From 270216172537908bed37341e6a9d1d976972e12c Mon Sep 17 00:00:00 2001 From: mikeurbanski1 Date: Wed, 11 Aug 2021 13:39:22 -0500 Subject: [PATCH 1/2] Create new.yaml --- new.yaml | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 new.yaml diff --git a/new.yaml b/new.yaml new file mode 100644 index 00000000..dd440d79 --- /dev/null +++ b/new.yaml @@ -0,0 +1,37 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: AWS CloudFormation Template to deploy insecure infrastructure +Parameters: + CompanyName: + Description: Company Name + Type: String + Default: acme + Environment: + Description: Environment + Type: String + Default: dev + DBName: + Description: Name of the Database + Type: String + Default: db1 + Password: + Description: Database Password + Type: String + NoEcho: True + MinLength: 1 + MaxLength: 41 + AllowedPattern: ^[a-zA-Z0-9]*$ + LatestAmiId: + Type: AWS::SSM::Parameter::Value + Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2 + +Resources: + DataScienceBucket: + # not encrypted + Type: AWS::S3::Bucket + DeletionPolicy: Delete + Properties: + BucketName: !Sub "${AWS::AccountId}-${CompanyName}-${Environment}-data-science" + AccessControl: PublicRead + Tags: + - Key: Name + Value: !Sub "${AWS::AccountId}-${CompanyName}-${Environment}-data-science" From e3efcebe4403f7f76564e5cdacda4664df26dfdc Mon Sep 17 00:00:00 2001 From: "bridgecrew[bot]" <60663194+bridgecrew[bot]@users.noreply.github.com> Date: Sun, 14 Nov 2021 16:07:21 +0000 Subject: [PATCH 2/2] Bridgecrew bot fix for new.yaml --- new.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/new.yaml b/new.yaml index dd440d79..c2846b41 100644 --- a/new.yaml +++ b/new.yaml @@ -35,3 +35,7 @@ Resources: Tags: - Key: Name Value: !Sub "${AWS::AccountId}-${CompanyName}-${Environment}-data-science" + BucketEncryption: + ServerSideEncryptionConfiguration: + - ServerSideEncryptionByDefault: + SSEAlgorithm: AES256