Variable Without Type
- Query id: fc5109bf-01fd-49fb-8bde-4492b543c34a
- Query name: Variable Without Type
- Platform: Terraform
- Severity: Info
- Category: Best Practices
- CWE: 710
- URL: Github
Description¶
All variables should contain a valid type.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
variable "cluster_name" {
default = "example"
description = "test"
}
resource "aws_eks_cluster" "positive1" {
depends_on = [aws_cloudwatch_log_group.example]
name = var.cluster_name
}
Positive test num. 2 - tf file
variable "cluster_name" {
default = "example"
type = " "
description = "test"
}
resource "aws_eks_cluster" "positive1" {
depends_on = [aws_cloudwatch_log_group.example]
name = var.cluster_name
}
Positive test num. 3 - tf file
variable "cluster_name" {
default = "example"
type = ""
description = "test"
}
resource "aws_eks_cluster" "positive1" {
depends_on = [aws_cloudwatch_log_group.example]
name = var.cluster_name
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
variable "cluster_name" {
default = "example"
description = "cluster name"
type = string
}
resource "aws_eks_cluster" "negative1" {
depends_on = [aws_cloudwatch_log_group.example]
enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
name = var.cluster_name
}