Nifcloud Computing Undefined Description To Security Group Rule

Query id: e4610872-0b1c-4fb7-ab57-d81c0afdb291
Query name: Nifcloud Computing Undefined Description To Security Group Rule
Platform: Terraform
Severity: Info
Category: Best Practices
CWE: 665
URL: Github

Description¶

It's considered a best practice for Security Group Rules to have a description
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Positive test num. 1 - tf file

resource "nifcloud_security_group_rule" "positive" {
  security_group_names = ["http"]
  type                 = "IN"
  from_port            = 80
  to_port              = 80
  protocol             = "TCP"
  cidr_ip              = nifcloud_private_lan.main.cidr_block
}

Code samples without security vulnerabilities¶

Negative test num. 1 - tf file

resource "nifcloud_security_group_rule" "negative" {
  security_group_names = ["http"]
  type                 = "IN"
  description          = "HTTP from VPC"
  from_port            = 80
  to_port              = 80
  protocol             = "TCP"
  cidr_ip              = nifcloud_private_lan.main.cidr_block
}