Cosmos DB Account Without Tags

• Query id: 23a4dc83-4959-4d99-8056-8e051a82bc1e
• Query name: Cosmos DB Account Without Tags
• Platform: Ansible
• Severity: Low
• Category: Build Process
• CWE: 665
• URL: Github

Description

Cosmos DB Account must have a mapping of tags.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file

---
- name: Create Cosmos DB Account - min
  azure_rm_cosmosdbaccount:
    resource_group: myResourceGroup
    name: myDatabaseAccount
    location: westus
    geo_rep_locations:
      - name: southcentralus
        failover_priority: 0
    database_account_offer_type: Standard

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

- name: Create Cosmos DB Account - min
  azure_rm_cosmosdbaccount:
    resource_group: myResourceGroup
    name: myDatabaseAccount
    location: westus
    geo_rep_locations:
    - name: southcentralus
      failover_priority: 0
    database_account_offer_type: Standard
    tags:
      t1: t1
      t2: t2