fix(misconf): false positive AVD-AWS-0057 when allowing access to one log group #5090
Labels
kind/bug
Categorizes issue or PR as related to a bug.
scan/misconfiguration
Issues relating to misconfiguration scanning
Source: https://github.com/aquasecurity/tfsec/issues/1978#issuecomment-1409982074
To access log events in one specified log group, a wildcard is required at the end of the log group name, otherwise the policy will not work, but this leads to a false positive AVD-AWS-0057. Quote from AWS doc (Example 3):
Terraform config:
Trivy output:
The text was updated successfully, but these errors were encountered: