AWS MQBroker version is not up to date
Description
This test examines the value of engine version for MQ, and flags if the version is less than the minimum required:
[source,text]
minimumActiveMQ = 5.16 minimumRabbitMQ = 3.8
Current versions supported can be found here:
https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.htmlhttps://docs.aws.amazon.com/amazon-mq/latest/developer-guide/rabbitmq-version-management.html
Code Example
go
resource "aws_mq_configuration" "example" {
description = "Example Configuration"
name = "example"
engine_type = "ActiveMQ"
+ engine_version = "5.17.1"
data = <<DATA
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<broker xmlns="http://activemq.apache.org/schema/core">
<plugins>
<forcePersistencyModeBrokerPlugin persistenceFlag="true"/>
<statisticsBrokerPlugin/>
<timeStampingBrokerPlugin ttlCeiling="86400000" zeroExpirationOverride="86400000"/>
</plugins>
</broker>
DATA
}Remediation
Terraform
Modify the engine version in either aws_mq_configuration or aws_mq_broker, to be higher or equal to the minimums:
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0256 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_AWS_208 |