Nifcloud Computing Undefined Description To Security Group Rule

  • Query id: e4610872-0b1c-4fb7-ab57-d81c0afdb291
  • Query name: Nifcloud Computing Undefined Description To Security Group Rule
  • Platform: Terraform
  • Severity: Info
  • Category: Best Practices
  • CWE: 665
  • URL: Github

Description

It's considered a best practice for Security Group Rules to have a description
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "nifcloud_security_group_rule" "positive" {
  security_group_names = ["http"]
  type                 = "IN"
  from_port            = 80
  to_port              = 80
  protocol             = "TCP"
  cidr_ip              = nifcloud_private_lan.main.cidr_block
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "nifcloud_security_group_rule" "negative" {
  security_group_names = ["http"]
  type                 = "IN"
  description          = "HTTP from VPC"
  from_port            = 80
  to_port              = 80
  protocol             = "TCP"
  cidr_ip              = nifcloud_private_lan.main.cidr_block
}