add-ecs-cluster #4796

roncitrus · 2024-02-01T13:59:14Z

No description provided.

github-actions · 2024-02-01T14:01:09Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-02T10:51:39Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-02T10:55:35Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.665159ms
parsing 159.530506ms
adaptation 105.528µs
checks 5.490275ms
total 166.791468ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-02 10:55:29,831 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 127, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-02T10:58:57Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.640602ms
parsing 181.692501ms
adaptation 119.032µs
checks 3.372069ms
total 186.824204ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-02 10:58:50,220 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 127, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-02T11:01:26Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.622254ms
parsing 169.02358ms
adaptation 216.425µs
checks 7.415321ms
total 178.27758ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-02 11:01:20,143 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 127, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-02T11:43:20Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/corporate-staff-rostering

Running TFSEC in terraform/environments/corporate-staff-rostering
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.635892ms
parsing 253.022407ms
adaptation 143.297µs
checks 3.653191ms
total 258.454787ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 75

results
──────────────────────────────────────────
passed 1
ignored 1
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering
terraform scan results:

Passed checks: 122, Failed checks: 0, Skipped checks: 26


checkov_exitcode=0

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering

*****************************

Running tflint in terraform/environments/corporate-staff-rostering
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

`Trivy Scan`

Show Output

github-actions · 2024-02-02T12:03:38Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.616251ms
parsing 171.217324ms
adaptation 120.094µs
checks 3.360954ms
total 176.314623ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-02 12:03:32,999 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 127, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-02T12:12:08Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.617382ms
parsing 170.086637ms
adaptation 185.928µs
checks 6.66032ms
total 178.550267ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-02 12:12:01,531 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 127, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-02T12:36:06Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 2.444549ms
parsing 189.939021ms
adaptation 119.794µs
checks 3.436378ms
total 195.939742ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 288
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-02 12:36:00,704 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 127, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-06T12:54:22Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-06T12:57:35Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-06T13:01:35Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-06T14:02:37Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-06T14:54:07Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/nomis-data-hub

Running TFSEC in terraform/environments/nomis-data-hub
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.524554ms
parsing 150.707201ms
adaptation 112.711µs
checks 5.33905ms
total 157.683516ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 272
files read 72

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/nomis-data-hub

*****************************

Running Checkov in terraform/environments/nomis-data-hub
terraform scan results:

Passed checks: 104, Failed checks: 0, Skipped checks: 20


checkov_exitcode=0

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/nomis-data-hub

*****************************

Running tflint in terraform/environments/nomis-data-hub
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

`Trivy Scan`

Show Output

github-actions · 2024-02-07T15:08:10Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-07T15:11:54Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-07T16:16:00Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/hmpps-domain-services

Running TFSEC in terraform/environments/hmpps-domain-services
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.714365ms
parsing 175.588261ms
adaptation 235.54µs
checks 9.386859ms
total 186.925025ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 5
blocks processed 289
files read 77

results
──────────────────────────────────────────
passed 1
ignored 0
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running Checkov in terraform/environments/hmpps-domain-services
2024-02-07 16:15:54,437 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-lambda-function:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 128, Failed checks: 1, Skipped checks: 20

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: ad-clean-up-lambda
	File: /lambda.tf:7-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		7  | module "ad-clean-up-lambda" {
		8  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
		9  |   count  = local.environment == "test" ? 1 : 0                                             # temporary whilst on-going work
		10 | 
		11 | 
		12 |   application_name = local.lambda_ad_object_cleanup.function_name
		13 |   function_name    = local.lambda_ad_object_cleanup.function_name
		14 |   description      = "Lambda to remove corresponding computer object from Active Directory upon server termination"
		15 |   package_type     = "Zip"
		16 |   filename         = data.archive_file.ad-cleanup-lambda.output_path
		17 |   source_code_hash = data.archive_file.ad-cleanup-lambda.output_base64sha256
		18 |   handler          = "lambda_function.lambda_handler"
		19 |   runtime          = "python3.8"
		20 | 
		21 |   create_role = false
		22 |   lambda_role = aws_iam_role.lambda-ad-role[count.index].arn
		23 | 
		24 |   vpc_subnet_ids         = tolist(data.aws_subnets.shared-private.ids)
		25 |   vpc_security_group_ids = [module.baseline.security_groups["domain"].id]
		26 | 
		27 |   tags = merge(
		28 |     local.tags,
		29 |     {
		30 |       Name = "ad-clean-up-lambda"
		31 |     },
		32 |   )
		33 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/hmpps-domain-services

*****************************

Running tflint in terraform/environments/hmpps-domain-services
Excluding the following checks: terraform_unused_declarations
2 issue(s) found:

Warning: Module source "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" is not pinned (terraform_module_pinned_source)

  on terraform/environments/hmpps-domain-services/lambda.tf line 8:
   8:   source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "archive" in `required_providers` (terraform_required_providers)

  on terraform/environments/hmpps-domain-services/lambda.tf line 35:
  35: data "archive_file" "ad-cleanup-lambda" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan`

Show Output

github-actions · 2024-02-07T16:24:27Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:
terraform/environments/nomis

Running TFSEC in terraform/environments/nomis
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
aquasecurity/tfsec#1994

timings
──────────────────────────────────────────
disk i/o 1.833614ms
parsing 238.739297ms
adaptation 350.158µs
checks 3.937952ms
total 244.861021ms

counts
──────────────────────────────────────────
modules downloaded 0
modules processed 6
blocks processed 288
files read 78

results
──────────────────────────────────────────
passed 37
ignored 4
critical 0
high 0
medium 0
low 0

No problems detected!

tfsec_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/nomis

*****************************

Running Checkov in terraform/environments/nomis
terraform scan results:

Passed checks: 134, Failed checks: 0, Skipped checks: 23


checkov_exitcode=0

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/nomis

*****************************

Running tflint in terraform/environments/nomis
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

`Trivy Scan`

Show Output

github-actions · 2024-02-08T14:23:47Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

github-actions · 2024-02-08T16:59:51Z

`TFSEC Scan` Success

Show Output

```hcl

TFSEC will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan`

Show Output

add-ecs-cluster

a80628f

roncitrus requested review from a team as code owners February 1, 2024 13:59

github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Feb 1, 2024

roncitrus temporarily deployed to cdpt-ifs-development February 1, 2024 14:00 — with GitHub Actions Inactive

task definition

6a5e44a

missing locals

234fac7

add iam role app_task

2ebb6eb

add iam role app_execution

15bf2ff

add iam role_policy app_execution

50be78d

roncitrus temporarily deployed to cdpt-ifs-development February 2, 2024 11:42 — with GitHub Actions Inactive

ec2 instance role & policy

c83027a

roncitrus temporarily deployed to cdpt-ifs-development February 2, 2024 12:02 — with GitHub Actions Inactive

ec2 instance profile

ec6aeae

ec2 launch template

243dc3f

roncitrus added 3 commits February 2, 2024 12:36

remove duplicate resource

bd3037f

remove duplicate resource

97335b1

add user_data.txt

74058e5

roncitrus temporarily deployed to cdpt-ifs-development February 2, 2024 12:49 — with GitHub Actions Inactive

corrects indentation app_var.json

5476742

roncitrus had a problem deploying to cdpt-ifs-development February 5, 2024 08:32 — with GitHub Actions Failure

add ec2 capacity

188aae1

add app_count

18ceaff

roncitrus had a problem deploying to cdpt-ifs-development February 6, 2024 13:00 — with GitHub Actions Failure

add key pair

91e4701

roncitrus temporarily deployed to cdpt-ifs-development February 6, 2024 14:01 — with GitHub Actions Inactive

remove secrets

a8b9ce5

roncitrus temporarily deployed to cdpt-ifs-development February 6, 2024 14:53 — with GitHub Actions Inactive

add ingress rules for EC2 launch template

3210e40

correct typo

3e21ba9

roncitrus temporarily deployed to cdpt-ifs-development February 7, 2024 15:11 — with GitHub Actions Inactive

add cloudwatch logging

5bc9418

add deployment logs

507dfdd

roncitrus temporarily deployed to cdpt-ifs-development February 7, 2024 16:23 — with GitHub Actions Inactive

bastion and ssh keys

725881b

correct path for bastion_linux.json

359435a

roncitrus temporarily deployed to cdpt-ifs-development February 8, 2024 16:58 — with GitHub Actions Inactive

fshafaatmoj approved these changes Feb 9, 2024

View reviewed changes

roncitrus merged commit 0db166a into main Feb 9, 2024
12 of 14 checks passed

roncitrus deleted the ifs-ecs branch February 9, 2024 10:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add-ecs-cluster #4796

add-ecs-cluster #4796

roncitrus commented Feb 1, 2024

github-actions bot commented Feb 1, 2024

github-actions bot commented Feb 2, 2024

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 2, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 6, 2024

github-actions bot commented Feb 6, 2024

github-actions bot commented Feb 6, 2024

github-actions bot commented Feb 6, 2024

github-actions bot commented Feb 6, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 7, 2024

github-actions bot commented Feb 7, 2024

github-actions bot commented Feb 7, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 7, 2024

You can read more here:
aquasecurity/tfsec#1994

github-actions bot commented Feb 8, 2024

github-actions bot commented Feb 8, 2024

add-ecs-cluster #4796

add-ecs-cluster #4796

Conversation

roncitrus commented Feb 1, 2024

github-actions bot commented Feb 1, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

Trivy Scan

github-actions bot commented Feb 2, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

Trivy Scan

github-actions bot commented Feb 6, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 6, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 6, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 6, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 6, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 7, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 7, 2024

TFSEC Scan Success

CTFLint Scan Success

Trivy Scan

github-actions bot commented Feb 7, 2024

TFSEC Scan Success

You can read more here: aquasecurity/tfsec#1994

CTFLint Scan Failed

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Failed

`Trivy Scan`

`TFSEC Scan` Success

You can read more here:
aquasecurity/tfsec#1994

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`

`TFSEC Scan` Success

`CTFLint Scan` Success

`Trivy Scan`