remove rds

[roncitrus]

No description provided.

[github-actions]

Checkov Scan Failed

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering
2024-01-09 16:40:04,773 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 96, Failed checks: 1, Skipped checks: 19

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: lambda_cw_logs_xml_to_json
	File: /lambda.tf:10-48
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		10 | module "lambda_cw_logs_xml_to_json" {
		11 |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function"
		12 | 
		13 |   application_name = local.lambda_cw_logs_xml_to_json.function_name
		14 |   function_name    = local.lambda_cw_logs_xml_to_json.function_name
		15 |   role_name        = local.lambda_cw_logs_xml_to_json.function_name
		16 | 
		17 |   package_type     = "Zip"
		18 |   filename         = "${path.module}/lambda/cw-xml-to-json/deployment_package.zip"
		19 |   source_code_hash = filebase64sha256("${path.module}/lambda/cw-xml-to-json/deployment_package.zip")
		20 |   runtime          = "python3.12"
		21 |   handler          = "lambda_function.lambda_handler"
		22 | 
		23 |   policy_json_attached = true
		24 |   policy_json = jsonencode({
		25 |     Version = "2012-10-17",
		26 |     Statement = [
		27 |       {
		28 |         Action = [
		29 |           "logs:CreateLogGroup",
		30 |           "logs:CreateLogStream",
		31 |           "logs:PutLogEvents",
		32 |           "logs:DescribeLogStreams"
		33 |         ],
		34 |         Effect   = "Allow",
		35 |         Resource = "arn:aws:logs:*:*:*"
		36 |       },
		37 |     ]
		38 |   })
		39 | 
		40 |   allowed_triggers = {
		41 |     AllowExecutionFromCloudWatch = {
		42 |       principal  = "logs.amazonaws.com"
		43 |       source_arn = "${module.baseline.cloudwatch_log_groups[local.lambda_cw_logs_xml_to_json.monitored_log_group].arn}:*"
		44 |     }
		45 |   }
		46 | 
		47 |   tags = {}
		48 | }


checkov_exitcode=1

CTFLint Scan Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running tflint in terraform/environments/corporate-staff-rostering
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/corporate-staff-rostering/lambda.tf line 11:
  11:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.2.1/docs/rules/terraform_module_pinned_source.md

tflint_exitcode=2

Trivy Scan

Show Output

[github-actions]

Checkov Scan Success

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/nomis-data-hub

*****************************

Running Checkov in terraform/environments/nomis-data-hub
terraform scan results:

Passed checks: 90, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/nomis-data-hub

*****************************

Running tflint in terraform/environments/nomis-data-hub
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan

Show Output

[github-actions]

Checkov Scan Success

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering
terraform scan results:

Passed checks: 96, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running tflint in terraform/environments/corporate-staff-rostering
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan

Show Output

[github-actions]

Checkov Scan Success

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering
terraform scan results:

Passed checks: 96, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running tflint in terraform/environments/corporate-staff-rostering
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan

Show Output

[github-actions]

Checkov Scan Success

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering
terraform scan results:

Passed checks: 96, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running tflint in terraform/environments/corporate-staff-rostering
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan

Show Output