fix: AWS Policy for RDS public accessibility#2060
Merged
kodiakhq[bot] merged 4 commits intocloudquery:mainfrom Sep 26, 2022
tmuntaner:fix-rds-publicly-accessible-query
Merged
fix: AWS Policy for RDS public accessibility#2060kodiakhq[bot] merged 4 commits intocloudquery:mainfrom tmuntaner:fix-rds-publicly-accessible-query
kodiakhq[bot] merged 4 commits intocloudquery:mainfrom
tmuntaner:fix-rds-publicly-accessible-query
Conversation
Currently, if your RDS instance is publicly accessible, it passes the check to verify it's not. If it's not publicly accessible, it fails as a false negative. This should be fixed to prevent a bad policy check.
disq
approved these changes
Sep 26, 2022
hermanschaaf
approved these changes
Sep 26, 2022
Contributor
hermanschaaf
left a comment
There was a problem hiding this comment.
Thank you for the contribution @tmuntaner! LGTM
yevgenypats
pushed a commit
that referenced
this pull request
Sep 26, 2022
🤖 I have created a release *beep* *boop* --- ## [0.15.0-pre.0](plugins-source-aws-v0.14.2-pre.0...plugins-source-aws-v0.15.0-pre.0) (2022-09-26) ### Features * Add first draft of AWS v2 migration guide ([#1992](#1992)) ([6acae93](6acae93)) * Provide a decoded policy document field inside aws_iam_policies.policy_version_list ([#2020](#2020)) ([e7c51e1](e7c51e1)) ### Bug Fixes * Add missing fields to aws_iam_policies ([#2005](#2005)) ([24a22cb](24a22cb)) * Autofilling aws plugin default config values ([#1935](#1935)) ([ddb98a1](ddb98a1)) * AWS EBS Snapshots attributes column type ([#2075](#2075)) ([30ca062](30ca062)) * AWS EBS Snapshots attributes column type (take two) ([#2077](#2077)) ([899771b](899771b)) * AWS Policy for RDS public accessibility ([#2060](#2060)) ([9cde8a0](9cde8a0)) * AWS redshift cluster parameters ([#2063](#2063)) ([9b9ff9d](9b9ff9d)), closes [#1979](#1979) * **deps:** Update module github.com/cloudquery/plugin-sdk to v0.7.13 ([#1954](#1954)) ([2ee4718](2ee4718)) * **deps:** Update module github.com/cloudquery/plugin-sdk to v0.8.0 ([#1997](#1997)) ([4fa40da](4fa40da)) * **deps:** Update module github.com/cloudquery/plugin-sdk to v0.8.1 ([#2024](#2024)) ([8f88de4](8f88de4)) * **deps:** Update module github.com/cloudquery/plugin-sdk to v0.8.2 ([#2044](#2044)) ([9b69b46](9b69b46)) * Fix applicationautoscaling multiplexing (v2) ([#2009](#2009)) ([4ea6026](4ea6026)) * Fix columns of aws_iam_openid_connect_identity_providers (v2) ([#2001](#2001)) ([d378672](d378672)) * Remove underscores in ec_2, s_3 and others ([#1998](#1998)) ([0df193f](0df193f)) * Update endpoints ([#2019](#2019)) ([0e83552](0e83552)) * Update endpoints ([#2037](#2037)) ([4719ca4](4719ca4)) * Update endpoints ([#2080](#2080)) ([889bef2](889bef2)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Currently, if your RDS instance is publicly accessible, it passes the check to verify that it's not. If it's not publicly accessible, it fails as a false negative.
This should be fixed to prevent a bad policy check.
Use the following steps to ensure your PR is ready to be reviewed
go fmtto format your code 🖊golangci-lint run🚨 (install golangci-lint here)