UNPKG

@pulumi/aws-compliance-policies

Version:

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

23 lines (22 loc) 820 B
import { ResourceValidationPolicy } from "@pulumi/policy"; declare namespace Cluster { /** * Check that EKS Clusters API Endpoint are not publicly accessible. * * @severity critical * @frameworks hitrust, iso27001, pcidss * @topics network * @link https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html */ const disallowApiEndpointPublicAccess: ResourceValidationPolicy; /** * Check that EKS Cluster Encryption Config is enabled. * * @severity high * @frameworks hitrust, iso27001, pcidss * @topics encryption, kubernetes * @link https://aws.amazon.com/blogs/containers/using-eks-encryption-provider-support-for-defense-in-depth/ */ const enableClusterEncryptionConfig: ResourceValidationPolicy; } export { Cluster };