EMR Without VPC

  • Query id: 2b3c8a6d-9856-43e6-ab1d-d651094f03b4
  • Query name: EMR Without VPC
  • Platform: Terraform
  • Severity: Low
  • Category: Networking and Firewall
  • CWE: 284
  • URL: Github

Description

Elastic MapReduce Cluster (EMR) should be launched in a Virtual Private Cloud (VPC)
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "aws_emr_cluster" "positive1" {
  name          = "emr-test-arn"
  release_label = "emr-4.6.0"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "aws_emr_cluster" "negative1" {
  name          = "emr-test-arn"
  release_label = "emr-4.6.0"
  subnet_id = aws_subnet.main.id
}