Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: update code and tflint issue #28

Merged
merged 3 commits into from
Mar 11, 2024
Merged

Conversation

theprashantyadav
Copy link
Contributor

what

  • Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
  • Use bullet points to be concise and to the point.

why

  • Provide the justifications for the changes (e.g. business case).
  • Describe why these changes were made (e.g. why do these commits fix the problem?)
  • Use bullet points to be concise and to the point.

references

  • Link to any supporting jira issues or helpful documentation to add some context (e.g. stackoverflow).
  • Use closes #123, if this PR closes a Jira issue #123

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Log group is not encrypted. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:71-76
────────────────────────────────────────────────────────────────────────────────
   71    resource "aws_cloudwatch_log_group" "cloudtrail_events" {
   72      count             = var.enabled ? 1 : 0
   73      name              = var.cloudwatch_logs_group_name
   74      retention_in_days = var.cloudwatch_logs_retention_in_days
   75      tags              = module.labels.tags
   76    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudwatch-log-group-customer-key
      Impact Log data may be leaked if the logs are compromised. No auditing of who have viewed the logs.
  Resolution Enable CMK encryption of CloudWatch Log Groups

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudwatch/log-group-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             139.401µs
  parsing              99.080537ms
  adaptation           147.901µs
  checks               8.374245ms
  total                107.742084ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     53
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  1

  1 potential problem(s) detected.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Log group is not encrypted. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:71-76
────────────────────────────────────────────────────────────────────────────────
   71    resource "aws_cloudwatch_log_group" "cloudtrail_events" {
   72      count             = var.enabled ? 1 : 0
   73      name              = var.cloudwatch_logs_group_name
   74      retention_in_days = var.cloudwatch_logs_retention_in_days
   75      tags              = module.labels.tags
   76    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudwatch-log-group-customer-key
      Impact Log data may be leaked if the logs are compromised. No auditing of who have viewed the logs.
  Resolution Enable CMK encryption of CloudWatch Log Groups

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudwatch/log-group-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             104.201µs
  parsing              160.502517ms
  adaptation           146.203µs
  checks               8.945468ms
  total                169.698389ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     53
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  1

  1 potential problem(s) detected.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Log group is not encrypted. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:71-76
────────────────────────────────────────────────────────────────────────────────
   71    resource "aws_cloudwatch_log_group" "cloudtrail_events" {
   72      count             = var.enabled ? 1 : 0
   73      name              = var.cloudwatch_logs_group_name
   74      retention_in_days = var.cloudwatch_logs_retention_in_days
   75      tags              = module.labels.tags
   76    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudwatch-log-group-customer-key
      Impact Log data may be leaked if the logs are compromised. No auditing of who have viewed the logs.
  Resolution Enable CMK encryption of CloudWatch Log Groups

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudwatch/log-group-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             130.501µs
  parsing              69.483702ms
  adaptation           204.8µs
  checks               11.284633ms
  total                81.103636ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     53
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  1

  1 potential problem(s) detected.

@clouddrove-ci clouddrove-ci merged commit fb87d99 into master Mar 11, 2024
17 checks passed
@delete-merged-branch delete-merged-branch bot deleted the feat/update-code branch March 11, 2024 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants