github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/compute/no_secrets_in_custom_data.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/compute/no_secrets_in_custom_data.tf.go (about)

     1  package compute
     2  
     3  var terraformNoSecretsInCustomDataGoodExamples = []string{
     4  	`
     5   resource "azurerm_virtual_machine" "good_example" {
     6   	name = "good_example"
     7  	os_profile_linux_config {
     8  		disable_password_authentication = false
     9  	}
    10  	os_profile {
    11  		custom_data =<<EOF
    12  			export GREETING="Hello there"
    13  			EOF
    14  	}
    15   }
    16   `,
    17  }
    18  
    19  var terraformNoSecretsInCustomDataBadExamples = []string{
    20  	`
    21   resource "azurerm_virtual_machine" "bad_example" {
    22   	name = "bad_example"
    23  	os_profile_linux_config {
    24  		disable_password_authentication = false
    25  	}
    26  	os_profile {
    27  		custom_data =<<EOF
    28  			export DATABASE_PASSWORD=\"SomeSortOfPassword\"
    29  			EOF
    30  	}
    31   }
    32   `,
    33  }
    34  
    35  var terraformNoSecretsInCustomDataLinks = []string{
    36  	`https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#custom_data`,
    37  }
    38  
    39  var terraformNoSecretsInCustomDataRemediationMarkdown = ``