ROS Stack Retention Disabled
- Query id: 4bb06fa1-2114-4a00-b7b5-6aeab8b896f0
- Query name: ROS Stack Retention Disabled
- Platform: Terraform
- Severity: Medium
- Category: Backup
- CWE: 788
- URL: Github
Description¶
The retain_stacks should be enabled to keep the Stack upon deleting the stack instance from the stack group
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "alicloud_ros_stack_instance" "example" {
stack_group_name = alicloud_ros_stack_group.example.stack_group_name
stack_instance_account_id = "example_value"
stack_instance_region_id = data.alicloud_ros_regions.example.regions.0.region_id
operation_preferences = "{\"FailureToleranceCount\": 1, \"MaxConcurrentCount\": 2}"
retain_stacks = false
parameter_overrides {
parameter_value = "VpcName"
parameter_key = "VpcName"
}
}
Positive test num. 2 - tf file
resource "alicloud_ros_stack_instance" "example" {
stack_group_name = alicloud_ros_stack_group.example.stack_group_name
stack_instance_account_id = "example_value"
stack_instance_region_id = data.alicloud_ros_regions.example.regions.0.region_id
operation_preferences = "{\"FailureToleranceCount\": 1, \"MaxConcurrentCount\": 2}"
parameter_overrides {
parameter_value = "VpcName"
parameter_key = "VpcName"
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "alicloud_ros_stack_instance" "example" {
stack_group_name = alicloud_ros_stack_group.example.stack_group_name
stack_instance_account_id = "example_value"
stack_instance_region_id = data.alicloud_ros_regions.example.regions.0.region_id
operation_preferences = "{\"FailureToleranceCount\": 1, \"MaxConcurrentCount\": 2}"
retain_stacks = true
parameter_overrides {
parameter_value = "VpcName"
parameter_key = "VpcName"
}
}