BOM - GCP PST

  • Query id: 9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8
  • Query name: BOM - GCP PST
  • Platform: GoogleDeploymentManager
  • Severity: Trace
  • Category: Bill Of Materials
  • CWE: 200
  • URL: Github

Description

A list of Pub/Sub Topic resources found. Cloud Pub/Sub is designed to provide reliable, many-to-many, asynchronous messaging between applications. Publisher applications can send messages to a 'topic' and other applications can subscribe to that topic to receive the messages.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
resources:
- type: pubsub.v1.topic
  name: topic-1
  properties:
    kmsKeyName: some key
    topic: classified-topic
- type: pubsub.v1.topic
  name: topic-2
  properties:
    topic: classified-topic

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
resources:
- name: vm-template4
  type: compute.v1.instance
  properties:
    zone: us-central1-a
    machineType: zones/us-central1-a/machineTypes/n1-standard-1
    disks:
    - deviceName: boot
      type: PERSISTENT
      boot: true
      autoDelete: true
      initializeParams:
        sourceImage: projects/debian-cloud/global/images/family/debian-9
      diskEncryptionKey:
        sha_256: 68b4caecf5d5130426a8b8f0222cdd7f31232b5c99a5bf0daf19099e26e2ec29
        rawKey: SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=
    networkInterfaces:
    - network: global/networks/default