github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/keyvault/specify_network_acl.tf.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/keyvault/specify_network_acl.tf.go (about)

     1  package keyvault
     2  
     3  var terraformSpecifyNetworkAclGoodExamples = []string{
     4  	`
     5   resource "azurerm_key_vault" "good_example" {
     6       name                        = "examplekeyvault"
     7       location                    = azurerm_resource_group.good_example.location
     8       enabled_for_disk_encryption = true
     9       soft_delete_retention_days  = 7
    10       purge_protection_enabled    = false
    11   
    12       network_acls {
    13           bypass = "AzureServices"
    14           default_action = "Deny"
    15       }
    16   }
    17   `,
    18  }
    19  
    20  var terraformSpecifyNetworkAclBadExamples = []string{
    21  	`
    22   resource "azurerm_key_vault" "bad_example" {
    23       name                        = "examplekeyvault"
    24       location                    = azurerm_resource_group.bad_example.location
    25       enabled_for_disk_encryption = true
    26       soft_delete_retention_days  = 7
    27       purge_protection_enabled    = false
    28   }
    29   `,
    30  }
    31  
    32  var terraformSpecifyNetworkAclLinks = []string{
    33  	`https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#network_acls`,
    34  }
    35  
    36  var terraformSpecifyNetworkAclRemediationMarkdown = ``