Beta - Legacy Networks Do Not Exist For Older Google Projects
- Query id: 700f1049-7fa0-4cb0-971b-3efebfb6a91f
- Query name: Beta - Legacy Networks Do Not Exist For Older Google Projects
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- CWE: 276
- Risk score: 3.0
- URL: Github
Description¶
Legacy networks can have an impact for high network traffic projects and are subject to a single point of contention or failure.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "google_project" "positive1" {
name = "My Project"
project_id = "bad"
org_id = "1234567"
}
resource "google_compute_network" "vpc_network_network" {
name = "vpc-legacy"
auto_create_subnetworks = true
project = google_project.positive1.id
}
Positive test num. 2 - tf file
provider "google" {
project = "my-sample-project-12345"
region = "us-central1"
}
resource "google_project" "example_project" {
name = "example-project"
project_id = "my-sample-project-12345"
org_id = "123456789012"
}
resource "google_compute_network" "legacy_network" {
name = "legacy-network"
auto_create_subnetworks = true
}
Positive test num. 3 - tf file
provider "google-beta" {
project = "my-sample-project-12345"
region = "us-central1"
}
resource "google_project" "example_project" {
name = "example-project"
project_id = "my-sample-project-12345"
org_id = "123456789012"
}
resource "google_compute_network" "legacy_network" {
name = "legacy-network"
auto_create_subnetworks = true
}
Positive test num. 4 - tf file
Positive test num. 5 - tf file
Positive test num. 6 - tf file
provider "google-beta" {
project = "my-sample-project-12345"
region = "us-central1"
}
resource "google_project" "example_project" {
name = "example-project"
project_id = "my-sample-project-12345"
org_id = "123456789012"
}
resource "google_compute_network" "legacy_network" {
name = "legacy-network"
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "google_project" "negative1" {
name = "My Project"
project_id = "bad"
org_id = "1234567"
}
resource "google_compute_network" "vpc_network_network" {
name = "vpc-legacy"
auto_create_subnetworks = false
project = google_project.negative1.id
}
Negative test num. 2 - tf file
provider "google" {
project = "my-sample-project-12345"
region = "us-central1"
}
resource "google_project" "example_project" {
name = "example-project"
project_id = "my-sample-project-12345"
org_id = "123456789012"
}
resource "google_compute_network" "legacy_network" {
name = "legacy-network"
auto_create_subnetworks = false
}
Negative test num. 3 - tf file
provider "google-beta" {
project = "my-sample-project-12345"
region = "us-central1"
}
resource "google_project" "example_project" {
name = "example-project"
project_id = "my-sample-project-12345"
org_id = "123456789012"
}
resource "google_compute_network" "legacy_network" {
name = "legacy-network"
auto_create_subnetworks = false
}