You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the issue
CKV_AWS_45
Checkov is alerting that CKV_AWS_45: "Ensure no hard-coded secrets exist in Lambda environment" on an environment variable that has the value of 48 characters which might be the reason it is getting a false positive based off #5743.
Version (please complete the following information):
Checkov Version [3.2.330]
Additional context
Changing the name of the lambda handler is some times possible but other times it requires updates in many places and across services which can be problematic. Is there anything that can be done to reduce these false positives? Or would I need to look at replicating the checkov policy as a custom policy and adding in a condition to pass the check if the value contains "handler"?
The text was updated successfully, but these errors were encountered:
Describe the issue
CKV_AWS_45
Checkov is alerting that CKV_AWS_45: "Ensure no hard-coded secrets exist in Lambda environment" on an environment variable that has the value of 48 characters which might be the reason it is getting a false positive based off #5743.
Examples
"NameOfLambdaFunction": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Environment": {
"Variables": {
"STAGE": "staging",
"LAMBDA": "handler.handlerverylongcustomhandlernameforservi"
}
}
Version (please complete the following information):
Additional context
Changing the name of the lambda handler is some times possible but other times it requires updates in many places and across services which can be problematic. Is there anything that can be done to reduce these false positives? Or would I need to look at replicating the checkov policy as a custom policy and adding in a condition to pass the check if the value contains "handler"?
The text was updated successfully, but these errors were encountered: