github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/ec2/no_public_ingress_sgr.tf.go (about) 1 package ec2 2 3 var terraformNoPublicIngressSgrGoodExamples = []string{ 4 ` 5 resource "aws_security_group_rule" "good_example" { 6 type = "ingress" 7 cidr_blocks = ["10.0.0.0/16"] 8 } 9 `, 10 ` 11 resource "aws_security_group_rule" "allow_partner_rsync" { 12 type = "ingress" 13 security_group_id = aws_security_group.….id 14 from_port = 22 15 to_port = 22 16 protocol = "tcp" 17 cidr_blocks = [ 18 "1.2.3.4/32", 19 "4.5.6.7/32", 20 ] 21 } 22 `, 23 } 24 25 var terraformNoPublicIngressSgrBadExamples = []string{ 26 ` 27 resource "aws_security_group_rule" "bad_example" { 28 type = "ingress" 29 cidr_blocks = ["0.0.0.0/0"] 30 } 31 `, 32 } 33 34 var terraformNoPublicIngressSgrLinks = []string{ 35 `https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule#cidr_blocks`, 36 } 37 38 var terraformNoPublicIngressSgrRemediationMarkdown = ``