Name Is Not Snake Case
- Query id: 1e434b25-8763-4b00-a5ca-ca03b7abbb66
- Query name: Name Is Not Snake Case
- Platform: Terraform
- Severity: Info
- Category: Best Practices
- CWE: 710
- URL: Github
Description¶
All names should follow snake case pattern.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
variable "cluster_name" {
default = "example"
description = "cluster name"
type = string
}
resource "aws_eks_cluster" "positiveExample" {
depends_on = [aws_cloudwatch_log_group.example]
enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
name = var.cluster_name
}
module "acm" {
source = "terraform-aws-modules/acm/aws"
version = "~> v2.0"
domain_name = var.site_domain
zone_id = data.aws_route53_zone.this.zone_id
tags = var.tags
providers = {
aws = aws.us_east_1 # cloudfront needs acm certificate to be from "us-east-1" region
}
}
Positive test num. 2 - tf file
variable "cluster_name" {
default = "example"
description = "cluster name"
type = string
}
resource "aws_eks_cluster" "positive2" {
depends_on = [aws_cloudwatch_log_group.example]
enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
name = var.cluster_name
}
module "ACMPositive2" {
source = "terraform-aws-modules/acm/aws"
version = "~> v2.0"
domain_name = var.site_domain
zone_id = data.aws_route53_zone.this.zone_id
tags = var.tags
providers = {
aws = aws.us_east_1 # cloudfront needs acm certificate to be from "us-east-1" region
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
variable "cluster_name" {
default = "example"
description = "cluster name"
type = string
}
module "acm" {
source = "terraform-aws-modules/acm/aws"
version = "~> v2.0"
domain_name = var.site_domain
zone_id = data.aws_route53_zone.this.zone_id
tags = var.tags
providers = {
aws = aws.us_east_1 # cloudfront needs acm certificate to be from "us-east-1" region
}
}
resource "aws_eks_cluster" "negative1" {
depends_on = [aws_cloudwatch_log_group.example]
enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
name = var.cluster_name
}