VPC Flow Logs Disabled
- Query id: d2731f3d-a992-44ed-812e-f4f1c2747d71
- Query name: VPC Flow Logs Disabled
- Platform: Terraform
- Severity: Medium
- Category: Observability
- CWE: 778
- URL: Github
Description¶
Every VPC resource should have an associated Flow Log
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "alicloud_vpc" "main" {
cidr_block = "192.168.0.0/24"
name = var.name
}
resource "alicloud_vpc_flow_log" "default" {
depends_on = ["alicloud_vpc.default"]
resource_id = alicloud_vpc.default.id
resource_type = "VPC"
traffic_type = "All"
log_store_name = var.log_store_name
project_name = var.project_name
flow_log_name = var.name
status = "Active"
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "alicloud_vpc" "main" {
cidr_block = "192.168.0.0/24"
name = var.name
}
resource "alicloud_vpc_flow_log" "default" {
depends_on = ["alicloud_vpc.main"]
resource_id = alicloud_vpc.main.id
resource_type = "VPC"
traffic_type = "All"
log_store_name = var.log_store_name
project_name = var.project_name
flow_log_name = var.name
status = "Active"
}