forked from iacsecurity/tool-compare
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkics_results.txt
135 lines (87 loc) · 3.3 KB
/
kics_results.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
.0MO.
OMMMx
;NMX;
... ... ....
WMMMd cWMMM0. KMMMO ;xKWMMMMNOc. ,xXMMMMMWXkc.
WMMMd .0MMMN: KMMMO :XMMMMMMMMMMMWl xMMMMMWMMMMMMl
WMMMd lWMMMO. KMMMO xMMMMKc...'lXMk ,MMMMx .;dXx
WMMMd.0MMMX; KMMMO cMMMMd ' 'MMMMNl'
WMMMNWMMMMl KMMMO 0MMMN oMMMMMMMXkl.
WMMMMMMMMMMo KMMMO 0MMMX .ckKWMMMMMM0.
WMMMMWokMMMMk KMMMO oMMMMc . .:OMMMM0
WMMMK. dMMMM0. KMMMO KMMMMx' ,kNc :WOc. .NMMMX
WMMMd cWMMMX. KMMMO kMMMMMWXNMMMMMd .WMMMMWKO0NMMMMl
WMMMd ,NMMMN, KMMMO 'xNMMMMMMMNx, .l0WMMMMMMMWk,
xkkk: ,kkkkx okkkl ;xKXKx; ;dOKKkc
Scanning with Keeping Infrastructure as Code Secure v1.2.3
Files scanned: 3
Parsed files: 3
Queries loaded: 1343
Queries failed to execute: 0
------------------------------------
AMI Not Encrypted, Severity: HIGH, Results: 1
Description: AWS AMI Encryption is not enabled
Platform: Terraform
[1]: /src/main.tf:38
037:
038: ebs_block_device {
039: device_name = "/dev/xvda"
EBS Volume Snapshot Not Encrypted, Severity: HIGH, Results: 1
Description: The value on AWS EBS Volume Snapshot Encryptation must be true
Platform: Terraform
[1]: /src/main.tf:24
023:
024: resource "aws_ebs_snapshot" "example_snapshot" {
025: volume_id = aws_ebs_volume.example.id
EC2 Instance Has Public IP, Severity: HIGH, Results: 4
Description: EC2 Instance should not have a public IP address.
Platform: Terraform
[1]: /src/main.tf:80
079:
080: resource "aws_instance" "example_with_copied_ami" {
081: ami = aws_ami_copy.example.id
[2]: /src/main.tf:93
092:
093: resource "aws_instance" "example_with_ami_from_instance" {
094: ami = aws_ami_from_instance.example.id
[3]: /src/main.tf:98
097:
098: resource "aws_instance" "public-ubuntu-from-data" {
099: ami = data.aws_ami.ubuntu.id
[4]: /src/main.tf:45
044:
045: resource "aws_instance" "example_with_new_ami" {
046: ami = aws_ami.example.id
EBS Volume Encryption Disabled, Severity: MEDIUM, Results: 1
Description: The value on AWS EBS Volume Cluster Encryption must be true
Platform: Terraform
[1]: /src/main.tf:15
014:
015: resource "aws_ebs_volume" "example" {
016: availability_zone = data.aws_availability_zones.available.names[0]
Instance With No VPC, Severity: MEDIUM, Results: 4
Description: Instance should be configured in VPC (Virtual Private Cloud)
Platform: Terraform
[1]: /src/main.tf:45
044:
045: resource "aws_instance" "example_with_new_ami" {
046: ami = aws_ami.example.id
[2]: /src/main.tf:80
079:
080: resource "aws_instance" "example_with_copied_ami" {
081: ami = aws_ami_copy.example.id
[3]: /src/main.tf:93
092:
093: resource "aws_instance" "example_with_ami_from_instance" {
094: ami = aws_ami_from_instance.example.id
[4]: /src/main.tf:98
097:
098: resource "aws_instance" "public-ubuntu-from-data" {
099: ami = data.aws_ami.ubuntu.id
Results Summary:
HIGH: 6
MEDIUM: 5
LOW: 0
INFO: 0
TOTAL: 11
Scan duration: 29.947395098s