Nifcloud VPN Gateway Undefined Security Group

• Query id: b3535a48-910c-47f8-8b3b-14222f29ef80
• Query name: Nifcloud VPN Gateway Undefined Security Group
• Platform: Terraform
• Severity: High
• Category: Networking and Firewall
• CWE: 285
• URL: Github

Description

Missing security group for VPN gateway
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file

resource "nifcloud_vpn_gateway" "positive" {
  network_interface {
    network_id = "net-COMMON_GLOBAL"
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "nifcloud_vpn_gateway" "negative" {
  security_group  = nifcloud_security_group.example.group_name

  network_interface {
    network_id = "net-COMMON_GLOBAL"
  }
}