github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/digitalocean/compute/no_public_ingress.tf.go (about) 1 package compute 2 3 var terraformNoPublicIngressGoodExamples = []string{ 4 ` 5 resource "digitalocean_firewall" "good_example" { 6 name = "only-22-80-and-443" 7 8 droplet_ids = [digitalocean_droplet.web.id] 9 10 inbound_rule { 11 protocol = "tcp" 12 port_range = "22" 13 source_addresses = ["192.168.1.0/24", "fc00::/7"] 14 } 15 } 16 `, 17 } 18 19 var terraformNoPublicIngressBadExamples = []string{ 20 ` 21 resource "digitalocean_firewall" "bad_example" { 22 name = "only-22-80-and-443" 23 24 droplet_ids = [digitalocean_droplet.web.id] 25 26 inbound_rule { 27 protocol = "tcp" 28 port_range = "22" 29 source_addresses = ["0.0.0.0/0", "::/0"] 30 } 31 } 32 `, 33 } 34 35 var terraformNoPublicIngressLinks = []string{ 36 `https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/firewall`, 37 } 38 39 var terraformNoPublicIngressRemediationMarkdown = ``