@pulumi/aws-compliance-policies
Version:
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
23 lines (22 loc) • 820 B
TypeScript
import { ResourceValidationPolicy } from "@pulumi/policy";
declare namespace Cluster {
/**
* Check that EKS Clusters API Endpoint are not publicly accessible.
*
* @severity critical
* @frameworks hitrust, iso27001, pcidss
* @topics network
* @link https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
*/
const disallowApiEndpointPublicAccess: ResourceValidationPolicy;
/**
* Check that EKS Cluster Encryption Config is enabled.
*
* @severity high
* @frameworks hitrust, iso27001, pcidss
* @topics encryption, kubernetes
* @link https://aws.amazon.com/blogs/containers/using-eks-encryption-provider-support-for-defense-in-depth/
*/
const enableClusterEncryptionConfig: ResourceValidationPolicy;
}
export { Cluster };