Skip to content
Secure Code Analysis

Secure Code Analysis #240

Sign in to view logs

Secure Code Analysis

Secure Code Analysis #240

Triggered via schedule October 19, 2023 01:50
@ep-93ep-93
3a319b9
main
Status Failure
Total duration 2m 21s
Artifacts

code-scanning.yml

on: schedule
tfsec
36s
tfsec
checkov
2m 11s
checkov
Matrix: tflint
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 1 notice
checkov: terraform/environments/apex/ec2.tf#L25
CKV_AWS_79: "Ensure Instance Metadata Service Version 1 is not enabled"
checkov: terraform/environments/apex/ec2.tf#L138
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
checkov: terraform/environments/apex/ec2.tf#L138
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
checkov: terraform/environments/apex/efs.tf#L1
CKV_AWS_184: "Ensure resource is encrypted by KMS using a customer managed Key (CMK)"
checkov: terraform/environments/apex/efs.tf#L20
CKV_AWS_23: "Ensure every security groups rule has a description"
checkov: terraform/environments/apex/modules/codebuild/main.tf#L5
CKV_AWS_163: "Ensure ECR image scanning on push is enabled"
checkov: terraform/environments/apex/modules/codebuild/main.tf#L5
CKV_AWS_51: "Ensure ECR Image Tags are immutable"
checkov: terraform/environments/apex/modules/codebuild/main.tf#L5
CKV_AWS_136: "Ensure that ECR repositories are encrypted using KMS"
checkov: terraform/environments/ccms-ebs/ccms-cloudwatch.tf#L15
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
checkov: terraform/environments/ccms-ebs/ccms-cloudwatch.tf#L28
CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits