Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(terraform): Adding yaml based build time policies for corresponding PC run time policies #4265

Merged
merged 21 commits into from
Jan 22, 2023
Merged

feat(terraform): Adding yaml based build time policies for corresponding PC run time policies #4265

merged 21 commits into from
Jan 22, 2023

Conversation

praveen-panw
Copy link
Collaborator

@praveen-panw praveen-panw commented Jan 16, 2023
edited
Loading

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

This PR has 1 YAML-based check (after modification) with detailed description below

1. Checkov Title - Ensure AWS Neptune cluster deletion protection is enabled

PC Policy ID - fd9b71b1-a601-4c6b-b6f2-a8290ece5680

PC Policy Title - AWS Neptune cluster deletion protection is disabled

Compliance standards -

MLPS 2.0 (Level 2), Secure Controls Framework (SCF) - 2022.2.1

Remediation:

  1. Sign in to the AWS console
  2. Select the region, from the region drop-down, for which the alert is generated
  3. Navigate to Neptune Dashboard
  4. Select the reported Neptune cluster
  5. Click on 'Modify' from top
  6. Under 'Deletion protection' select 'Enable deletion protection'
  7. Click on 'Continue'
  8. Schedule the modifications and click on 'Modify cluster'

praveen-panw and others added 16 commits January 16, 2023 18:57
gruebel
gruebel approved these changes Jan 20, 2023
View reviewed changes
Copy link
Contributor

@gruebel gruebel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks, looks good 🏆

@gruebel gruebel merged commit 769344c into bridgecrewio:main Jan 22, 2023
gruebel pushed a commit to gruebel/checkov that referenced this pull request Jan 22, 2023
@praveen-panw @actions-user
feat(terraform): Adding yaml based build time policies for correspond…
7267431 
…ing PC run time policies (bridgecrewio#4265)

* adding 2 YAML policies - S3 & Neptune security config

* adding 2 YAML policies

* adding 2 YAML policies

* adding 2 YAML policies

* added 2 YAML policies

* updated the pass and fail cases

* Updated terraform pass and fail cases

* Deleted - AWS S3 global ACL view check
@praveen-panw
Copy link
Collaborator Author

Thank you @gruebel and @marynaKK.

This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gruebel gruebel gruebel approved these changes

@marynaKK marynaKK marynaKK approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@praveen-panw @gruebel @marynaKK