feat: add FSCloud profile #85
Conversation
|
/run pipeline |
modules/fscloud/README.md
Outdated
|
|
||
| The default values in this profile were scanned by [IBM Code Risk Analyzer (CRA)](https://cloud.ibm.com/docs/code-risk-analyzer-cli-plugin?topic=code-risk-analyzer-cli-plugin-cra-cli-plugin#terraform-command) for compliance with the IBM Cloud Framework for Financial Services profile that is specified by the IBM Security and Compliance Center. The scan passed for all applicable goals with one exception: | ||
|
|
||
| > rule-beb7b289-706b-4dc0-b01d-b1d15d4331e3: Check whether Databases for Elasticsearch network access is restricted to a specific IP range |
There was a problem hiding this comment.
This is a MongoDB rule ID. I don't see any rule for elasticsearch added in cra-tf-validate-ignore-rules.json so its means there must not be any failing CRA rules for Elasticsearch
There was a problem hiding this comment.
hmmm it seems there is a rule for Elasticsearch: rule-b5c06228-3f38-4d98-837f-2fe10d6ff9d5 - Check whether Databases for Elasticsearch network access is restricted to a specific IP range - so why does CRA not catch it?
There was a problem hiding this comment.
@Aashiq-J looks like you can remove this all together - CRA must no longer check for it as it does some checks for CBR now. So make same change as I did in terraform-ibm-modules/terraform-ibm-icd-postgresql#353
|
/run pipeline |
|
/run pipeline |
|
🎉 This PR is included in version 1.6.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Description
Release required?
x.x.X)x.X.x)X.x.x)Release notes content
Run the pipeline
If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.
Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:
Checklist for reviewers
For mergers