Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add policy for checking insecure_ssl configuration for github_repository_webhook in GitHub provider #355

Closed
HorizonNet opened this issue Oct 16, 2020 · 0 comments · Fixed by #386
Closed

Add policy for checking insecure_ssl configuration for github_repository_webhook in GitHub provider #355

HorizonNet opened this issue Oct 16, 2020 · 0 comments · Fixed by #386
Labels
enhancement new-policy

Comments

@HorizonNet
Copy link
Contributor

Similar to #339, but on repository level. The GitHub provider has a resource github_repository_webhook, which can be used to setup a webhook for an organization. In the configuration it allows several options. One of the them is insecure_ssl, which is not recommended to be set to true. The new policy for the github policy set should check this configuration and report a violation if this option was set to true.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement new-policy
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add new policy for checking insecure_ssl on github_repository_webhook HorizonNet/terrascan
2 participants
@HorizonNet @cesar-rodriguez