Security group rule does not have a description

In the code example security group rule does not have a description

 resource "aws_security_group" "insecure_example" {
   name        = "http"

   ingress {
     from_port   = 80
     to_port     = 80
     protocol    = "tcp"
     cidr_blocks = [aws_vpc.main.cidr_block]
   }
 }

Why it's vulnerable?

Security group rules should include a description for auditing purposes. Simplifies auditing, debugging, and managing security groups. Descriptions provide context for the firewall rule reasons.

How to fix?

Add descriptions for all security groups rules

 resource "aws_security_group" "secure_example" {
   name        = "http"
   description = "Allow inbound HTTP traffic"

   ingress {
     description = "HTTP from VPC"
     from_port   = 80
     to_port     = 80
     protocol    = "tcp"
     cidr_blocks = [aws_vpc.main.cidr_block]
   }
 }

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

rule_description.md

rule_description.md

Security group rule does not have a description

Why it's vulnerable?

How to fix?

Files

rule_description.md

Latest commit

History

rule_description.md

File metadata and controls

Security group rule does not have a description

Why it's vulnerable?

How to fix?