Network Watcher Flow Disabled
- Query id: b90842e5-6779-44d4-9760-972f4c03ba1c
- Query name: Network Watcher Flow Disabled
- Platform: Terraform
- Severity: High
- Category: Insecure Configurations
- URL: Github
Description¶
Check if enable field in the resource azurerm_network_watcher_flow_log is false.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_network_watcher_flow_log" "positive1" {
network_watcher_name = azurerm_network_watcher.test.name
resource_group_name = azurerm_resource_group.test.name
network_security_group_id = azurerm_network_security_group.test.id
storage_account_id = azurerm_storage_account.test.id
enabled = false
retention_policy {
enabled = true
days = 7
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_network_watcher_flow_log" "negative1" {
network_watcher_name = azurerm_network_watcher.test.name
resource_group_name = azurerm_resource_group.test.name
network_security_group_id = azurerm_network_security_group.test.id
storage_account_id = azurerm_storage_account.test.id
enabled = true
retention_policy {
enabled = true
days = 7
}
}