File tree Expand file tree Collapse file tree 3 files changed +14
-14
lines changed Expand file tree Collapse file tree 3 files changed +14
-14
lines changed Original file line number Diff line number Diff line change @@ -33,7 +33,7 @@ resource "aws_security_group_rule" "nat_instance_egress" {
3333 from_port = 0
3434 to_port = 0
3535 protocol = " -1"
36- cidr_blocks = " 0.0.0.0/0" # tfsec:ignore:AWS007
36+ cidr_blocks = " 0.0.0.0/0" # tfsec:ignore:aws-ec2-no-public-egress-sgr
3737 security_group_id = join (" " . nat_instance [* ]. id )
3838 type = " egress"
3939}
Original file line number Diff line number Diff line change @@ -100,10 +100,10 @@ resource "aws_network_acl_rule" "private4_ingress" {
100100 rule_number = . open_network_acl_ipv4_rule_number
101101
102102 egress = false
103- cidr_block = " 0.0.0.0/0"
103+ cidr_block = " 0.0.0.0/0" # tfsec:ignore:aws-ec2-no-public-ingress-acl
104104 from_port = 0
105105 to_port = 0
106- protocol = " -1"
106+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
107107}
108108
109109resource "aws_network_acl_rule" "private4_egress" {
@@ -117,7 +117,7 @@ resource "aws_network_acl_rule" "private4_egress" {
117117 cidr_block = " 0.0.0.0/0"
118118 from_port = 0
119119 to_port = 0
120- protocol = " -1"
120+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
121121}
122122
123123resource "aws_network_acl_rule" "private6_ingress" {
@@ -128,10 +128,10 @@ resource "aws_network_acl_rule" "private6_ingress" {
128128 rule_number = . open_network_acl_ipv6_rule_number
129129
130130 egress = false
131- ipv6_cidr_block = " ::/0"
131+ ipv6_cidr_block = " ::/0" # tfsec:ignore:aws-ec2-no-public-ingress-acl
132132 from_port = 0
133133 to_port = 0
134- protocol = " -1"
134+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
135135}
136136
137137resource "aws_network_acl_rule" "private6_egress" {
@@ -142,8 +142,8 @@ resource "aws_network_acl_rule" "private6_egress" {
142142 rule_number = . open_network_acl_ipv6_rule_number
143143
144144 egress = true
145- ipv6_cidr_block = " ::/0"
145+ ipv6_cidr_block = " ::/0" # tfsec:ignore:aws-ec2-no-excessive-port-access
146146 from_port = 0
147147 to_port = 0
148- protocol = " -1"
148+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
149149}
Original file line number Diff line number Diff line change @@ -111,10 +111,10 @@ resource "aws_network_acl_rule" "public4_ingress" {
111111 rule_number = . open_network_acl_ipv4_rule_number
112112
113113 egress = false
114- cidr_block = " 0.0.0.0/0"
114+ cidr_block = " 0.0.0.0/0" # tfsec:ignore:aws-ec2-no-public-ingress-acl
115115 from_port = 0
116116 to_port = 0
117- protocol = " -1"
117+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
118118}
119119
120120resource "aws_network_acl_rule" "public4_egress" {
@@ -128,7 +128,7 @@ resource "aws_network_acl_rule" "public4_egress" {
128128 cidr_block = " 0.0.0.0/0"
129129 from_port = 0
130130 to_port = 0
131- protocol = " -1"
131+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
132132}
133133
134134resource "aws_network_acl_rule" "public6_ingress" {
@@ -139,10 +139,10 @@ resource "aws_network_acl_rule" "public6_ingress" {
139139 rule_number = . open_network_acl_ipv6_rule_number
140140
141141 egress = false
142- ipv6_cidr_block = " ::/0"
142+ ipv6_cidr_block = " ::/0" # tfsec:ignore:aws-ec2-no-public-ingress-acl
143143 from_port = 0
144144 to_port = 0
145- protocol = " -1"
145+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
146146}
147147
148148resource "aws_network_acl_rule" "public6_egress" {
@@ -156,5 +156,5 @@ resource "aws_network_acl_rule" "public6_egress" {
156156 ipv6_cidr_block = " ::/0"
157157 from_port = 0
158158 to_port = 0
159- protocol = " -1"
159+ protocol = " -1" # tfsec:ignore:aws-ec2-no-excessive-port-access
160160}
You can’t perform that action at this time.
0 commit comments