rspec/ask-yourself.adoc at a1c8fa83dbaadaaf227aba437a02046efa37a1a5 - rspec - BuBaQ

ishangsf/rspec

github-actions[bot] f55da18555

Create rule S6381[terraform]: Assigning high privileges Azure Resource Manager built-in roles is security-sensitive (#583 )

* Create rule S6381

* Add rule description

* Apply suggestions from code review

Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>

Co-authored-by: pierre-loup-tristant-sonarsource <pierre-loup-tristant-sonarsource@users.noreply.github.com>
Co-authored-by: Pierre-Loup Tristant <pierre-loup.tristant@sonarsource.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Nils Werner <64034005+nils-werner-sonarsource@users.noreply.github.com>

2021-12-29 08:22:27 +00:00

5 lines

354 B

Plaintext

Raw Blame History

 == Ask Yourself Whether
 * The user, group, or service principal doesn't use the entirety of this extensive set of permissions to operate on a day-to-day basis.
 * It is possible to follow the Separation of Duties principle and split permissions between multiple users, but it's not enforced.
 There is a risk if you answered yes to any of these questions.