github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/digitalocean/compute/no_public_egress.tf.go (about) 1 package compute 2 3 var terraformNoPublicEgressGoodExamples = []string{ 4 ` 5 resource "digitalocean_firewall" "good_example" { 6 name = "only-22-80-and-443" 7 8 droplet_ids = [digitalocean_droplet.web.id] 9 10 outbound_rule { 11 protocol = "tcp" 12 port_range = "22" 13 destination_addresses = ["192.168.1.0/24", "fc00::/7"] 14 } 15 } 16 `, 17 } 18 19 var terraformNoPublicEgressBadExamples = []string{ 20 ` 21 resource "digitalocean_firewall" "bad_example" { 22 name = "only-22-80-and-443" 23 24 droplet_ids = [digitalocean_droplet.web.id] 25 26 outbound_rule { 27 protocol = "tcp" 28 port_range = "22" 29 destination_addresses = ["0.0.0.0/0", "::/0"] 30 } 31 } 32 `, 33 } 34 35 var terraformNoPublicEgressLinks = []string{ 36 `https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/firewall`, 37 } 38 39 var terraformNoPublicEgressRemediationMarkdown = ``