Secure Code Analysis #434
ep-93code-scanning.yml
on: schedule
tfsec
3m 8s
checkov
2m 44s
Matrix: tflint
Annotations
11 errors, 5 warnings, and 1 notice
|
checkov:
terraform/environments/analytical-platform-compute/vpc.tf#L20
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
|
|
checkov:
terraform/environments/analytical-platform-ingestion/sns.tf#L1
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
|
|
checkov:
terraform/environments/analytical-platform-ingestion/sns.tf#L41
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
|
|
checkov:
terraform/environments/apex/ec2.tf#L25
CKV_AWS_79: "Ensure Instance Metadata Service Version 1 is not enabled"
|
|
checkov:
terraform/environments/apex/ec2.tf#L145
CKV_AWS_290: "Ensure IAM policies does not allow write access without constraints"
|
|
checkov:
terraform/environments/apex/ec2.tf#L145
CKV_AWS_355: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
|
|
checkov:
terraform/environments/apex/efs.tf#L1
CKV_AWS_184: "Ensure resource is encrypted by KMS using a customer managed Key (CMK)"
|
|
checkov:
terraform/environments/apex/efs.tf#L23
CKV_AWS_23: "Ensure every security groups rule has a description"
|
|
checkov:
terraform/environments/apex/lambda.tf#L81
CKV_AWS_115: "Ensure that AWS Lambda function is configured for function-level concurrent execution limit"
|
|
checkov:
terraform/environments/apex/lambda.tf#L81
CKV_AWS_272: "Ensure AWS Lambda function is configured to validate code-signing"
|
|
tfsec
Code Scanning could not process the submitted SARIF file:
SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file", SARIF URI scheme "git" did not match the checkout URI scheme "file"
|
|
tflint (ubuntu-latest)
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
checkov
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
tfsec
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
tfsec
Failed to download action 'https://api.github.com/repos/actions/checkout/tarball/0ad4b8fadaa221de15dcec353f45205ec38ea70b'. Error: The request was canceled due to the configured HttpClient.Timeout of 100 seconds elapsing.
|
|
tfsec
Back off 27.497 seconds before retry.
|
|
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits
|