Skip to content

Merge pull request #356 from dasmeta/DMVP-5592-variable-api-version #352

Merge pull request #356 from dasmeta/DMVP-5592-variable-api-version

Merge pull request #356 from dasmeta/DMVP-5592-variable-api-version #352

Triggered via push November 29, 2024 06:32
Status Success
Total duration 6m 41s
Artifacts

checkov.yaml

on: push
Matrix: terraform-validate
Fit to window
Zoom out
Zoom in

Annotations

221 errors
terraform-validate (modules/aws-cloudfront-security-headers)
CKV_AWS_115: "Ensure that AWS Lambda function is configured for function-level concurrent execution limit"
terraform-validate (modules/aws-cloudfront-security-headers)
CKV_AWS_116: "Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ)"
terraform-validate (modules/aws-cloudfront-security-headers)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/aws-cloudfront-security-headers)
CKV_AWS_50: "X-Ray tracing is enabled for Lambda"
terraform-validate (modules/aws-cloudfront-security-headers)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/aws-cloudfront-security-headers)
CKV_AWS_117: "Ensure that AWS Lambda function is configured inside a VPC"
terraform-validate (modules/aws-vpn-vpnendpoint)
CKV_AWS_338: "Ensure CloudWatch log groups retains logs for at least 1 year"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_354: "Ensure RDS Performance Insights are encrypted using KMS CMKs"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_16: "Ensure all data stored in the RDS is securely encrypted at rest"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_157: "Ensure that RDS instances have Multi-AZ enabled"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_118: "Ensure that enhanced monitoring is enabled for Amazon RDS instances"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_353: "Ensure that RDS instances have performance insights enabled"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_129: "Ensure that respective logs of Amazon Relational Database Service (Amazon RDS) are enabled"
terraform-validate (modules/aws-rds-postgres)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/aws-rds-postgres)
CKV_AWS_23: "Ensure every security group and rule has a description"
terraform-validate (modules/aws-rds-postgres)
CKV2_AWS_60: "Ensure RDS instance with copy tags to snapshots is enabled"
terraform-validate (modules/aws-rds-postgres)
CKV2_AWS_60: "Ensure RDS instance with copy tags to snapshots is enabled"
terraform-validate (modules/api-gateway)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/api-gateway)
CKV_AWS_273: "Ensure access is controlled through SSO and not AWS IAM defined users"
terraform-validate (modules/api-gateway)
CKV_AWS_66: "Ensure that CloudWatch Log Group specifies retention days"
terraform-validate (modules/api-gateway)
CKV_AWS_338: "Ensure CloudWatch log groups retains logs for at least 1 year"
terraform-validate (modules/api-gateway)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/api-gateway)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/api-gateway)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/api-gateway)
CKV_AWS_206: "Ensure API Gateway Domain uses a modern security Policy"
terraform-validate (modules/api-gateway)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/api-gateway)
CKV_AWS_237: "Ensure Create before destroy for API Gateway"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_124: "Ensure that CloudFormation stacks are sending event notifications to an SNS topic"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/aws-alb-to-cloudwatch-lambda)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_AWS_124: "Ensure that CloudFormation stacks are sending event notifications to an SNS topic"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV2_AWS_62: "Ensure S3 buckets should have event notifications enabled"
terraform-validate (modules/cloudfront-to-s3-to-cloudwatch)
CKV_AWS_18: "Ensure the S3 bucket has access logging enabled"
terraform-validate (modules/aws-network)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/aws-network)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/aws-network)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/aws-network)
CKV_AWS_338: "Ensure CloudWatch log groups retains logs for at least 1 year"
terraform-validate (modules/aws-network)
CKV2_AWS_11: "Ensure VPC flow logging is enabled in all VPCs"
terraform-validate (modules/aws-network)
CKV2_AWS_12: "Ensure the default security group of every VPC restricts all traffic"
terraform-validate (modules/cloudfront)
CKV_AWS_115: "Ensure that AWS Lambda function is configured for function-level concurrent execution limit"
terraform-validate (modules/cloudfront)
CKV_AWS_116: "Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ)"
terraform-validate (modules/cloudfront)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/cloudfront)
CKV_AWS_50: "X-Ray tracing is enabled for Lambda"
terraform-validate (modules/cloudfront)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/cloudfront)
CKV_AWS_117: "Ensure that AWS Lambda function is configured inside a VPC"
terraform-validate (modules/cloudfront)
CKV_AWS_310: "Ensure CloudFront distributions should have origin failover configured"
terraform-validate (modules/cloudfront)
CKV_AWS_34: "Ensure CloudFront distribution ViewerProtocolPolicy is set to HTTPS"
terraform-validate (modules/cloudfront)
CKV_AWS_374: "Ensure AWS CloudFront web distribution has geo restriction enabled"
terraform-validate (modules/cloudfront)
CKV_AWS_68: "CloudFront Distribution should have WAF enabled"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_AWS_50: "X-Ray tracing is enabled for Lambda"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_AWS_258: "Ensure that Lambda function URLs AuthType is not None"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_AWS_300: "Ensure S3 lifecycle configuration sets period for aborting failed uploads"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV2_AWS_62: "Ensure S3 buckets should have event notifications enabled"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_AWS_18: "Ensure the S3 bucket has access logging enabled"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV_AWS_144: "Ensure that S3 bucket has cross-region replication enabled"
terraform-validate (modules/alb-logs-to-s3-to-cloudwatch)
CKV2_AWS_61: "Ensure that an S3 bucket has a lifecycle configuration"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_115: "Ensure that AWS Lambda function is configured for function-level concurrent execution limit"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_116: "Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ)"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_50: "X-Ray tracing is enabled for Lambda"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_117: "Ensure that AWS Lambda function is configured inside a VPC"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_131: "Ensure that ALB drops HTTP headers"
terraform-validate (modules/cloudfront-ssl-hsts)
CKV_AWS_150: "Ensure that Load Balancer has deletion protection enabled"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_124: "Ensure that CloudFormation stacks are sending event notifications to an SNS topic"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail-s3-to-cloudwatch)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudtrail)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_173: "Check encryption settings for Lambda environmental variable"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_50: "X-Ray tracing is enabled for Lambda"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/cloudwatch-alarm-notify)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/cognito-identity-pool-final)
CKV_AWS_289: "Ensure IAM policies does not allow permissions management / resource exposure without constraints"
terraform-validate (modules/cognito-identity-pool-final)
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/cognito-identity-pool-final)
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/cognito-identity-pool-final)
CKV_AWS_287: "Ensure IAM policies does not allow credentials exposure"
terraform-validate (modules/eks-iam-user-constrain)
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/eks-iam-user-constrain)
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/eks-iam-user-constrain)
CKV_AWS_287: "Ensure IAM policies does not allow credentials exposure"
terraform-validate (modules/eks-iam-user-constrain)
CKV_K8S_49: "Minimize wildcard use in Roles and ClusterRoles"
terraform-validate (modules/eks-iam-user-constrain)
CKV2_AWS_21: "Ensure that all IAM users are members of at least one IAM group."
terraform-validate (modules/eks-iam-user-constrain)
CKV2_AWS_14: "Ensure that IAM groups includes at least one IAM user"
terraform-validate (modules/external-secret-store)
CKV_AWS_273: "Ensure access is controlled through SSO and not AWS IAM defined users"
terraform-validate (modules/external-secret-store)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/external-secret-store)
CKV_K8S_21: "The default namespace should not be used"
terraform-validate (modules/elastic-search)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/elastic-search)
CKV_AWS_5: "Ensure all data stored in the Elasticsearch is securely encrypted at rest"
terraform-validate (modules/elastic-search)
CKV_AWS_317: "Ensure Elasticsearch Domain Audit Logging is enabled"
terraform-validate (modules/elastic-search)
CKV_AWS_318: "Ensure Elasticsearch domains are configured with at least three dedicated master nodes for HA"
terraform-validate (modules/elastic-search)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/elastic-search)
CKV2_AWS_59: "Ensure ElasticSearch/OpenSearch has dedicated master node enabled"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_124: "Ensure that CloudFormation stacks are sending event notifications to an SNS topic"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/ecr)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ecr)
CKV_AWS_51: "Ensure ECR Image Tags are immutable"
terraform-validate (modules/fluent-bit-logs-s3-to-cloudwatch)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/ecr)
CKV_AWS_136: "Ensure that ECR repositories are encrypted using KMS"
terraform-validate (modules/ecr)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ecr)
CKV_TF_2: "Ensure Terraform module sources use a tag with a version number"
terraform-validate (modules/iam-group)
CKV2_AWS_21: "Ensure that all IAM users are members of at least one IAM group."
terraform-validate (modules/iam-group)
CKV2_AWS_14: "Ensure that IAM groups includes at least one IAM user"
terraform-validate (modules/goldilocks)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/goldilocks)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/goldilocks)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/goldilocks)
CKV_TF_2: "Ensure Terraform module sources use a tag with a version number"
terraform-validate (modules/goldilocks)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/iam-account-password-policy)
CKV_AWS_9: "Ensure IAM password policy expires passwords within 90 days or less"
terraform-validate (modules/iam-account-password-policy)
CKV_AWS_14: "Ensure IAM password policy requires at least one symbol"
terraform-validate (modules/iam-account-password-policy)
CKV_AWS_10: "Ensure IAM password policy requires minimum length of 14 or greater"
terraform-validate (modules/iam-account-password-policy)
CKV_AWS_11: "Ensure IAM password policy requires at least one lowercase letter"
terraform-validate (modules/iam-account-password-policy)
CKV_AWS_15: "Ensure IAM password policy requires at least one uppercase letter"
terraform-validate (modules/iam-account-password-policy)
CKV_AWS_12: "Ensure IAM password policy requires at least one number"
terraform-validate (modules/route53-alerts-notify)
CKV_AWS_173: "Check encryption settings for Lambda environmental variable"
terraform-validate (modules/route53-alerts-notify)
CKV_AWS_50: "X-Ray tracing is enabled for Lambda"
terraform-validate (modules/route53-alerts-notify)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/route53-alerts-notify)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/route53-alerts-notify)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/route53-alerts-notify)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/route53-alerts-notify)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/secret)
CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
terraform-validate (modules/vpc)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/vpc)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/vpc)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/vpc)
CKV2_AWS_11: "Ensure VPC flow logging is enabled in all VPCs"
terraform-validate (modules/vpc)
CKV2_AWS_12: "Ensure the default security group of every VPC restricts all traffic"
terraform-validate (modules/sns-cronjob)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/sns-cronjob)
CKV_AWS_27: "Ensure all data stored in the SQS queue is encrypted"
terraform-validate (modules/sns-cronjob)
CKV_AWS_283: "Ensure no IAM policies documents allow ALL or any AWS principal permissions to the resource"
terraform-validate (modules/ssl-certificate)
CKV2_AWS_71: "Ensure AWS ACM Certificate domain name does not include wildcards"
terraform-validate (modules/sqs)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/sqs)
CKV_AWS_273: "Ensure access is controlled through SSO and not AWS IAM defined users"
terraform-validate (modules/sqs)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/sqs)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/service-alerts)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/service-alerts)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/service-alerts)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/service-alerts)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/service-alerts)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/service-alerts)
CKV_AWS_26: "Ensure all data stored in the SNS topic is encrypted"
terraform-validate (modules/service-alerts)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/service-alerts)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/service-alerts)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/service-alerts)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_186: "Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_124: "Ensure that CloudFormation stacks are sending event notifications to an SNS topic"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_363: "Ensure Lambda Runtime is not deprecated"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
terraform-validate (modules/vpc-flow-logs-to-s3-to-cloudwatch)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/ingress)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
terraform-validate (modules/waf)
CKV_TF_1: "Ensure Terraform module sources use a commit hash"