Beta - CDB instance internet using default intranet port
This product is not supported for your selected
Datadog site. (
).
Id: 18d6aa4b-7570-4d95-9c75-90363ef1abd9
Cloud Provider: TencentCloud
Platform: Terraform
Severity: Low
Category: Insecure Configurations
Learn More
Description
CDB instances should not use the default intranet port. The tencentcloud_mysql_instance resource must set the intranet_port attribute, and it must not be set to 3306. This rule flags resources where intranet_port is either missing or explicitly set to 3306.
Compliant Code Examples
data "tencentcloud_availability_zones_by_product" "zones" {
product = "cdb"
}
resource "tencentcloud_vpc" "vpc" {
name = "vpc-mysql"
cidr_block = "10.0.0.0/16"
}
resource "tencentcloud_subnet" "subnet" {
availability_zone = data.tencentcloud_availability_zones_by_product.zones.zones.0.name
name = "subnet-mysql"
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = "10.0.0.0/16"
is_multicast = false
}
resource "tencentcloud_security_group" "security_group" {
name = "sg-mysql"
description = "mysql test"
}
resource "tencentcloud_mysql_instance" "example" {
engine_version = "5.7"
charge_type = "POSTPAID"
slave_deploy_mode = 0
availability_zone = data.tencentcloud_availability_zones_by_product.zones.zones.0.name
slave_sync_mode = 1
instance_name = "tf-example-mysql"
mem_size = 4000
volume_size = 200
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.subnet.id
intranet_port = 3307
security_groups = [tencentcloud_security_group.security_group.id]
tags = {
name = "test"
}
parameters = {
character_set_server = "utf8"
max_connections = "1000"
}
}
Non-Compliant Code Examples
data "tencentcloud_availability_zones_by_product" "zones" {
product = "cdb"
}
resource "tencentcloud_vpc" "vpc" {
name = "vpc-mysql"
cidr_block = "10.0.0.0/16"
}
resource "tencentcloud_subnet" "subnet" {
availability_zone = data.tencentcloud_availability_zones_by_product.zones.zones.0.name
name = "subnet-mysql"
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = "10.0.0.0/16"
is_multicast = false
}
resource "tencentcloud_security_group" "security_group" {
name = "sg-mysql"
description = "mysql test"
}
resource "tencentcloud_mysql_instance" "example" {
engine_version = "5.7"
charge_type = "POSTPAID"
slave_deploy_mode = 0
availability_zone = data.tencentcloud_availability_zones_by_product.zones.zones.0.name
slave_sync_mode = 1
instance_name = "tf-example-mysql"
mem_size = 4000
volume_size = 200
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.subnet.id
security_groups = [tencentcloud_security_group.security_group.id]
tags = {
name = "test"
}
parameters = {
character_set_server = "utf8"
max_connections = "1000"
}
}
data "tencentcloud_availability_zones_by_product" "zones" {
product = "cdb"
}
resource "tencentcloud_vpc" "vpc" {
name = "vpc-mysql"
cidr_block = "10.0.0.0/16"
}
resource "tencentcloud_subnet" "subnet" {
availability_zone = data.tencentcloud_availability_zones_by_product.zones.zones.0.name
name = "subnet-mysql"
vpc_id = tencentcloud_vpc.vpc.id
cidr_block = "10.0.0.0/16"
is_multicast = false
}
resource "tencentcloud_security_group" "security_group" {
name = "sg-mysql"
description = "mysql test"
}
resource "tencentcloud_mysql_instance" "example" {
engine_version = "5.7"
charge_type = "POSTPAID"
slave_deploy_mode = 0
availability_zone = data.tencentcloud_availability_zones_by_product.zones.zones.0.name
slave_sync_mode = 1
instance_name = "tf-example-mysql"
mem_size = 4000
volume_size = 200
vpc_id = tencentcloud_vpc.vpc.id
subnet_id = tencentcloud_subnet.subnet.id
intranet_port = 3306
security_groups = [tencentcloud_security_group.security_group.id]
tags = {
name = "test"
}
parameters = {
character_set_server = "utf8"
max_connections = "1000"
}
}
