BOM - GCP PD
- Query id: 268c65a8-58ad-43e4-9019-1a9bbc56749f
- Query name: BOM - GCP PD
- Platform: GoogleDeploymentManager
- Severity: Trace
- Category: Bill Of Materials
- URL: Github
Description¶
A list of Persistent Disk resources found. Persistent Disk is Google's local durable storage service, fully integrated with Google Cloud products, Compute Engine and Google Kubernetes Engine.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
resources:
- type: compute.v1.disk
name: disk-1-data
properties:
sizeGb: 10
zone: us-east1-c
diskEncryptionKey:
sha_256: 68b4caecf5d5130426a8b8f0222cdd7f31232b5c99a5bf0daf19099e26e2ec29
rawKey: SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=
- type: compute.v1.disk
name: disk-2-data
properties:
sizeGb: 10
zone: us-east1-c
diskEncryptionKey:
sha_256: 68b4caecf5d5130426a8b8f0222cdd7f31232b5c99a5bf0daf19099e26e2ec29
kmsKeyName: disk-crypto-key
- type: compute.v1.disk
name: disk-3-data
properties:
sizeGb: 10
zone: us-east1-c
- type: compute.v1.disk
name: disk-4-data
properties:
sizeGb: 10
zone: us-east1-c
diskEncryptionKey:
sha_256: 68b4caecf5d5130426a8b8f0222cdd7f31232b5c99a5bf0daf19099e26e2ec29
- type: compute.v1.disk
name: disk-5-data
properties:
sizeGb: 10
zone: us-east1-c
diskEncryptionKey:
sha_256: 68b4caecf5d5130426a8b8f0222cdd7f31232b5c99a5bf0daf19099e26e2ec29
rawKey: ""
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
resources:
- name: vm-template4
type: compute.v1.instance
properties:
zone: us-central1-a
machineType: zones/us-central1-a/machineTypes/n1-standard-1
disks:
- deviceName: boot
type: PERSISTENT
boot: true
autoDelete: true
initializeParams:
sourceImage: projects/debian-cloud/global/images/family/debian-9
diskEncryptionKey:
sha_256: 68b4caecf5d5130426a8b8f0222cdd7f31232b5c99a5bf0daf19099e26e2ec29
rawKey: SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=
networkInterfaces:
- network: global/networks/default