Added source_range 0.0.0.0/0 (any) to avoid rule violations (#776)

* added source_range 0.0.0.0/0 (any) to avoid rule vaiolations that have restricted source ip address access set. * fix typo Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
tenable · May 18, 2021 · 940a446 · 940a446
1 parent 07c1e4f
commit 940a446
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/pkg/policies/opa/rego/gcp/google_compute_firewall/unrestrictedRdpAccess.rego b/pkg/policies/opa/rego/gcp/google_compute_firewall/unrestrictedRdpAccess.rego
@@ -4,6 +4,7 @@ unrestrictedRdpAccess[api.id] {
      api := input.google_compute_firewall[_]
      api.config.direction == "INGRESS"
      fire_rule := api.config.allow[_]
+     api.config.source_ranges[_] == "0.0.0.0/0"
      fire_rule.protocol == "tcp"
      fire_rule.ports[_] == "3389"
 }