rspec/recommended.adoc at b53aba6032f87e93b3fb7b51b2b95542eb15b076 - rspec - BuBaQ

ishangsf/rspec

github-actions[bot] d01eb2f856

Create rule S6405[terraform] Enabling project-wide SSH keys to access VM instances is security-sensitive (#720 )

* Create rule S6405

* init s6405

* fixes after review

* Add code highlighted tag to code example

Co-authored-by: eric-therond-sonarsource <eric-therond-sonarsource@users.noreply.github.com>
Co-authored-by: eric-therond-sonarsource <eric.therond@sonarsource.com>
Co-authored-by: Nils Werner <nils.werner@sonarsource.com>

2022-03-02 13:55:09 +00:00

4 lines

303 B

Plaintext

Raw Blame History

 == Recommended Secure Coding Practices
 * Block project-level SSH keys by setting the `metadata.block-project-ssh-keys` argument to `true`
 * Use https://cloud.google.com/compute/docs/instances/access-overview?_ga=2.125788746.-190863609.1642494607#oslogin[OSLogin] to benefit from managed access control.