github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/google/sql/no_public_access.tf.go (about) 1 package sql 2 3 var terraformNoPublicAccessGoodExamples = []string{ 4 ` 5 resource "google_sql_database_instance" "postgres" { 6 name = "postgres-instance-a" 7 database_version = "POSTGRES_11" 8 9 settings { 10 tier = "db-f1-micro" 11 12 ip_configuration { 13 ipv4_enabled = false 14 authorized_networks { 15 value = "10.0.0.1/24" 16 name = "internal" 17 } 18 } 19 } 20 } 21 `, 22 } 23 24 var terraformNoPublicAccessBadExamples = []string{ 25 ` 26 resource "google_sql_database_instance" "postgres" { 27 name = "postgres-instance-a" 28 database_version = "POSTGRES_11" 29 30 settings { 31 tier = "db-f1-micro" 32 33 ip_configuration { 34 ipv4_enabled = false 35 authorized_networks { 36 value = "108.12.12.0/24" 37 name = "internal" 38 } 39 40 authorized_networks { 41 value = "0.0.0.0/0" 42 name = "internet" 43 } 44 } 45 } 46 } 47 `, 48 } 49 50 var terraformNoPublicAccessLinks = []string{ 51 `https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance`, 52 } 53 54 var terraformNoPublicAccessRemediationMarkdown = ``