You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Trivy will check the following folders:
test/unit-test
Running Trivy in test/unit-test
2024-05-24T15:48:32Z INFO Need to update DB
2024-05-24T15:48:32Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-05-24T15:48:34Z INFO Vulnerability scanning is enabled
2024-05-24T15:48:34Z INFO Misconfiguration scanning is enabled
2024-05-24T15:48:34Z INFO Need to update the built-in policies
2024-05-24T15:48:34Z INFO Downloading the built-in policies...
50.41 KiB / 50.41 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-05-24T15:48:35Z INFO Secret scanning is enabled
2024-05-24T15:48:35Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-05-24T15:48:35Z INFO Please see also https://aquasecurity.github.io/trivy/v0.51/docs/scanner/secret/#recommendation for faster secret detection
2024-05-24T15:48:36Z INFO Number of language-specific files num=0
2024-05-24T15:48:36Z INFO Detected config files num=6
HIGH: Bucket does not encrypt data with a customer managed key.
════════════════════════════════════════
Encryption using AWS keys provides protection for your S3 buckets. To increase control of the encryption and manage factors like rotation use customer managed keys.
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
test/unit-test
*****************************
Running Checkov in test/unit-test
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 270, Failed checks: 0, Skipped checks: 51
checkov_exitcode=0
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.5.0)
tflint will check the following folders:
test/unit-test
*****************************
Running tflint in test/unit-test
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0
Trivy Scan Failed
Show Output
*****************************
Trivy will check the following folders:
test/unit-test
*****************************
Running Trivy in test/unit-test
2024-05-24T15:48:32Z INFO Need to update DB
2024-05-24T15:48:32Z INFO Downloading DB...repository="ghcr.io/aquasecurity/trivy-db:2"2024-05-24T15:48:34Z INFO Vulnerability scanning is enabled
2024-05-24T15:48:34Z INFO Misconfiguration scanning is enabled
2024-05-24T15:48:34Z INFO Need to update the built-in policies
2024-05-24T15:48:34Z INFO Downloading the built-in policies...50.41 KiB /50.41 KiB [-----------------------------------------------------------] 100.00%? p/s 0s2024-05-24T15:48:35Z INFO Secret scanning is enabled
2024-05-24T15:48:35Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-05-24T15:48:35Z INFO Please see also https://aquasecurity.github.io/trivy/v0.51/docs/scanner/secret/#recommendation for faster secret detection2024-05-24T15:48:36Z INFO Number of language-specific files num=02024-05-24T15:48:36Z INFO Detected config files num=6../../config.tf (terraform)
===========================
Tests:14 (SUCCESSES:0, FAILURES:0, EXCEPTIONS:14)
Failures:0 (HIGH:0, CRITICAL:0)
../../modules/cloudtrail/main.tf (terraform)
============================================
Tests:5 (SUCCESSES:4, FAILURES:0, EXCEPTIONS:1)
Failures:0 (HIGH:0, CRITICAL:0)
github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc15a08fbf5a4f4eef9b7433c5a417df8df1/main.tf (terraform)
========================================================================================================================================
Tests:7 (SUCCESSES:6, FAILURES:1, EXCEPTIONS:0)
Failures:1 (HIGH:1, CRITICAL:0)
HIGH: Bucket does not encrypt data with a customer managed key.
════════════════════════════════════════
Encryption using AWS keys provides protection for your S3 buckets. To increase control of the encryption and manage factors like rotation use customer managed keys.
See https://avd.aquasec.com/misconfig/avd-aws-0132
────────────────────────────────────────
github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc15a08fbf5a4f4eef9b7433c5a417df8df1/main.tf:157-165
via ../../config.tf:103-153 (module.config-bucket)
via main.tf:6-36 (module.baselines)
────────────────────────────────────────
157 ┌ resource"aws_s3_bucket_server_side_encryption_configuration""default" {
158 │ bucket=aws_s3_bucket.default.id159 │ rule {
160 │ apply_server_side_encryption_by_default {
161 │ sse_algorithm=var.sse_algorithm162 │ kms_master_key_id=(var.custom_kms_key!="") ? var.custom_kms_key:""163 │ }
164 │ }
165 └ }
────────────────────────────────────────
trivy_exitcode=1
Trivy will check the following folders:
test/unit-test
Running Trivy in test/unit-test
2024-06-17T14:50:45Z INFO Need to update DB
2024-06-17T14:50:45Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-06-17T14:50:47Z INFO Vulnerability scanning is enabled
2024-06-17T14:50:47Z INFO Misconfiguration scanning is enabled
2024-06-17T14:50:47Z INFO Need to update the built-in policies
2024-06-17T14:50:47Z INFO Downloading the built-in policies...
53.79 KiB / 53.79 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-06-17T14:50:47Z INFO Secret scanning is enabled
2024-06-17T14:50:47Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-17T14:50:47Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-17T14:50:49Z INFO Number of language-specific files num=0
2024-06-17T14:50:49Z INFO Detected config files num=6
HIGH: Bucket does not encrypt data with a customer managed key.
════════════════════════════════════════
Encryption using AWS keys provides protection for your S3 buckets. To increase control of the encryption and manage factors like rotation use customer managed keys.
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
test/unit-test
*****************************
Running Checkov in test/unit-test
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 270, Failed checks: 0, Skipped checks: 51
checkov_exitcode=0
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.5.0)
tflint will check the following folders:
test/unit-test
*****************************
Running tflint in test/unit-test
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0
Trivy Scan Failed
Show Output
*****************************
Trivy will check the following folders:
test/unit-test
*****************************
Running Trivy in test/unit-test
2024-06-17T14:50:45Z INFO Need to update DB
2024-06-17T14:50:45Z INFO Downloading DB...repository="ghcr.io/aquasecurity/trivy-db:2"2024-06-17T14:50:47Z INFO Vulnerability scanning is enabled
2024-06-17T14:50:47Z INFO Misconfiguration scanning is enabled
2024-06-17T14:50:47Z INFO Need to update the built-in policies
2024-06-17T14:50:47Z INFO Downloading the built-in policies...53.79 KiB /53.79 KiB [-----------------------------------------------------------] 100.00%? p/s 0s2024-06-17T14:50:47Z INFO Secret scanning is enabled
2024-06-17T14:50:47Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-17T14:50:47Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-17T14:50:49Z INFO Number of language-specific files num=02024-06-17T14:50:49Z INFO Detected config files num=6../../config.tf (terraform)
===========================
Tests:14 (SUCCESSES:0, FAILURES:0, EXCEPTIONS:14)
Failures:0 (HIGH:0, CRITICAL:0)
../../modules/cloudtrail/main.tf (terraform)
============================================
Tests:5 (SUCCESSES:4, FAILURES:0, EXCEPTIONS:1)
Failures:0 (HIGH:0, CRITICAL:0)
github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc15a08fbf5a4f4eef9b7433c5a417df8df1/main.tf (terraform)
========================================================================================================================================
Tests:7 (SUCCESSES:6, FAILURES:1, EXCEPTIONS:0)
Failures:1 (HIGH:1, CRITICAL:0)
HIGH: Bucket does not encrypt data with a customer managed key.
════════════════════════════════════════
Encryption using AWS keys provides protection for your S3 buckets. To increase control of the encryption and manage factors like rotation use customer managed keys.
See https://avd.aquasec.com/misconfig/avd-aws-0132
────────────────────────────────────────
github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc15a08fbf5a4f4eef9b7433c5a417df8df1/main.tf:157-165
via ../../config.tf:103-153 (module.config-bucket)
via main.tf:6-36 (module.baselines)
────────────────────────────────────────
157 ┌ resource"aws_s3_bucket_server_side_encryption_configuration""default" {
158 │ bucket=aws_s3_bucket.default.id159 │ rule {
160 │ apply_server_side_encryption_by_default {
161 │ sse_algorithm=var.sse_algorithm162 │ kms_master_key_id=(var.custom_kms_key!="") ? var.custom_kms_key:""163 │ }
164 │ }
165 └ }
────────────────────────────────────────
trivy_exitcode=1
Trivy will check the following folders:
modules/backup test/backup-test
Running Trivy in modules/backup
2024-06-21T11:38:10Z INFO Need to update DB
2024-06-21T11:38:10Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-06-21T11:38:12Z INFO Vulnerability scanning is enabled
2024-06-21T11:38:12Z INFO Misconfiguration scanning is enabled
2024-06-21T11:38:12Z INFO Need to update the built-in policies
2024-06-21T11:38:12Z INFO Downloading the built-in policies...
53.79 KiB / 53.79 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-06-21T11:38:12Z INFO Secret scanning is enabled
2024-06-21T11:38:12Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:38:12Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:38:13Z INFO Number of language-specific files num=0
2024-06-21T11:38:13Z INFO Detected config files num=2
trivy_exitcode=0
Running Trivy in test/backup-test
2024-06-21T11:38:13Z INFO Vulnerability scanning is enabled
2024-06-21T11:38:13Z INFO Misconfiguration scanning is enabled
2024-06-21T11:38:13Z INFO Secret scanning is enabled
2024-06-21T11:38:13Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:38:13Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:38:14Z INFO Number of language-specific files num=0
2024-06-21T11:38:14Z INFO Detected config files num=2
trivy_exitcode=0
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
modules/backup test/backup-test
*****************************
Running Checkov in modules/backup
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 1, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
*****************************
Running Checkov in test/backup-test
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 22, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.5.0)
tflint will check the following folders:
modules/backup test/backup-test
*****************************
Running tflint in modules/backup
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in test/backup-test
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
modules/backup test/backup-test
*****************************
Running Trivy in modules/backup
2024-06-21T11:38:10Z INFO Need to update DB
2024-06-21T11:38:10Z INFO Downloading DB...repository="ghcr.io/aquasecurity/trivy-db:2"2024-06-21T11:38:12Z INFO Vulnerability scanning is enabled
2024-06-21T11:38:12Z INFO Misconfiguration scanning is enabled
2024-06-21T11:38:12Z INFO Need to update the built-in policies
2024-06-21T11:38:12Z INFO Downloading the built-in policies...53.79 KiB /53.79 KiB [-----------------------------------------------------------] 100.00%? p/s 0s2024-06-21T11:38:12Z INFO Secret scanning is enabled
2024-06-21T11:38:12Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:38:12Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:38:13Z INFO Number of language-specific files num=02024-06-21T11:38:13Z INFO Detected config files num=2trivy_exitcode=0*****************************
Running Trivy in test/backup-test
2024-06-21T11:38:13Z INFO Vulnerability scanning is enabled
2024-06-21T11:38:13Z INFO Misconfiguration scanning is enabled
2024-06-21T11:38:13Z INFO Secret scanning is enabled
2024-06-21T11:38:13Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:38:13Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:38:14Z INFO Number of language-specific files num=02024-06-21T11:38:14Z INFO Detected config files num=2trivy_exitcode=0
Trivy will check the following folders:
modules/backup test/backup-test
Running Trivy in modules/backup
2024-06-21T11:39:31Z INFO Need to update DB
2024-06-21T11:39:31Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-06-21T11:39:33Z INFO Vulnerability scanning is enabled
2024-06-21T11:39:33Z INFO Misconfiguration scanning is enabled
2024-06-21T11:39:33Z INFO Need to update the built-in policies
2024-06-21T11:39:33Z INFO Downloading the built-in policies...
53.79 KiB / 53.79 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-06-21T11:39:33Z INFO Secret scanning is enabled
2024-06-21T11:39:33Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:39:33Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:39:34Z INFO Number of language-specific files num=0
2024-06-21T11:39:34Z INFO Detected config files num=2
trivy_exitcode=0
Running Trivy in test/backup-test
2024-06-21T11:39:34Z INFO Vulnerability scanning is enabled
2024-06-21T11:39:34Z INFO Misconfiguration scanning is enabled
2024-06-21T11:39:34Z INFO Secret scanning is enabled
2024-06-21T11:39:34Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:39:34Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:39:35Z INFO Number of language-specific files num=0
2024-06-21T11:39:35Z INFO Detected config files num=2
trivy_exitcode=0
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
modules/backup test/backup-test
*****************************
Running Checkov in modules/backup
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 1, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
*****************************
Running Checkov in test/backup-test
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 22, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.5.0)
tflint will check the following folders:
modules/backup test/backup-test
*****************************
Running tflint in modules/backup
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in test/backup-test
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
modules/backup test/backup-test
*****************************
Running Trivy in modules/backup
2024-06-21T11:39:31Z INFO Need to update DB
2024-06-21T11:39:31Z INFO Downloading DB...repository="ghcr.io/aquasecurity/trivy-db:2"2024-06-21T11:39:33Z INFO Vulnerability scanning is enabled
2024-06-21T11:39:33Z INFO Misconfiguration scanning is enabled
2024-06-21T11:39:33Z INFO Need to update the built-in policies
2024-06-21T11:39:33Z INFO Downloading the built-in policies...53.79 KiB /53.79 KiB [-----------------------------------------------------------] 100.00%? p/s 0s2024-06-21T11:39:33Z INFO Secret scanning is enabled
2024-06-21T11:39:33Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:39:33Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:39:34Z INFO Number of language-specific files num=02024-06-21T11:39:34Z INFO Detected config files num=2trivy_exitcode=0*****************************
Running Trivy in test/backup-test
2024-06-21T11:39:34Z INFO Vulnerability scanning is enabled
2024-06-21T11:39:34Z INFO Misconfiguration scanning is enabled
2024-06-21T11:39:34Z INFO Secret scanning is enabled
2024-06-21T11:39:34Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:39:34Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:39:35Z INFO Number of language-specific files num=02024-06-21T11:39:35Z INFO Detected config files num=2trivy_exitcode=0
Trivy will check the following folders:
modules/backup test/backup-test
Running Trivy in modules/backup
2024-06-21T11:49:42Z INFO Need to update DB
2024-06-21T11:49:42Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-06-21T11:49:44Z INFO Vulnerability scanning is enabled
2024-06-21T11:49:44Z INFO Misconfiguration scanning is enabled
2024-06-21T11:49:44Z INFO Need to update the built-in policies
2024-06-21T11:49:44Z INFO Downloading the built-in policies...
53.79 KiB / 53.79 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-06-21T11:49:44Z INFO Secret scanning is enabled
2024-06-21T11:49:44Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:49:44Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:49:45Z INFO Number of language-specific files num=0
2024-06-21T11:49:45Z INFO Detected config files num=2
trivy_exitcode=0
Running Trivy in test/backup-test
2024-06-21T11:49:45Z INFO Vulnerability scanning is enabled
2024-06-21T11:49:45Z INFO Misconfiguration scanning is enabled
2024-06-21T11:49:45Z INFO Secret scanning is enabled
2024-06-21T11:49:45Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:49:45Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:49:45Z INFO Number of language-specific files num=0
2024-06-21T11:49:45Z INFO Detected config files num=2
trivy_exitcode=0
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
modules/backup test/backup-test
*****************************
Running Checkov in modules/backup
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 1, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
*****************************
Running Checkov in test/backup-test
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 22, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.5.0)
tflint will check the following folders:
modules/backup test/backup-test
*****************************
Running tflint in modules/backup
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in test/backup-test
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
modules/backup test/backup-test
*****************************
Running Trivy in modules/backup
2024-06-21T11:49:42Z INFO Need to update DB
2024-06-21T11:49:42Z INFO Downloading DB...repository="ghcr.io/aquasecurity/trivy-db:2"2024-06-21T11:49:44Z INFO Vulnerability scanning is enabled
2024-06-21T11:49:44Z INFO Misconfiguration scanning is enabled
2024-06-21T11:49:44Z INFO Need to update the built-in policies
2024-06-21T11:49:44Z INFO Downloading the built-in policies...53.79 KiB /53.79 KiB [-----------------------------------------------------------] 100.00%? p/s 0s2024-06-21T11:49:44Z INFO Secret scanning is enabled
2024-06-21T11:49:44Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:49:44Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:49:45Z INFO Number of language-specific files num=02024-06-21T11:49:45Z INFO Detected config files num=2trivy_exitcode=0*****************************
Running Trivy in test/backup-test
2024-06-21T11:49:45Z INFO Vulnerability scanning is enabled
2024-06-21T11:49:45Z INFO Misconfiguration scanning is enabled
2024-06-21T11:49:45Z INFO Secret scanning is enabled
2024-06-21T11:49:45Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:49:45Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:49:45Z INFO Number of language-specific files num=02024-06-21T11:49:45Z INFO Detected config files num=2trivy_exitcode=0
Trivy will check the following folders:
modules/backup test/backup-test
Running Trivy in modules/backup
2024-06-21T11:52:24Z INFO Need to update DB
2024-06-21T11:52:24Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-06-21T11:52:26Z INFO Vulnerability scanning is enabled
2024-06-21T11:52:26Z INFO Misconfiguration scanning is enabled
2024-06-21T11:52:26Z INFO Need to update the built-in policies
2024-06-21T11:52:26Z INFO Downloading the built-in policies...
53.79 KiB / 53.79 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-06-21T11:52:26Z INFO Secret scanning is enabled
2024-06-21T11:52:26Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:52:26Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:52:27Z INFO Number of language-specific files num=0
2024-06-21T11:52:27Z INFO Detected config files num=2
trivy_exitcode=0
Running Trivy in test/backup-test
2024-06-21T11:52:27Z INFO Vulnerability scanning is enabled
2024-06-21T11:52:27Z INFO Misconfiguration scanning is enabled
2024-06-21T11:52:27Z INFO Secret scanning is enabled
2024-06-21T11:52:27Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:52:27Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection
2024-06-21T11:52:28Z INFO Number of language-specific files num=0
2024-06-21T11:52:28Z INFO Detected config files num=2
trivy_exitcode=0
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
modules/backup test/backup-test
*****************************
Running Checkov in modules/backup
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 1, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
*****************************
Running Checkov in test/backup-test
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 22, Failed checks: 0, Skipped checks: 1
checkov_exitcode=0
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.5.0)
tflint will check the following folders:
modules/backup test/backup-test
*****************************
Running tflint in modules/backup
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in test/backup-test
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
modules/backup test/backup-test
*****************************
Running Trivy in modules/backup
2024-06-21T11:52:24Z INFO Need to update DB
2024-06-21T11:52:24Z INFO Downloading DB...repository="ghcr.io/aquasecurity/trivy-db:2"2024-06-21T11:52:26Z INFO Vulnerability scanning is enabled
2024-06-21T11:52:26Z INFO Misconfiguration scanning is enabled
2024-06-21T11:52:26Z INFO Need to update the built-in policies
2024-06-21T11:52:26Z INFO Downloading the built-in policies...53.79 KiB /53.79 KiB [-----------------------------------------------------------] 100.00%? p/s 0s2024-06-21T11:52:26Z INFO Secret scanning is enabled
2024-06-21T11:52:26Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:52:26Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:52:27Z INFO Number of language-specific files num=02024-06-21T11:52:27Z INFO Detected config files num=2trivy_exitcode=0*****************************
Running Trivy in test/backup-test
2024-06-21T11:52:27Z INFO Vulnerability scanning is enabled
2024-06-21T11:52:27Z INFO Misconfiguration scanning is enabled
2024-06-21T11:52:27Z INFO Secret scanning is enabled
2024-06-21T11:52:27Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-06-21T11:52:27Z INFO Please see also https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation for faster secret detection2024-06-21T11:52:28Z INFO Number of language-specific files num=02024-06-21T11:52:28Z INFO Detected config files num=2trivy_exitcode=0
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
WIP - add unit-tests