OSS Bucket Has Static Website

• Query id: 2b13c6ff-b87a-484d-86fd-21ef6e97d426
• Query name: OSS Bucket Has Static Website
• Platform: Terraform
• Severity: High
• Category: Insecure Configurations
• URL: Github

Description

Checks if any static websties are hosted on buckets. Be aware of any website you are running.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file

resource "alicloud_oss_bucket" "bucket-website1" {
  bucket = "bucket-1-website"

  website {
    index_document = "index.html"
    error_document = "error.html"
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "alicloud_oss_bucket" "bucket-acl1" {
  bucket = "bucket-1-acl"
  acl    = "private"
}