16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
60 lines
995 B
Plaintext
60 lines
995 B
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
== How to fix it
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,terraform]
|
|
----
|
|
resource "azurerm_role_definition" "example" { # Sensitive
|
|
name = "example"
|
|
scope = data.azurerm_subscription.primary.id
|
|
|
|
permissions {
|
|
actions = ["*"]
|
|
not_actions = []
|
|
}
|
|
|
|
assignable_scopes = [
|
|
data.azurerm_subscription.primary.id
|
|
]
|
|
}
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,terraform]
|
|
----
|
|
resource "azurerm_role_definition" "example" {
|
|
name = "example"
|
|
scope = data.azurerm_subscription.primary.id
|
|
|
|
permissions {
|
|
actions = ["Microsoft.Compute/*"]
|
|
not_actions = []
|
|
}
|
|
|
|
assignable_scopes = [
|
|
data.azurerm_subscription.primary.id
|
|
]
|
|
}
|
|
----
|
|
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
include::../highlighting.adoc[]
|
|
|
|
endif::env-github,rspecator-view[] |