Ensure Load Balancer Target Group is not using HTTP

Description

This policy checks whether a Load Balancer Target Group is using HTTP instead of HTTPS. Using HTTP can expose sensitive data to eavesdropping and tampering, which is a significant security risk. It is essential to use HTTPS to encrypt data in transit and ensure the confidentiality and integrity of communications. By using HTTPS, organizations can protect their data from interception and unauthorized access.

Code Example

terraform

resource "ncloud_lb_target_group" "example" {
  protocol = "HTTPS"
}

Remediation

Ensure the Load Balancer Target Group uses HTTPS by setting the protocol to 'HTTPS'.

Rule Details

Field	Value
ID	IAC-1218
Severity	MEDIUM
IaC Type	Terraform
Frameworks	ncloud_lb_target_group
Checkov ID	CKV_NCP_15

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Ensure Load Balancer Target Group is not using HTTP

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Ensure Load Balancer Target Group is not using HTTP ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Ensure Load Balancer Target Group is not using HTTP

Description

Code Example

Remediation

Rule Details

References