generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcra-tf-validate-ignore-rules.json
34 lines (34 loc) · 2 KB
/
cra-tf-validate-ignore-rules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
"scc_rules": [
{
"scc_rule_id": "rule-0e5151b1-9caf-433c-b4e5-be3d505e458e",
"description": "Check whether Application Load Balancer for VPC is configured with multiple members in the pool",
"ignore_reason": "This rule is not relevant to since the autoscale vsi are not attached at provision time",
"is_valid": true
},
{
"scc_rule_id": "rule-8c923215-afdc-41b1-886c-64ce78741f8c",
"description": "Check whether Application Load Balancer for VPC has health check configured when created",
"ignore_reason": "Health check is configured on Application Load Balancer",
"is_valid": true
},
{
"scc_rule_id": "rule-65b61a0f-ffdb-41ba-873d-ad329e7fc0ee",
"description": "Check whether Application Load Balancer for VPC is configured to convert HTTP client requests to HTTPS",
"ignore_reason": "This rule is not relevant since example is using a tcp listener",
"is_valid": true
},
{
"scc_rule_id": "rule-d544f217-3723-4376-b3aa-037c5f201e8d",
"description": "Check whether Application Load Balancer for VPC uses HTTPS (SSL & TLS) instead of HTTP",
"ignore_reason": "This rule is not relevant since example is using a tcp listener",
"is_valid": true
},
{
"scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
"description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
"ignore_reason": "In order for this rule to pass, Context Based Restrictions (CBRs) support needs to be added to the module (tracking in https://github.ibm.com/GoldenEye/issues/issues/5626). Even after that is added, there is still a dependency on SCC to support scanning for CBR rules. SCC CBR support is being tracked in https://github.ibm.com/project-fortress/pm/issues/11800.",
"is_valid": true
}
]
}