How to use the checkov.terraform.checks.resource.aws.ElasticsearchNodeToNodeEncryption.check.scan_resource_conf function in checkov
To help you get started, we’ve selected a few checkov examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
bridgecrewio / checkov / tests / terraform / checks / resource / aws / test_ElasticsearchNodeToNodeEncryption.py View on Github 
'zone_awareness_config': [
{'availability_zone_count': ['${var.availability_zone_count}']}]}],
'node_to_node_encryption': [{'enabled': [True]}], 'vpc_options': [
{'security_group_ids': [['${join("",aws_security_group.default.*.id)}']],
'subnet_ids': ['${var.subnet_ids}']}], 'snapshot_options': [
{'automated_snapshot_start_hour': ['${var.automated_snapshot_start_hour}']}],
'log_publishing_options': [
{'enabled': ['${var.log_publishing_index_enabled}'], 'log_type': ['INDEX_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_index_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_search_enabled}'], 'log_type': ['SEARCH_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_search_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_application_enabled}'],
'log_type': ['ES_APPLICATION_LOGS'], 'cloudwatch_log_group_arn': [
'${var.log_publishing_application_cloudwatch_log_group_arn}']}],
'tags': ['${module.label.tags}'], 'depends_on': [['${aws_iam_service_linked_role.default}']]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)'zone_awareness_config': [
{'availability_zone_count': ['${var.availability_zone_count}']}]}],
'vpc_options': [
{'security_group_ids': [['${join("",aws_security_group.default.*.id)}']],
'subnet_ids': ['${var.subnet_ids}']}], 'snapshot_options': [
{'automated_snapshot_start_hour': ['${var.automated_snapshot_start_hour}']}],
'log_publishing_options': [
{'enabled': ['${var.log_publishing_index_enabled}'], 'log_type': ['INDEX_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_index_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_search_enabled}'], 'log_type': ['SEARCH_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_search_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_application_enabled}'],
'log_type': ['ES_APPLICATION_LOGS'], 'cloudwatch_log_group_arn': [
'${var.log_publishing_application_cloudwatch_log_group_arn}']}],
'tags': ['${module.label.tags}'], 'depends_on': [['${aws_iam_service_linked_role.default}']]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.UNKNOWN, scan_result)'zone_awareness_config': [
{'availability_zone_count': ['${var.availability_zone_count}']}]}],
'vpc_options': [
{'security_group_ids': [['${join("",aws_security_group.default.*.id)}']],
'subnet_ids': ['${var.subnet_ids}']}], 'snapshot_options': [
{'automated_snapshot_start_hour': ['${var.automated_snapshot_start_hour}']}],
'log_publishing_options': [
{'enabled': ['${var.log_publishing_index_enabled}'], 'log_type': ['INDEX_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_index_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_search_enabled}'], 'log_type': ['SEARCH_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_search_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_application_enabled}'],
'log_type': ['ES_APPLICATION_LOGS'], 'cloudwatch_log_group_arn': [
'${var.log_publishing_application_cloudwatch_log_group_arn}']}],
'tags': ['${module.label.tags}'], 'depends_on': [['${aws_iam_service_linked_role.default}']]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)'zone_awareness_config': [
{'availability_zone_count': ['${var.availability_zone_count}']}]}],
'node_to_node_encryption': [{'enabled': [False]}], 'vpc_options': [
{'security_group_ids': [['${join("",aws_security_group.default.*.id)}']],
'subnet_ids': ['${var.subnet_ids}']}], 'snapshot_options': [
{'automated_snapshot_start_hour': ['${var.automated_snapshot_start_hour}']}],
'log_publishing_options': [
{'enabled': ['${var.log_publishing_index_enabled}'], 'log_type': ['INDEX_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_index_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_search_enabled}'], 'log_type': ['SEARCH_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_search_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_application_enabled}'],
'log_type': ['ES_APPLICATION_LOGS'], 'cloudwatch_log_group_arn': [
'${var.log_publishing_application_cloudwatch_log_group_arn}']}],
'tags': ['${module.label.tags}'], 'depends_on': [['${aws_iam_service_linked_role.default}']]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)'zone_awareness_config': [
{'availability_zone_count': ['${var.availability_zone_count}']}]}],
'node_to_node_encryption': [{'enabled': [False]}], 'vpc_options': [
{'security_group_ids': [['${join("",aws_security_group.default.*.id)}']],
'subnet_ids': ['${var.subnet_ids}']}], 'snapshot_options': [
{'automated_snapshot_start_hour': ['${var.automated_snapshot_start_hour}']}],
'log_publishing_options': [
{'enabled': ['${var.log_publishing_index_enabled}'], 'log_type': ['INDEX_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_index_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_search_enabled}'], 'log_type': ['SEARCH_SLOW_LOGS'],
'cloudwatch_log_group_arn': ['${var.log_publishing_search_cloudwatch_log_group_arn}']},
{'enabled': ['${var.log_publishing_application_enabled}'],
'log_type': ['ES_APPLICATION_LOGS'], 'cloudwatch_log_group_arn': [
'${var.log_publishing_application_cloudwatch_log_group_arn}']}],
'tags': ['${module.label.tags}'], 'depends_on': [['${aws_iam_service_linked_role.default}']]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
Popular checkov functions
- checkov.terraform.checks.resource.aws.ALBListenerHTTPS.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.ElasticsearchNodeToNodeEncryption.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.KMSRotation.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.LaunchConfigurationEBSEncryption.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicyExpiration.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicyLength.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicyLowercaseLetter.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicyNumber.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicyReuse.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicySymbol.check.scan_resource_conf
- checkov.terraform.checks.resource.aws.PasswordPolicyUppercaseLetter.check.scan_resource_conf
- checkov.terraform.checks.resource.base_check.BaseResourceCheck
- checkov.terraform.checks.resource.registry.resource_registry
- checkov.terraform.models.enums.CheckCategories
- checkov.terraform.models.enums.CheckCategories.ENCRYPTION
- checkov.terraform.models.enums.CheckCategories.IAM
- checkov.terraform.models.enums.CheckCategories.NETWORKING
- checkov.terraform.models.enums.CheckResult
- checkov.terraform.models.enums.CheckResult.FAILED
- checkov.terraform.models.enums.CheckResult.PASSED