NAS File System Not Encrypted

  • Query id: 67bfdff1-31ce-4525-b564-e94368735360
  • Query name: NAS File System Not Encrypted
  • Platform: Terraform
  • Severity: High
  • Category: Encryption
  • CWE: 311
  • URL: Github

Description

NAS File System must be encrypted
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "alicloud_nas_file_system" "foopos" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
  encrypt_type  = "0"
}
Positive test num. 2 - tf file
resource "alicloud_nas_file_system" "foopos2" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "alicloud_nas_file_system" "foo" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
  encrypt_type  = "1"
}
Negative test num. 2 - tf file
resource "alicloud_nas_file_system" "foo2" {
  protocol_type = "NFS"
  storage_type  = "Performance"
  description   = "tf-testAccNasConfig"
  encrypt_type  = "2"
}