DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
Terraform

Terraform

Made by DeepSource
Use Analyzer

Missing description for security group/security group rule TF-AWS018

Security
Major

Security groups and security group rules should include a description for auditing purposes.

Simplifies auditing, debugging, and managing security groups.

Examples

Bad practice

resource "aws_security_group" "http" {
  name        = "http"

  ingress {
    description = "HTTP from VPC"
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = [aws_vpc.main.cidr_block]
  }
}

Recommended

resource "aws_security_group" "http" {
  name        = "http"
  description = "Allow inbound HTTP traffic"

  ingress {
    description = "HTTP from VPC"
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = [aws_vpc.main.cidr_block]
  }
}

References