[Bug Fix] buckets.getAcl default value - Githubissues

advanced-security / codeql-extractor-iac

CodeQL Extractor, Library, and Queries for Infrastructure as Code

MIT License

34 stars 5 forks source link

[Bug Fix] buckets.getAcl default value #112

Closed HikaruEgashira closed 3 months ago

HikaruEgashira commented 5 months ago

Thank you for watching my PR.

I fixed tf/aws/storage-publicly-accessible because of aws_s3_bucket.acl default value is private.

Reference

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl

GeekMasher commented 4 months ago

@HikaruEgashira Can you update the test and remove the following line:

https://github.com/advanced-security/codeql-extractor-iac/blob/6e898dfe1af96fc1788b815437f73ba38d91fa8e/ql/test/queries-tests/Terraform/AWS/S3/PublicBucket/PublicBucket.expected#L2