Firewall Rule Allows Too Many Hosts To Access Redis Cache

  • Query id: 69f72007-502e-457b-bd2d-5012e31ac049
  • Query name: Firewall Rule Allows Too Many Hosts To Access Redis Cache
  • Platform: Ansible
  • Severity: Medium
  • Category: Networking and Firewall
  • URL: Github

Description

Check if any firewall rule allows too many hosts to access Redis Cache.
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - yaml file
- name: too_many_hosts
  azure_rm_rediscachefirewallrule:
      resource_group: myResourceGroup
      cache_name: myRedisCache
      name: myRule
      start_ip_address: 192.168.1.1
      end_ip_address: 192.169.1.4

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
- name: reduced_hosts
  azure_rm_rediscachefirewallrule:
    resource_group: myResourceGroup
    cache_name: myRedisCache
    name: myRule
    start_ip_address: 192.168.1.1
    end_ip_address: 192.168.1.4