terraform-google-lb-internal icon indicating copy to clipboard operation
terraform-google-lb-internal copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

Firewall rule fails open if no sources specified

Open DeanBrunt opened this issue 5 years ago • 3 comments

The firewall for this module fails open (to range 0.0.0.0/0) if no sources are specified.

This is concerning as it leaves unaware users of this module one step away from opening their load balancer to traffic from anywhere, possibly without realising.

DeanBrunt avatar Sep 04 '20 13:09 DeanBrunt

We should add a check that that some source type is required.

morgante avatar Sep 04 '20 20:09 morgante

This looks to be represented upstream as well: https://github.com/hashicorp/terraform-provider-google/issues/6789

DeanBrunt avatar Sep 09 '20 09:09 DeanBrunt

I got stung by this today :( Still relevant in latest version

devodev avatar Jan 03 '24 16:01 devodev