Secure Code Analysis #557
code-scanning.yml
on: schedule
trivy
2m 18s
checkov
5m 26s
Matrix: tflint
Annotations
10 errors
checkov:
terraform/environments/apex/backups.tf#L10
CKV_AWS_166: "Ensure Backup Vault is encrypted at rest using KMS CMK"
|
checkov:
terraform/environments/apex/cloudfront.tf#L156
CKV_AWS_300: "Ensure S3 lifecycle configuration sets period for aborting failed uploads"
|
checkov:
terraform/environments/apex/cloudfront.tf#L176
CKV_AWS_305: "Ensure CloudFront distribution has a default root object configured"
|
checkov:
terraform/environments/apex/cloudfront.tf#L176
CKV_AWS_310: "Ensure CloudFront distributions should have origin failover configured"
|
checkov:
terraform/environments/apex/cloudfront.tf#L294
CKV_AWS_233: "Ensure Create before destroy for ACM certificates"
|
checkov:
terraform/environments/apex/ec2.tf#L6
CKV_AWS_79: "Ensure Instance Metadata Service Version 1 is not enabled"
|
checkov:
terraform/environments/apex/ec2.tf#L75
CKV_AWS_24: "Ensure no security groups allow ingress from 0.0.0.0:0 to port 22"
|
checkov:
terraform/environments/apex/ec2.tf#L103
CKV_AWS_23: "Ensure every security group and rule has a description"
|
checkov:
terraform/environments/apex/ec2.tf#L134
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
|
checkov:
terraform/environments/apex/ec2.tf#L134
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
|