Beta - Nifcloud LB use insecure TLS policy ID

Docs > Datadog Security > Code Security > Infrastructure as Code (IaC) Security > IaC Security Rules > Beta - Nifcloud LB use insecure TLS policy ID

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Metadata

Id: 944439c7-b4b8-476a-8f83-14641ea876ba

Cloud Provider: Nifcloud

Platform: Terraform

Severity: High

Category: Insecure Configurations

Learn More

Provider Reference

Description

The load balancer uses an insecure TLS policy. This rule flags nifcloud_load_balancer resources that either omit ssl_policy_id or set ssl_policy_id to an outdated policy identifier (1, 2, 3, 5, 8). Resources must use TLS v1.2+ for secure encryption.

Compliant Code Examples

resource "nifcloud_load_balancer" "negative" {
  load_balancer_name = "example"
  instance_port      = 443
  load_balancer_port = 443
  ssl_policy_id      = "4"
}

Non-Compliant Code Examples

resource "nifcloud_load_balancer" "positive" {
  load_balancer_name = "example"
  instance_port      = 443
  load_balancer_port = 443
  ssl_policy_name    = "1"
}

resource "nifcloud_load_balancer" "positive" {
  load_balancer_name = "example"
  instance_port      = 443
  load_balancer_port = 443
}