feat(terraform): handle public_network_access_enabled
for AVD-AZU-0012
#6459
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
scan/misconfiguration
Issues relating to misconfiguration scanning
Discussed in #6458
Originally posted by coin-op April 4, 2024
IDs
avd-azu-0012
Description
When deploying a storage account with public_network_access_enabled = true, trivy config scan on the raw files and the plan do not pick up that this should not be set.
If you then update the storage account and do a trivy scan of the plan the issue is picked up due to the json plan now having the default action of Allow on the network_rules.
Reproduction Steps
Target
Filesystem
Scanner
Misconfiguration
Target OS
Ubuntu 22.04
Debug Output
Version
Checklist
-f json
that shows data sources and confirmed that the security advisory in data sources was correctThe text was updated successfully, but these errors were encountered: