ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6265/terraform/rule.adoc

41 lines
900 B
Plaintext
Raw Normal View History

Add new IAAS-related rules
2021-05-21 18:34:30 +02:00
include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
All users (ie: anyone in the world authenticated or not) have read and write permissions with the ``++public-read-write++`` access control:
----
resource "aws_s3_bucket" "mynoncompliantbucket" { # Sensitive
bucket = "mynoncompliantbucketname"
acl = "public-read-write"
}
----
== Compliant Solution
With the ``++private++`` access control (default), only the bucket owner has the read/write permissions on the buckets and its ACL.
RULEAPI-661: Add syntax coloring
2022-02-04 17:28:24 +01:00
[source,terraform]
Add new IAAS-related rules
2021-05-21 18:34:30 +02:00
----
resource "aws_s3_bucket" "mycompliantbucket" { # Compliant
bucket = "mycompliantbucketname"
acl = "private"
}
----
include::../see.adoc[]
Make sure that includes are always surrounded by empty lines (#2270) When an include is not surrounded by empty lines, its content is inlined on the same line as the adjacent content. That can lead to broken tags and other display issues. This PR fixes all such includes and introduces a validation step that forbids introducing the same problem again.
2023-06-22 10:38:01 +02:00
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346)
2021-09-20 15:38:42 +02:00
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
endif::env-github,rspecator-view[]
Reference in New Issue Copy Permalink