Ensure Tencent Cloud CVM instance does not allocate a public IP

Description

This policy checks whether a Tencent Cloud CVM instance is allocated a public IP address. Allocating a public IP to an instance can increase the attack surface of the instance, making it more vulnerable to external attacks. It's essential to ensure that public IP allocation is carefully controlled and only enabled when necessary. By not allocating a public IP, the instance is more secure and less exposed to potential threats.

Code Example

terraform

resource "tencentcloud_instance" "example" {
  allocate_public_ip = false
}

Remediation

Ensure the CVM instance does not allocate a public IP by setting the 'allocate_public_ip' property to False.

Rule Details

Field	Value
ID	IAC-1319
Severity	MEDIUM
IaC Type	Terraform
Frameworks	tencentcloud_instance
Checkov ID	CKV_TC_2

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Ensure Tencent Cloud CVM instance does not allocate a public IP

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Ensure Tencent Cloud CVM instance does not allocate a public IP ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Ensure Tencent Cloud CVM instance does not allocate a public IP

Description

Code Example

Remediation

Rule Details

References