This repository has been archived by the owner on Jan 17, 2024. It is now read-only.
Secure Code Analysis #54
code-scanning.yml
on: schedule
tfsec
18s
checkov
26s
Matrix: tflint
Annotations
10 errors and 1 notice
checkov:
main.tf#L176
CKV_AWS_289: "Ensure IAM policies does not allow permissions management / resource exposure without constraints"
|
checkov:
main.tf#L176
CKV_AWS_288: "Ensure IAM policies does not allow data exfiltration"
|
checkov:
main.tf#L176
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
|
checkov:
main.tf#L176
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
|
checkov:
main.tf#L235
CKV_AWS_249: "Ensure that the Execution Role ARN and the Task Role ARN are different in ECS Task definitions"
|
checkov:
main.tf#L349
CKV_AWS_289: "Ensure IAM policies does not allow permissions management / resource exposure without constraints"
|
checkov:
main.tf#L349
CKV_AWS_288: "Ensure IAM policies does not allow data exfiltration"
|
checkov:
main.tf#L349
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
|
checkov:
main.tf#L349
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
|
checkov:
main.tf#L458
CKV_AWS_338: "Ensure CloudWatch log groups retains logs for at least 1 year"
|
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits
|