rspec/ask-yourself.adoc at rule/S2479-add-rust - rspec - BuBaQ

ishangsf/rspec

github-actions[bot] 448fb50aed

Create rule S6387[terraform]: Azure role assignments that grant access to all resources of a subscription are security-sensitive (#622 )

* Create rule S6387

* Add rule description

* Apply suggestions from code review

Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>

* Fix typo in highlighting.adoc filename

Co-authored-by: pierre-loup-tristant-sonarsource <pierre-loup-tristant-sonarsource@users.noreply.github.com>
Co-authored-by: Pierre-Loup Tristant <pierre-loup.tristant@sonarsource.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Nils Werner <64034005+nils-werner-sonarsource@users.noreply.github.com>

2022-01-04 11:02:05 +00:00

7 lines

354 B

Plaintext

Raw Permalink Blame History

 == Ask Yourself Whether
 * The user, group, or service principal doesn't use the entirety of the resources in the scope to operate on a day-to-day basis.
 * It is possible to follow the Separation of Duties principle and split the scope into multiple role assignments with a narrower scope.
 There is a risk if you answered yes to any of these questions.