Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Describe the issue
Check CKV_GCP_76 will error if stack_type is not present. For example the default stack_type is IPV4_ONLY however checkov will error with a CKV_GCP_76. But when I specifically set the default stack_type in my IAC I no longer get the issue. I would expect by default if no stack_type is specified then CKV_GCP_76 should not be checked.
Examples
resource "google_compute_subnetwork" "subnetwork" {
name = "name"
ip_cidr_range = "10.0.0.0/28"
network = google_compute_network.vpc.self_link
region = var.region
private_ip_google_access = true
}
Describe the issue Check
CKV_GCP_76
will error if stack_type is not present. For example the default stack_type isIPV4_ONLY
however checkov will error with aCKV_GCP_76
. But when I specifically set the default stack_type in my IAC I no longer get the issue. I would expect by default if no stack_type is specified thenCKV_GCP_76
should not be checked.Examples
Results in
And
Results in no check being undertaken
Version (please complete the following information): 3.2.130
Additional context