SECURITY RISK: Google Compute Regional Security Policy doesn't implement default deny - Githubissues

hashicorp / terraform-cdk

Define infrastructure resources using programming constructs and provision them using HashiCorp Terraform

https://www.terraform.io/cdktf

Mozilla Public License 2.0

4.79k stars 441 forks source link

SECURITY RISK: Google Compute Regional Security Policy doesn't implement default deny #3636

Closed cyber-francis closed 3 weeks ago

cyber-francis commented 1 month ago

Description

GOOGLE COMPUTE REGIONAL SECURITY POLICY POLICY doesn't implement default deny, instead it implements default allow which is a security risk

References

N/A

Help Wanted

[ ] I'm interested in contributing a fix myself

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

ansgarm commented 3 weeks ago

Hi @cyber-francis 👋

The bindings for CDKTF are generated based on the underlying Terraform providers. In this case, you'd need to raise this with the underlying google Terraform provider here.

I'm going to close this issue, as there's nothing the CDKTF can do about this.