📌 Observability Platform updates

[jacobwoffenden]

This pull request:

• Updates Grafana to 10.4 https://aws.amazon.com/about-aws/whats-new/2024/05/amazon-managed-grafana-supports-version-10-4/
• Updates Grafana API key rotator to 1.0.10 https://github.com/ministryofjustice/observability-platform-grafana-api-key-rotator/releases/tag/1.0.10
• Updates IAM module to 5.44.0 https://github.com/terraform-aws-modules/terraform-aws-iam/releases/tag/v5.44.0
• Updates the Lambda module to https://github.com/terraform-aws-modules/terraform-aws-lambda/releases/tag/v7.7.1

Notes

This took longer than expected because Grafana's HTTP API changed between versions and I needed to import all of the data sources back in to state (9d033fd)

I also had to remove the prefix on data sources (53f8528)

TODO

• Prepare production imports
• Manually remove data-platform from AMG assigned users/groups

Signed-off-by: Jacob Woffenden [email protected]

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T10:02:46Z INFO [db] Need to update DB
2024-08-13T10:02:46Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T10:02:48Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T10:02:48Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T10:02:48Z INFO Need to update the built-in policies
2024-08-13T10:02:48Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T10:02:48Z INFO [secret] Secret scanning is enabled
2024-08-13T10:02:48Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T10:02:48Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T10:02:50Z INFO Number of language-specific files num=0
2024-08-13T10:02:50Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T10:02:50Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T10:02:50Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T10:02:50Z INFO [secret] Secret scanning is enabled
2024-08-13T10:02:50Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T10:02:50Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T10:02:51Z INFO Number of language-specific files num=0
2024-08-13T10:02:51Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 10:02:53,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 10:02:53,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 10:02:53,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 10:02:53,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 10:02:53,540 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 10:02:53,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 10:02:56,802 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 10:02:56,802 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T10:02:46Z	INFO	[db] Need to update DB
2024-08-13T10:02:46Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T10:02:48Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T10:02:48Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T10:02:48Z	INFO	Need to update the built-in policies
2024-08-13T10:02:48Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T10:02:48Z	INFO	[secret] Secret scanning is enabled
2024-08-13T10:02:48Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T10:02:48Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T10:02:50Z	INFO	Number of language-specific files	num=0
2024-08-13T10:02:50Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T10:02:50Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T10:02:50Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T10:02:50Z	INFO	[secret] Secret scanning is enabled
2024-08-13T10:02:50Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T10:02:50Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T10:02:51Z	INFO	Number of language-specific files	num=0
2024-08-13T10:02:51Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T12:46:18Z INFO [db] Need to update DB
2024-08-13T12:46:18Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T12:46:20Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T12:46:20Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T12:46:20Z INFO Need to update the built-in policies
2024-08-13T12:46:20Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T12:46:20Z INFO [secret] Secret scanning is enabled
2024-08-13T12:46:20Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T12:46:20Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T12:46:22Z INFO Number of language-specific files num=0
2024-08-13T12:46:22Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T12:46:23Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T12:46:23Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T12:46:23Z INFO [secret] Secret scanning is enabled
2024-08-13T12:46:23Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T12:46:23Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T12:46:23Z INFO Number of language-specific files num=0
2024-08-13T12:46:23Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 12:46:26,357 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 12:46:26,357 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 12:46:26,357 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 12:46:26,357 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 12:46:26,357 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 12:46:26,358 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 12:46:29,661 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 12:46:29,661 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/prometheus/iam-role

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T12:46:18Z	INFO	[db] Need to update DB
2024-08-13T12:46:18Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T12:46:20Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T12:46:20Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T12:46:20Z	INFO	Need to update the built-in policies
2024-08-13T12:46:20Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T12:46:20Z	INFO	[secret] Secret scanning is enabled
2024-08-13T12:46:20Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T12:46:20Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T12:46:22Z	INFO	Number of language-specific files	num=0
2024-08-13T12:46:22Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T12:46:23Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T12:46:23Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T12:46:23Z	INFO	[secret] Secret scanning is enabled
2024-08-13T12:46:23Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T12:46:23Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T12:46:23Z	INFO	Number of language-specific files	num=0
2024-08-13T12:46:23Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:33:08Z INFO [db] Need to update DB
2024-08-13T14:33:08Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T14:33:10Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:10Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:10Z INFO Need to update the built-in policies
2024-08-13T14:33:10Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T14:33:10Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:10Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:10Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:12Z INFO Number of language-specific files num=0
2024-08-13T14:33:12Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T14:33:13Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:13Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:13Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:13Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:13Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:13Z INFO Number of language-specific files num=0
2024-08-13T14:33:13Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T14:33:14Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:14Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:14Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:14Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:14Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:14Z INFO Number of language-specific files num=0
2024-08-13T14:33:14Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T14:33:14Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:14Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:14Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:14Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:14Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:15Z INFO Number of language-specific files num=0
2024-08-13T14:33:15Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T14:33:15Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:15Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:15Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:15Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:15Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:16Z INFO Number of language-specific files num=0
2024-08-13T14:33:16Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T14:33:16Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:16Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:16Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:16Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:16Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:17Z INFO Number of language-specific files num=0
2024-08-13T14:33:17Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T14:33:17Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:17Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:17Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:17Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:17Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:18Z INFO Number of language-specific files num=0
2024-08-13T14:33:18Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T14:33:18Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:18Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:18Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:18Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:18Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:19Z INFO Number of language-specific files num=0
2024-08-13T14:33:19Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:33:19Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:33:19Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:19Z INFO [secret] Secret scanning is enabled
2024-08-13T14:33:19Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:19Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:20Z INFO Number of language-specific files num=0
2024-08-13T14:33:20Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 14:33:22,867 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:22,867 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:22,867 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:22,867 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:22,868 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:22,868 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 14:33:42,896 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:42,896 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 14:33:45,701 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:45,701 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:45,701 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:45,702 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:45,702 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:33:45,702 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:33:08Z	INFO	[db] Need to update DB
2024-08-13T14:33:08Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T14:33:10Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:10Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:10Z	INFO	Need to update the built-in policies
2024-08-13T14:33:10Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T14:33:10Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:10Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:10Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:12Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:12Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T14:33:13Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:13Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:13Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:13Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:13Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:13Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:13Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T14:33:14Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:14Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:14Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:14Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:14Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:14Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:14Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T14:33:14Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:14Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:14Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:14Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:14Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:15Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:15Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T14:33:15Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:15Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:15Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:15Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:15Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:16Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:16Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T14:33:16Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:16Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:16Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:16Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:16Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:17Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:17Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T14:33:17Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:17Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:17Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:17Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:17Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:18Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:18Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T14:33:18Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:18Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:18Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:18Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:18Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:19Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:19Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:33:19Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:33:19Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:33:19Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:33:19Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:33:19Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:33:20Z	INFO	Number of language-specific files	num=0
2024-08-13T14:33:20Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:38:31Z INFO [db] Need to update DB
2024-08-13T14:38:31Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T14:38:33Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:33Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:33Z INFO Need to update the built-in policies
2024-08-13T14:38:33Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T14:38:33Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:33Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:33Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:36Z INFO Number of language-specific files num=0
2024-08-13T14:38:36Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T14:38:36Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:36Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:36Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:36Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:36Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:37Z INFO Number of language-specific files num=0
2024-08-13T14:38:37Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T14:38:37Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:37Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:37Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:37Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:37Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:38Z INFO Number of language-specific files num=0
2024-08-13T14:38:38Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T14:38:38Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:38Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:38Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:38Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:38Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:38Z INFO Number of language-specific files num=0
2024-08-13T14:38:38Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T14:38:39Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:39Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:39Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:39Z INFO Number of language-specific files num=0
2024-08-13T14:38:39Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T14:38:40Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:40Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:40Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:40Z INFO Number of language-specific files num=0
2024-08-13T14:38:40Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T14:38:41Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:41Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:41Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:41Z INFO Number of language-specific files num=0
2024-08-13T14:38:41Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T14:38:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:42Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:42Z INFO Number of language-specific files num=0
2024-08-13T14:38:42Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:38:43Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T14:38:43Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:43Z INFO [secret] Secret scanning is enabled
2024-08-13T14:38:43Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:43Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:43Z INFO Number of language-specific files num=0
2024-08-13T14:38:43Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 14:38:46,445 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:38:46,445 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:38:46,445 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:38:46,445 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:38:46,445 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:38:46,445 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 14:39:08,940 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:39:08,941 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 14:39:12,129 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:39:12,129 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:39:12,129 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:39:12,130 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:39:12,130 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 14:39:12,130 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:38:31Z	INFO	[db] Need to update DB
2024-08-13T14:38:31Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T14:38:33Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:33Z	INFO	Need to update the built-in policies
2024-08-13T14:38:33Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T14:38:33Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:33Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:33Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:36Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:36Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T14:38:36Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:36Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:36Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:36Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:36Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:37Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:37Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T14:38:37Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:37Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:37Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:37Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:38Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:38Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T14:38:38Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:38Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:38Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:38Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:38Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:38Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:38Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T14:38:39Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:39Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:39Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:39Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:39Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T14:38:40Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:40Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:40Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:40Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:40Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:40Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:40Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T14:38:41Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:41Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:41Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:41Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T14:38:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:42Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:42Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:42Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T14:38:43Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T14:38:43Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T14:38:43Z	INFO	[secret] Secret scanning is enabled
2024-08-13T14:38:43Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T14:38:43Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T14:38:43Z	INFO	Number of language-specific files	num=0
2024-08-13T14:38:43Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:22:29Z INFO [db] Need to update DB
2024-08-13T15:22:29Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T15:22:31Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:31Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:31Z INFO Need to update the built-in policies
2024-08-13T15:22:31Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T15:22:32Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:32Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:32Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:36Z INFO Number of language-specific files num=0
2024-08-13T15:22:36Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T15:22:37Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:37Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:37Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:37Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:37Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:37Z INFO Number of language-specific files num=0
2024-08-13T15:22:37Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T15:22:37Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:37Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:37Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:37Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:37Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:38Z INFO Number of language-specific files num=0
2024-08-13T15:22:38Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T15:22:38Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:38Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:38Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:38Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:38Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:39Z INFO Number of language-specific files num=0
2024-08-13T15:22:39Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T15:22:39Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:39Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:39Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:40Z INFO Number of language-specific files num=0
2024-08-13T15:22:40Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T15:22:40Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:40Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:40Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:41Z INFO Number of language-specific files num=0
2024-08-13T15:22:41Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T15:22:41Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:41Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:41Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:41Z INFO Number of language-specific files num=0
2024-08-13T15:22:41Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T15:22:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:42Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:42Z INFO Number of language-specific files num=0
2024-08-13T15:22:42Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:22:43Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:22:43Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:43Z INFO [secret] Secret scanning is enabled
2024-08-13T15:22:43Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:43Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:43Z INFO Number of language-specific files num=0
2024-08-13T15:22:43Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 15:22:46,757 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:22:46,757 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:22:46,757 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:22:46,757 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:22:46,757 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:22:46,757 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 15:23:12,917 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:23:12,917 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 15:23:16,553 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:23:16,553 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:23:16,553 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:23:16,553 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:23:16,553 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:23:16,553 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:22:29Z	INFO	[db] Need to update DB
2024-08-13T15:22:29Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T15:22:31Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:31Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:31Z	INFO	Need to update the built-in policies
2024-08-13T15:22:31Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T15:22:32Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:32Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:32Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:36Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:36Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T15:22:37Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:37Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:37Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:37Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:37Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:37Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T15:22:37Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:37Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:37Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:37Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:38Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:38Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T15:22:38Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:38Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:38Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:38Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:38Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:39Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:39Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T15:22:39Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:39Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:39Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:40Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:40Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T15:22:40Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:40Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:40Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:40Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:40Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:41Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:41Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T15:22:41Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:41Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:41Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:41Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T15:22:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:42Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:42Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:42Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:22:43Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:22:43Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:22:43Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:22:43Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:22:43Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:22:43Z	INFO	Number of language-specific files	num=0
2024-08-13T15:22:43Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:56:55Z INFO [db] Need to update DB
2024-08-13T15:56:55Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T15:56:57Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:56:57Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:56:57Z INFO Need to update the built-in policies
2024-08-13T15:56:57Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T15:56:57Z INFO [secret] Secret scanning is enabled
2024-08-13T15:56:57Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:56:57Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:56:59Z INFO Number of language-specific files num=0
2024-08-13T15:56:59Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T15:56:59Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:56:59Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:56:59Z INFO [secret] Secret scanning is enabled
2024-08-13T15:56:59Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:56:59Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:00Z INFO Number of language-specific files num=0
2024-08-13T15:57:00Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T15:57:00Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:00Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:00Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:00Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:00Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:01Z INFO Number of language-specific files num=0
2024-08-13T15:57:01Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T15:57:01Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:01Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:01Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:01Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:01Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:02Z INFO Number of language-specific files num=0
2024-08-13T15:57:02Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T15:57:02Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:02Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:02Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:02Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:02Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:03Z INFO Number of language-specific files num=0
2024-08-13T15:57:03Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T15:57:03Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:03Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:03Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:03Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:03Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:03Z INFO Number of language-specific files num=0
2024-08-13T15:57:03Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T15:57:04Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:04Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:04Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:04Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:04Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:04Z INFO Number of language-specific files num=0
2024-08-13T15:57:04Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T15:57:05Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:05Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:05Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:05Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:05Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:05Z INFO Number of language-specific files num=0
2024-08-13T15:57:05Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:57:06Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T15:57:06Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:06Z INFO [secret] Secret scanning is enabled
2024-08-13T15:57:06Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:06Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:06Z INFO Number of language-specific files num=0
2024-08-13T15:57:06Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 15:57:09,192 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:09,192 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:09,192 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:09,192 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:09,192 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:09,192 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 15:57:29,461 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:29,461 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 15:57:32,184 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:32,184 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:32,184 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:32,184 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:32,185 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 15:57:32,185 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:56:55Z	INFO	[db] Need to update DB
2024-08-13T15:56:55Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T15:56:57Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:56:57Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:56:57Z	INFO	Need to update the built-in policies
2024-08-13T15:56:57Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T15:56:57Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:56:57Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:56:57Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:56:59Z	INFO	Number of language-specific files	num=0
2024-08-13T15:56:59Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T15:56:59Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:56:59Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:56:59Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:56:59Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:56:59Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:00Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:00Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T15:57:00Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:00Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:00Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:00Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:00Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:01Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:01Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T15:57:01Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:01Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:01Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:01Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:01Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:02Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:02Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T15:57:02Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:02Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:02Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:02Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:02Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:03Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:03Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T15:57:03Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:03Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:03Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:03Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:03Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:03Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:03Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T15:57:04Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:04Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:04Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:04Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:04Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:04Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:04Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T15:57:05Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:05Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:05Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:05Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:05Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:05Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:05Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T15:57:06Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T15:57:06Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T15:57:06Z	INFO	[secret] Secret scanning is enabled
2024-08-13T15:57:06Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T15:57:06Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T15:57:06Z	INFO	Number of language-specific files	num=0
2024-08-13T15:57:06Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:23:21Z INFO [db] Need to update DB
2024-08-13T16:23:21Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T16:23:23Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:23Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:23Z INFO Need to update the built-in policies
2024-08-13T16:23:23Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T16:23:24Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:24Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:24Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:28Z INFO Number of language-specific files num=0
2024-08-13T16:23:28Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T16:23:28Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:28Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:28Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:28Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:28Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:29Z INFO Number of language-specific files num=0
2024-08-13T16:23:29Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T16:23:29Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:29Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:29Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:29Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:29Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:30Z INFO Number of language-specific files num=0
2024-08-13T16:23:30Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T16:23:30Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:30Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:30Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:30Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:30Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:31Z INFO Number of language-specific files num=0
2024-08-13T16:23:31Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T16:23:31Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:31Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:31Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:31Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:31Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:32Z INFO Number of language-specific files num=0
2024-08-13T16:23:32Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T16:23:32Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:32Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:32Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:32Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:32Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:33Z INFO Number of language-specific files num=0
2024-08-13T16:23:33Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T16:23:33Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:33Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:33Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:33Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:33Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:34Z INFO Number of language-specific files num=0
2024-08-13T16:23:34Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T16:23:34Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:34Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:34Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:34Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:34Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:35Z INFO Number of language-specific files num=0
2024-08-13T16:23:35Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:23:35Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:23:35Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:35Z INFO [secret] Secret scanning is enabled
2024-08-13T16:23:35Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:35Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:36Z INFO Number of language-specific files num=0
2024-08-13T16:23:36Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 16:23:39,032 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:23:39,032 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:23:39,033 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:23:39,033 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:23:39,033 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:23:39,033 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 16:24:05,753 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:24:05,753 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 16:24:09,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:24:09,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:24:09,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:24:09,575 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:24:09,575 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:24:09,575 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:23:21Z	INFO	[db] Need to update DB
2024-08-13T16:23:21Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T16:23:23Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:23Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:23Z	INFO	Need to update the built-in policies
2024-08-13T16:23:23Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T16:23:24Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:24Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:24Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:28Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:28Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T16:23:28Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:28Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:28Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:28Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:28Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:29Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:29Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T16:23:29Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:29Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:29Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:29Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:29Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:30Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:30Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T16:23:30Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:30Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:30Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:30Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:30Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:31Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:31Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T16:23:31Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:31Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:31Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:31Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:31Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:32Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:32Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T16:23:32Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:32Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:32Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:32Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:32Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:33Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:33Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T16:23:33Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:33Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:33Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:33Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:34Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:34Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T16:23:34Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:34Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:34Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:34Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:34Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:35Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:35Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:23:35Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:23:35Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:23:35Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:23:35Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:23:35Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:23:36Z	INFO	Number of language-specific files	num=0
2024-08-13T16:23:36Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:34:39Z INFO [db] Need to update DB
2024-08-13T16:34:39Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T16:34:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:42Z INFO Need to update the built-in policies
2024-08-13T16:34:42Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T16:34:42Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:46Z INFO Number of language-specific files num=0
2024-08-13T16:34:46Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T16:34:46Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:46Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:46Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:46Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:46Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:47Z INFO Number of language-specific files num=0
2024-08-13T16:34:47Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T16:34:47Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:47Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:47Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:47Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:47Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:48Z INFO Number of language-specific files num=0
2024-08-13T16:34:48Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T16:34:48Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:48Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:48Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:48Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:48Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:49Z INFO Number of language-specific files num=0
2024-08-13T16:34:49Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T16:34:49Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:49Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:49Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:49Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:49Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:50Z INFO Number of language-specific files num=0
2024-08-13T16:34:50Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T16:34:50Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:50Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:50Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:50Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:50Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:51Z INFO Number of language-specific files num=0
2024-08-13T16:34:51Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T16:34:51Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:51Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:51Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:51Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:51Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:52Z INFO Number of language-specific files num=0
2024-08-13T16:34:52Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T16:34:52Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:52Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:52Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:52Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:52Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:53Z INFO Number of language-specific files num=0
2024-08-13T16:34:53Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:34:53Z INFO [vuln] Vulnerability scanning is enabled
2024-08-13T16:34:53Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:53Z INFO [secret] Secret scanning is enabled
2024-08-13T16:34:53Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:53Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:54Z INFO Number of language-specific files num=0
2024-08-13T16:34:54Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 16:34:57,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:34:57,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:34:57,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:34:57,540 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:34:57,541 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:34:57,541 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 16:35:26,820 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:35:26,820 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-13 16:35:30,900 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:35:30,901 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:35:30,901 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:35:30,901 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:35:30,901 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-13 16:35:30,901 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:34:39Z	INFO	[db] Need to update DB
2024-08-13T16:34:39Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-13T16:34:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:42Z	INFO	Need to update the built-in policies
2024-08-13T16:34:42Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-13T16:34:42Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:46Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:46Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-13T16:34:46Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:46Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:46Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:46Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:46Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:47Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:47Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-13T16:34:47Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:47Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:47Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:47Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:47Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:48Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:48Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-13T16:34:48Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:48Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:48Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:48Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:48Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:49Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:49Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-13T16:34:49Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:49Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:49Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:49Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:49Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:50Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:50Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-13T16:34:50Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:50Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:50Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:50Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:50Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:51Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:51Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-13T16:34:51Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:51Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:51Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:51Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:51Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:52Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:52Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-13T16:34:52Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:52Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:52Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:52Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:52Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:53Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:53Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-13T16:34:53Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-13T16:34:53Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-13T16:34:53Z	INFO	[secret] Secret scanning is enabled
2024-08-13T16:34:53Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-13T16:34:53Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-13T16:34:54Z	INFO	Number of language-specific files	num=0
2024-08-13T16:34:54Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:50:50Z INFO [db] Need to update DB
2024-08-19T09:50:50Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T09:50:52Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:52Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:52Z INFO Need to update the built-in policies
2024-08-19T09:50:52Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T09:50:52Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:52Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:52Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:54Z INFO Number of language-specific files num=0
2024-08-19T09:50:54Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T09:50:55Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:55Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:55Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:55Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:55Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:55Z INFO Number of language-specific files num=0
2024-08-19T09:50:55Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T09:50:56Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:56Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:56Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:56Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:56Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:56Z INFO Number of language-specific files num=0
2024-08-19T09:50:56Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T09:50:57Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:57Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:57Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:57Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:57Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:57Z INFO Number of language-specific files num=0
2024-08-19T09:50:57Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T09:50:57Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:57Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:57Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:57Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:57Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:58Z INFO Number of language-specific files num=0
2024-08-19T09:50:58Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T09:50:58Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:58Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:58Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:58Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:58Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:59Z INFO Number of language-specific files num=0
2024-08-19T09:50:59Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T09:50:59Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:50:59Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:59Z INFO [secret] Secret scanning is enabled
2024-08-19T09:50:59Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:59Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:51:00Z INFO Number of language-specific files num=0
2024-08-19T09:51:00Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T09:51:00Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:51:00Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:51:00Z INFO [secret] Secret scanning is enabled
2024-08-19T09:51:00Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:51:00Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:51:01Z INFO Number of language-specific files num=0
2024-08-19T09:51:01Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:51:01Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:51:01Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:51:01Z INFO [secret] Secret scanning is enabled
2024-08-19T09:51:01Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:51:01Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:51:02Z INFO Number of language-specific files num=0
2024-08-19T09:51:02Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 09:51:04,692 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:04,692 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:04,692 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:04,693 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:04,693 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:04,693 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 09:51:24,461 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:24,461 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 09:51:27,271 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:27,271 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:27,271 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:27,271 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:27,272 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:51:27,272 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:50:50Z	INFO	[db] Need to update DB
2024-08-19T09:50:50Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T09:50:52Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:52Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:52Z	INFO	Need to update the built-in policies
2024-08-19T09:50:52Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T09:50:52Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:52Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:52Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:54Z	INFO	Number of language-specific files	num=0
2024-08-19T09:50:54Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T09:50:55Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:55Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:55Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:55Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:55Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:55Z	INFO	Number of language-specific files	num=0
2024-08-19T09:50:55Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T09:50:56Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:56Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:56Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:56Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:56Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:56Z	INFO	Number of language-specific files	num=0
2024-08-19T09:50:56Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T09:50:57Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:57Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:57Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:57Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:57Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:57Z	INFO	Number of language-specific files	num=0
2024-08-19T09:50:57Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T09:50:57Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:57Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:57Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:57Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:57Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:58Z	INFO	Number of language-specific files	num=0
2024-08-19T09:50:58Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T09:50:58Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:58Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:58Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:58Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:58Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:50:59Z	INFO	Number of language-specific files	num=0
2024-08-19T09:50:59Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T09:50:59Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:50:59Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:50:59Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:50:59Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:50:59Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:51:00Z	INFO	Number of language-specific files	num=0
2024-08-19T09:51:00Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T09:51:00Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:51:00Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:51:00Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:51:00Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:51:00Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:51:01Z	INFO	Number of language-specific files	num=0
2024-08-19T09:51:01Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:51:01Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:51:01Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:51:01Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:51:01Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:51:01Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:51:02Z	INFO	Number of language-specific files	num=0
2024-08-19T09:51:02Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:59:37Z INFO [db] Need to update DB
2024-08-19T09:59:37Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T09:59:39Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:39Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:39Z INFO Need to update the built-in policies
2024-08-19T09:59:39Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T09:59:39Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:41Z INFO Number of language-specific files num=0
2024-08-19T09:59:41Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T09:59:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:42Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:42Z INFO Number of language-specific files num=0
2024-08-19T09:59:42Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T09:59:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:42Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:43Z INFO Number of language-specific files num=0
2024-08-19T09:59:43Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T09:59:43Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:43Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:43Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:43Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:43Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:44Z INFO Number of language-specific files num=0
2024-08-19T09:59:44Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T09:59:44Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:44Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:44Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:44Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:44Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:45Z INFO Number of language-specific files num=0
2024-08-19T09:59:45Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T09:59:46Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:46Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:46Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:46Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:46Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:46Z INFO Number of language-specific files num=0
2024-08-19T09:59:46Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T09:59:47Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:47Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:47Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:47Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:47Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:47Z INFO Number of language-specific files num=0
2024-08-19T09:59:47Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T09:59:48Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:48Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:48Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:48Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:48Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:48Z INFO Number of language-specific files num=0
2024-08-19T09:59:48Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:59:48Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T09:59:48Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:48Z INFO [secret] Secret scanning is enabled
2024-08-19T09:59:48Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:48Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:49Z INFO Number of language-specific files num=0
2024-08-19T09:59:49Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 09:59:52,048 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:59:52,048 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:59:52,048 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:59:52,048 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:59:52,049 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 09:59:52,049 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 10:00:13,189 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:00:13,190 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 10:00:16,147 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:00:16,147 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:00:16,147 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:00:16,147 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:00:16,148 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:00:16,148 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:59:37Z	INFO	[db] Need to update DB
2024-08-19T09:59:37Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T09:59:39Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:39Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:39Z	INFO	Need to update the built-in policies
2024-08-19T09:59:39Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T09:59:39Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:41Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:41Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T09:59:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:42Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:42Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:42Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T09:59:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:42Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:43Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:43Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T09:59:43Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:43Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:43Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:43Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:43Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:44Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:44Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T09:59:44Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:44Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:44Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:44Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:44Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:45Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:45Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T09:59:46Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:46Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:46Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:46Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:46Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:46Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:46Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T09:59:47Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:47Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:47Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:47Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:47Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:47Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:47Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T09:59:48Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:48Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:48Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:48Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:48Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:48Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:48Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T09:59:48Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T09:59:48Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T09:59:48Z	INFO	[secret] Secret scanning is enabled
2024-08-19T09:59:48Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T09:59:48Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T09:59:49Z	INFO	Number of language-specific files	num=0
2024-08-19T09:59:49Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T10:02:32Z INFO [db] Need to update DB
2024-08-19T10:02:32Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T10:02:33Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:33Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:33Z INFO Need to update the built-in policies
2024-08-19T10:02:33Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T10:02:34Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:34Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:34Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:36Z INFO Number of language-specific files num=0
2024-08-19T10:02:36Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T10:02:36Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:36Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:36Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:36Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:36Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:37Z INFO Number of language-specific files num=0
2024-08-19T10:02:37Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T10:02:37Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:37Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:37Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:37Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:37Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:38Z INFO Number of language-specific files num=0
2024-08-19T10:02:38Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T10:02:38Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:38Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:38Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:38Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:38Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:38Z INFO Number of language-specific files num=0
2024-08-19T10:02:38Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T10:02:39Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:39Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:39Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:39Z INFO Number of language-specific files num=0
2024-08-19T10:02:39Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T10:02:40Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:40Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:40Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:40Z INFO Number of language-specific files num=0
2024-08-19T10:02:40Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T10:02:41Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:41Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:41Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:41Z INFO Number of language-specific files num=0
2024-08-19T10:02:41Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T10:02:41Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:41Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:41Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:42Z INFO Number of language-specific files num=0
2024-08-19T10:02:42Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T10:02:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T10:02:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:42Z INFO [secret] Secret scanning is enabled
2024-08-19T10:02:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:43Z INFO Number of language-specific files num=0
2024-08-19T10:02:43Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 10:02:45,724 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:02:45,724 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:02:45,724 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:02:45,724 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:02:45,724 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:02:45,725 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 10:03:04,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:03:04,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 10:03:07,180 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:03:07,181 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:03:07,181 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:03:07,181 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:03:07,181 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 10:03:07,181 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T10:02:32Z	INFO	[db] Need to update DB
2024-08-19T10:02:32Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T10:02:33Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:33Z	INFO	Need to update the built-in policies
2024-08-19T10:02:33Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T10:02:34Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:34Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:34Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:36Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:36Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T10:02:36Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:36Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:36Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:36Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:36Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:37Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:37Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T10:02:37Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:37Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:37Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:37Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:38Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:38Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T10:02:38Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:38Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:38Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:38Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:38Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:38Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:38Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T10:02:39Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:39Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:39Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:39Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:39Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T10:02:40Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:40Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:40Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:40Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:40Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:40Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:40Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T10:02:41Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:41Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:41Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:41Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T10:02:41Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:41Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:42Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:42Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T10:02:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T10:02:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T10:02:42Z	INFO	[secret] Secret scanning is enabled
2024-08-19T10:02:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T10:02:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T10:02:43Z	INFO	Number of language-specific files	num=0
2024-08-19T10:02:43Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:00:50Z INFO [db] Need to update DB
2024-08-19T11:00:50Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T11:00:52Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:00:52Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:52Z INFO Need to update the built-in policies
2024-08-19T11:00:52Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T11:00:53Z INFO [secret] Secret scanning is enabled
2024-08-19T11:00:53Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:53Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:00:57Z INFO Number of language-specific files num=0
2024-08-19T11:00:57Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T11:00:57Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:00:57Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:57Z INFO [secret] Secret scanning is enabled
2024-08-19T11:00:57Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:57Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:00:58Z INFO Number of language-specific files num=0
2024-08-19T11:00:58Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T11:00:58Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:00:58Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:58Z INFO [secret] Secret scanning is enabled
2024-08-19T11:00:58Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:58Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:00:59Z INFO Number of language-specific files num=0
2024-08-19T11:00:59Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T11:00:59Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:00:59Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:59Z INFO [secret] Secret scanning is enabled
2024-08-19T11:00:59Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:59Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:00Z INFO Number of language-specific files num=0
2024-08-19T11:01:00Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T11:01:00Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:01:00Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:00Z INFO [secret] Secret scanning is enabled
2024-08-19T11:01:00Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:00Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:00Z INFO Number of language-specific files num=0
2024-08-19T11:01:00Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T11:01:01Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:01:01Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:01Z INFO [secret] Secret scanning is enabled
2024-08-19T11:01:01Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:01Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:01Z INFO Number of language-specific files num=0
2024-08-19T11:01:01Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T11:01:02Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:01:02Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:02Z INFO [secret] Secret scanning is enabled
2024-08-19T11:01:02Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:02Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:02Z INFO Number of language-specific files num=0
2024-08-19T11:01:02Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T11:01:03Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:01:03Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:03Z INFO [secret] Secret scanning is enabled
2024-08-19T11:01:03Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:03Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:03Z INFO Number of language-specific files num=0
2024-08-19T11:01:03Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:01:04Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:01:04Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:04Z INFO [secret] Secret scanning is enabled
2024-08-19T11:01:04Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:04Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:04Z INFO Number of language-specific files num=0
2024-08-19T11:01:04Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 11:01:07,643 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:07,643 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:07,643 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:07,644 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:07,644 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:07,644 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 11:01:33,993 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:33,993 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 11:01:37,770 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:37,771 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:37,771 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:37,771 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:37,771 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:01:37,771 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:00:50Z	INFO	[db] Need to update DB
2024-08-19T11:00:50Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T11:00:52Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:00:52Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:52Z	INFO	Need to update the built-in policies
2024-08-19T11:00:52Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T11:00:53Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:00:53Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:53Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:00:57Z	INFO	Number of language-specific files	num=0
2024-08-19T11:00:57Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T11:00:57Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:00:57Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:57Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:00:57Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:57Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:00:58Z	INFO	Number of language-specific files	num=0
2024-08-19T11:00:58Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T11:00:58Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:00:58Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:58Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:00:58Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:58Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:00:59Z	INFO	Number of language-specific files	num=0
2024-08-19T11:00:59Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T11:00:59Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:00:59Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:00:59Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:00:59Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:00:59Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:00Z	INFO	Number of language-specific files	num=0
2024-08-19T11:01:00Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T11:01:00Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:01:00Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:00Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:01:00Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:00Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:00Z	INFO	Number of language-specific files	num=0
2024-08-19T11:01:00Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T11:01:01Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:01:01Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:01Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:01:01Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:01Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:01Z	INFO	Number of language-specific files	num=0
2024-08-19T11:01:01Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T11:01:02Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:01:02Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:02Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:01:02Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:02Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:02Z	INFO	Number of language-specific files	num=0
2024-08-19T11:01:02Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T11:01:03Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:01:03Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:03Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:01:03Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:03Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:03Z	INFO	Number of language-specific files	num=0
2024-08-19T11:01:03Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:01:04Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:01:04Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:01:04Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:01:04Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:01:04Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:01:04Z	INFO	Number of language-specific files	num=0
2024-08-19T11:01:04Z	INFO	Detected config files	num=5
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:02:34Z INFO [db] Need to update DB
2024-08-19T11:02:34Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T11:02:36Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:36Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:36Z INFO Need to update the built-in policies
2024-08-19T11:02:36Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T11:02:37Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:37Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:37Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:39Z INFO Number of language-specific files num=0
2024-08-19T11:02:39Z INFO Detected config files num=5
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T11:02:40Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:40Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:40Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:40Z INFO Number of language-specific files num=0
2024-08-19T11:02:40Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T11:02:41Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:41Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:41Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:41Z INFO Number of language-specific files num=0
2024-08-19T11:02:41Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T11:02:41Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:41Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:41Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:42Z INFO Number of language-specific files num=0
2024-08-19T11:02:42Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T11:02:42Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:42Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:42Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:43Z INFO Number of language-specific files num=0
2024-08-19T11:02:43Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T11:02:43Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:43Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:43Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:43Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:43Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:44Z INFO Number of language-specific files num=0
2024-08-19T11:02:44Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T11:02:44Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:44Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:44Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:44Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:44Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:45Z INFO Number of language-specific files num=0
2024-08-19T11:02:45Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T11:02:45Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:45Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:45Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:45Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:45Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:46Z INFO Number of language-specific files num=0
2024-08-19T11:02:46Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:02:46Z INFO [vuln] Vulnerability scanning is enabled
2024-08-19T11:02:46Z INFO [misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:46Z INFO [secret] Secret scanning is enabled
2024-08-19T11:02:46Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:46Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:47Z INFO Number of language-specific files num=0
2024-08-19T11:02:47Z INFO Detected config files num=5
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 11:02:49,556 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:02:49,556 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:02:49,556 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:02:49,556 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:02:49,557 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:02:49,557 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39

checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 11:03:11,712 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:03:11,712 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 11, Failed checks: 0, Skipped checks: 4


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/observability-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-08-19 11:03:14,770 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.44.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:03:14,770 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:7.7.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:03:14,770 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-prometheus/aws:2.2.3 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:03:14,770 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/managed-service-grafana/aws:2.1.1 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:03:14,770 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-08-19 11:03:14,770 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.44.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 22


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/contact-point/slack
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/team
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/grafana/xray-source
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform/modules/prometheus/iam-role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/observability-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/observability-platform
terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
terraform/environments/observability-platform/modules/grafana/cloudwatch-source
terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
terraform/environments/observability-platform/modules/grafana/contact-point/slack
terraform/environments/observability-platform/modules/grafana/team
terraform/environments/observability-platform/modules/grafana/xray-source
terraform/environments/observability-platform/modules/prometheus/iam-role
terraform/environments/observability-platform

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:02:34Z	INFO	[db] Need to update DB
2024-08-19T11:02:34Z	INFO	[db] Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-08-19T11:02:36Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:36Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:36Z	INFO	Need to update the built-in policies
2024-08-19T11:02:36Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-08-19T11:02:37Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:37Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:37Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:39Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:39Z	INFO	Detected config files	num=5
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/amazon-prometheus-query-source
2024-08-19T11:02:40Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:40Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:40Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:40Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:40Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:40Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:40Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/cloudwatch-source
2024-08-19T11:02:41Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:41Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:41Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:41Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/pagerduty
2024-08-19T11:02:41Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:41Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:42Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:42Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/contact-point/slack
2024-08-19T11:02:42Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:42Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:43Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:43Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/team
2024-08-19T11:02:43Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:43Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:43Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:43Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:43Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:44Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:44Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/grafana/xray-source
2024-08-19T11:02:44Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:44Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:44Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:44Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:44Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:45Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:45Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform/modules/prometheus/iam-role
2024-08-19T11:02:45Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:45Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:45Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:45Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:45Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:46Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:46Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/observability-platform
2024-08-19T11:02:46Z	INFO	[vuln] Vulnerability scanning is enabled
2024-08-19T11:02:46Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-19T11:02:46Z	INFO	[secret] Secret scanning is enabled
2024-08-19T11:02:46Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-19T11:02:46Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-19T11:02:47Z	INFO	Number of language-specific files	num=0
2024-08-19T11:02:47Z	INFO	Detected config files	num=5
trivy_exitcode=0