NAS File System Not Encrypted

• Query id: 67bfdff1-31ce-4525-b564-e94368735360
• Query name: NAS File System Not Encrypted
• Platform: Terraform
• Severity: High
• Category: Encryption
• CWE: 311
• URL: Github

Description

NAS File System must be encrypted
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file

resource "alicloud_nas_file_system" "foopos" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
  encrypt_type  = "0"
}

Positive test num. 2 - tf file

resource "alicloud_nas_file_system" "foopos2" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "alicloud_nas_file_system" "foo" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
  encrypt_type  = "1"
}

Negative test num. 2 - tf file

resource "alicloud_nas_file_system" "foo2" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
  encrypt_type  = "2"
}