Beta - Nifcloud router undefined security group to router

Docs > Datadog Security > Code Security > Infrastructure as Code (IaC) Security > IaC Security Rules > Beta - Nifcloud router undefined security group to router

Metadata

Id: e7dada38-af20-4899-8955-dabea84ab1f0

Cloud Provider: Nifcloud

Platform: Terraform

Severity: High

Category: Networking and Firewall

Learn More

Provider Reference

Description

nifcloud_router resources must include a security_group attribute. Routers without a security_group lack explicit network access controls and may be insecure. This rule flags any nifcloud_router missing security_group and reports attributes: documentId, resourceType, resourceName, searchKey, issueType, keyExpectedValue, keyActualValue.

Compliant Code Examples

resource "nifcloud_router" "negative" {
  security_group = nifcloud_security_group.router.group_name

  network_interface {
    network_id = "net-COMMON_GLOBAL"
  }
}

Non-Compliant Code Examples

resource "nifcloud_router" "positive" {
  network_interface {
    network_id = "net-COMMON_GLOBAL"
  }
}