class Terracop::Cop::Aws::DescribeSecurityGroupRules
This cop checks for AWS Security Group rules with no description. Reading terraform code can immediately tell why a rule is in place, but the AWS console is a bit more cryptic and a description can help.
@example
# bad resource "aws_security_group_rule" "rule" { source_security_group_id = "sg-123456" } # good resource "aws_security_group_rule" "rule" { source_security_group_id = "sg-123456" description = "Traffic from the load balancer" }
Public Instance Methods
check()
click to toggle source
# File lib/terracop/cop/aws/describe_security_group_rules.rb, line 27 def check return unless attributes['description'] == '' offense('Add a description to security group rules.') end