Cosmos DB Account Without Tags

  • Query id: 56dad03e-e94f-4dd6-93a4-c253a03ff7a0
  • Query name: Cosmos DB Account Without Tags
  • Platform: Terraform
  • Severity: Medium
  • Category: Build Process
  • URL: Github

Description

Cosmos DB Account must have a mapping of tags.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "azurerm_cosmosdb_account" "positive1" {
  name                = "tfex-cosmos-db-${random_integer.ri.result}"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  offer_type          = "Standard"
  kind                = "GlobalDocumentDB"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "azurerm_cosmosdb_account" "negative1" {
  name                = "tfex-cosmos-db-${random_integer.ri.result}"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  offer_type          = "Standard"
  kind                = "GlobalDocumentDB"
  tags                = "tag_1"
}