MariaDB Server Public Network Access Enabled
- Query id: 7f0a8696-7159-4337-ad0d-8a3ab4a78195
- Query name: MariaDB Server Public Network Access Enabled
- Platform: Terraform
- Severity: High
- Category: Networking and Firewall
- CWE: 732
- URL: Github
Description¶
MariaDB Server Public Network Access should be disabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_mariadb_server" "positive" {
name = "example-mariadb-server"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
administrator_login = "mariadbadmin"
administrator_login_password = "H@Sh1CoR3!"
sku_name = "B_Gen5_2"
storage_mb = 5120
version = "10.2"
auto_grow_enabled = true
backup_retention_days = 7
geo_redundant_backup_enabled = false
public_network_access_enabled = true
ssl_enforcement_enabled = true
}
Positive test num. 2 - tf file
resource "azurerm_mariadb_server" "positive2" {
name = "example-mariadb-server"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
administrator_login = "mariadbadmin"
administrator_login_password = "H@Sh1CoR3!"
sku_name = "B_Gen5_2"
storage_mb = 5120
version = "10.2"
auto_grow_enabled = true
backup_retention_days = 7
geo_redundant_backup_enabled = false
ssl_enforcement_enabled = true
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_mariadb_server" "negative" {
name = "example-mariadb-server"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
administrator_login = "mariadbadmin"
administrator_login_password = "H@Sh1CoR3!"
sku_name = "B_Gen5_2"
storage_mb = 5120
version = "10.2"
auto_grow_enabled = true
backup_retention_days = 7
geo_redundant_backup_enabled = false
public_network_access_enabled = false
ssl_enforcement_enabled = true
}