Control: Container instance container groups should use secure environment variable

Description

This control ensures that the container group uses secure environment variable.

Usage

Run the control in your terminal:

powerpipe control run terraform_azure_compliance.control.container_instance_container_group_secure_environment_variable

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run terraform_azure_compliance.control.container_instance_container_group_secure_environment_variable --share

SQL

This control uses a named query:

with container_group_no_secure_environment as (
  select
    distinct name
  from
    terraform_resource,
    jsonb_array_elements(attributes_std -> 'container') as c
  where
    type = 'azurerm_container_group'
    and c -> 'environment_variables' is not null
)
select
  address as resource,
  case
    when e.name is not null then 'alarm'
    else 'ok'
  end status,
  split_part(address, '.', 2) || case
    when e.name is not null then ' uses environment variables'
    else ' does not use environment variables'
  end || '.' reason
  
  , path || ':' || start_line
from
  terraform_resource as r
  left join container_group_no_secure_environment as e on e.name = r.name
where
  type = 'azurerm_container_group';

Control: Container instance container groups should use secure environment variable

Description

Usage

SQL

Tags