Feature Request: rule for specifying allowed registries

terraform-linters / tflint-ruleset-terraform

TFLint ruleset for Terraform Language

Mozilla Public License 2.0

65 stars 24 forks source link

Feature Request: rule for specifying allowed registries #120

Closed rwlodarczyk-xealth closed 1 year ago

rwlodarczyk-xealth commented 1 year ago

From a security perspective, esp. supply-chain attack vectors, having a rule that checks which Terraform module registries are allowed for use would be beneficial.

bendrucker commented 1 year ago

Same story as https://github.com/terraform-linters/tflint-ruleset-terraform/issues/121#issuecomment-1690616596. A fine idea, but not in scope. You'll have to implement your own ruleset.