@pulumi/policy"; declare namespace FileSystem { /** * Check that encrypted EFS File system uses a customer-managed KMS key. * * @severity low * @frameworks hitrust, iso27001, pcidss * @topics encryption, storage * @link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html */ const configureCustomerManagedKey: ResourceValidationPolicy; /** * Check that EFS File system doesn't use single availability zone. * * @severity high * @frameworks none * @topics availability, storage * @link https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html */ const disallowSingleAvailabilityZone: ResourceValidationPolicy; /** * Checks that EFS File Systems do not have an unencrypted file system. * * @severity high * @frameworks hitrust, iso27001, pcidss * @topics encryption, storage * @link https://docs.aws.amazon.com/efs/latest/ug/encryption-at-rest.html */ const disallowUnencryptedFileSystem: ResourceValidationPolicy; } export { FileSystem };