ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6329/recommended.adoc
Loris S c02499a371
Modify rule S6329: Turn into generic rule (#655) 
* Create rule S6392

* Add first draft

* improve title

* add last commit to this PR regarding public network access

* add metadata tags

* changed title

* converted ask yourself into generic cloud

* converted description into generic cloud

* moved aws links to see

* converted recommended to generic cloud

* convertion of recommended -- added a special case

* add cwe

* add note in recommended section, not sure about this one

* add another cwe

* add first version of rule conversion

* final rule version

* removed leftover code

* Update rules/S6329/description.adoc

Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>

* Update rules/S6329/terraform/rule.adoc

Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>

* changed case for bulleted list

* improved specs after review

* removed potential confusion

* changed company<->organization

* Update rules/S6329/ask-yourself.adoc

Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>

* Update rules/S6329/description.adoc

Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>

Co-authored-by: loris-s-sonarsource <loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
Co-authored-by: Nils Werner <64034005+nils-werner-sonarsource@users.noreply.github.com>
2022-02-07 10:00:36 +00:00

14 lines
609 B
Plaintext
Raw Permalink Blame History

== Recommended Secure Coding Practices
Avoid publishing cloud services on the Internet unless they are intended to be
publicly accessible, such as customer portals or e-commerce sites.
Use private networks (and associated private IP addresses) and VPC peering or
other secure communication tunnels to communicate with other cloud components.
The goal is to prevent the component from intercepting traffic coming in via
the public IP address.
If the cloud resource does not support the absence of a public IP address,
assign a public IP address to it, but do not create listeners for the public IP
address.
Reference in New Issue View Git Blame Copy Permalink