Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Why accurics.gcp.IAM.104 suggests enabling a client certificate? #330

Closed
ferrarimarco opened this issue Sep 16, 2020 · 3 comments
Closed

Why accurics.gcp.IAM.104 suggests enabling a client certificate? #330

ferrarimarco opened this issue Sep 16, 2020 · 3 comments
Labels
bug

Comments

@ferrarimarco
Copy link

  • terrascan version: v1.1.0
  • Operating System: Ubuntu 20.04.1

Description

Hardening your cluster security recommends to disable client certificates. Why is Terrascan suggesting the opposite?

Thanks!
@williepaul
Copy link
Contributor

Hello @ferrarimarco,

This one is a bug; from the rule name "clientCertificateEnabled", it seems the intention was to check if the client cert is enabled (to flag it), but the rule is doing the opposite and triggering if it's false instead. Thanks for the bug report!

@lucas-giaco
Copy link
Contributor

Hi folks, I'm facing the same issue.
There's an ETA for this bug to be fixed? or there's any way we could help to fix it?

Thanks!

@lucas-giaco lucas-giaco mentioned this issue Nov 22, 2020
Merged
@cesar-rodriguez
Copy link
Contributor

Resolved with #402

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ferrarimarco @lucas-giaco @cesar-rodriguez @williepaul