OSS Bucket Lifecycle Rule Disabled
- Query id: 7db8bd7e-9772-478c-9ec5-4bc202c5686f
- Query name: OSS Bucket Lifecycle Rule Disabled
- Platform: Terraform
- Severity: Low
- Category: Backup
- CWE: 664
- URL: Github
Description¶
OSS Bucket should have lifecycle rule enabled and set to true
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "alicloud_oss_bucket" "oss_bucket_lifecycle_enabled2" {
bucket = "bucket-170309-lifecycle"
acl = "public-read"
lifecycle_rule {
id = "rule-days"
prefix = "path1/"
enabled = false
expiration {
days = 365
}
}
lifecycle_rule {
id = "rule-date"
prefix = "path2/"
enabled = true
expiration {
date = "2018-01-12"
}
}
}
Positive test num. 2 - tf file
resource "alicloud_oss_bucket" "oss_bucket_lifecycle_enabled3" {
bucket = "bucket-170309-versioning"
acl = "private"
versioning {
status = "Enabled"
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "alicloud_oss_bucket" "oss_bucket_lifecycle_enabled1" {
bucket = "bucket-170309-lifecycle"
acl = "public-read"
lifecycle_rule {
id = "rule-days"
prefix = "path1/"
enabled = true
expiration {
days = 365
}
}
lifecycle_rule {
id = "rule-date"
prefix = "path2/"
enabled = true
expiration {
date = "2018-01-12"
}
}
}