Secure Code Analysis #257
ep-93code-scanning.yml
on: schedule
tfsec
45s
checkov
1m 35s
Matrix: tflint
Annotations
10 errors and 1 notice
|
checkov:
terraform/environments/apex/ec2.tf#L25
CKV_AWS_79: "Ensure Instance Metadata Service Version 1 is not enabled"
|
|
checkov:
terraform/environments/apex/ec2.tf#L138
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
|
|
checkov:
terraform/environments/apex/ec2.tf#L138
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
|
|
checkov:
terraform/environments/apex/efs.tf#L1
CKV_AWS_184: "Ensure resource is encrypted by KMS using a customer managed Key (CMK)"
|
|
checkov:
terraform/environments/apex/efs.tf#L20
CKV_AWS_23: "Ensure every security groups rule has a description"
|
|
checkov:
terraform/environments/apex/lambda.tf#L66
CKV_AWS_50: "X-ray tracing is enabled for Lambda"
|
|
checkov:
terraform/environments/apex/lambda.tf#L66
CKV_AWS_173: "Check encryption settings for Lambda environmental variable"
|
|
checkov:
terraform/environments/apex/lambda.tf#L66
CKV_AWS_116: "Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ)"
|
|
checkov:
terraform/environments/apex/lambda.tf#L66
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
|
|
checkov:
terraform/environments/apex/lambda.tf#L66
CKV_AWS_115: "Ensure that AWS Lambda function is configured for function-level concurrent execution limit"
|
|
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits
|