CRITICAL
Source
Trivy
ID
AVD-NIF-0014

An ingress nas security group rule allows traffic from /0.

Opening up ports to the public internet is generally to be avoided. You should restrict access to IP addresses or ranges that explicitly require it where possible.

Impact

Follow the appropriate remediation steps below to resolve the issue.

Set a more restrictive cidr range

1
2
3
4
5
resource "nifcloud_nas_security_group" "good_example" {
  rule {
    cidr_ip = "10.0.0.0/16"
  }
}