Secure Code Analysis #151
code-scanning.yml
on: schedule
tfsec
21s
checkov
37s
Matrix: tflint
Annotations
4 errors and 1 notice
checkov:
main.tf#L1
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
|
checkov:
main.tf#L83
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
|
checkov:
main.tf#L83
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
|
checkov:
main.tf#L83
CKV_AWS_289: "Ensure IAM policies does not allow permissions management / resource exposure without constraints"
|
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits
|