class Terracop::Cop::Aws::DescribeSecurityGroupRules

This cop checks for AWS Security Group rules with no description. Reading terraform code can immediately tell why a rule is in place, but the AWS console is a bit more cryptic and a description can help.

@example

# bad
resource "aws_security_group_rule" "rule" {
  source_security_group_id = "sg-123456"
}

# good
resource "aws_security_group_rule" "rule" {
  source_security_group_id = "sg-123456"
  description = "Traffic from the load balancer"
}

Public Instance Methods

check() click to toggle source
# File lib/terracop/cop/aws/describe_security_group_rules.rb, line 27
def check
  return unless attributes['description'] == ''

  offense('Add a description to security group rules.')
end