github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/google/sql/no_public_access.tf.go (about)

     1  package sql
     2  
     3  var terraformNoPublicAccessGoodExamples = []string{
     4  	`
     5   resource "google_sql_database_instance" "postgres" {
     6   	name             = "postgres-instance-a"
     7   	database_version = "POSTGRES_11"
     8   	
     9   	settings {
    10   		tier = "db-f1-micro"
    11   	
    12   		ip_configuration {
    13   			ipv4_enabled = false
    14   			authorized_networks {
    15   				value           = "10.0.0.1/24"
    16   				name            = "internal"
    17   			}
    18   		}
    19   	}
    20   }
    21   			`,
    22  }
    23  
    24  var terraformNoPublicAccessBadExamples = []string{
    25  	`
    26   resource "google_sql_database_instance" "postgres" {
    27   	name             = "postgres-instance-a"
    28   	database_version = "POSTGRES_11"
    29   	
    30   	settings {
    31   		tier = "db-f1-micro"
    32   	
    33   		ip_configuration {
    34   			ipv4_enabled = false
    35   			authorized_networks {
    36   				value           = "108.12.12.0/24"
    37   				name            = "internal"
    38   			}
    39   	
    40   			authorized_networks {
    41   				value           = "0.0.0.0/0"
    42   				name            = "internet"
    43   			}
    44   		}
    45   	}
    46   }
    47   			`,
    48  }
    49  
    50  var terraformNoPublicAccessLinks = []string{
    51  	`https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance`,
    52  }
    53  
    54  var terraformNoPublicAccessRemediationMarkdown = ``