Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DSOS-2423: ssm and secrets policy fix #258

Merged
merged 9 commits into from
Dec 1, 2023
Merged

DSOS-2423: ssm and secrets policy fix #258

merged 9 commits into from
Dec 1, 2023

Conversation

drobinson-moj
Copy link
Contributor

Fix to the SSM parameter and secrets policy.
Bug fix: changed "and" condition to "or". Ensures policy created if either SSM Params or Secrets created.
Best practice: add minimum possible permissions (e.g. only need Put if there are placeholder params/secrets)

@drobinson-moj drobinson-moj requested a review from a team as a code owner November 30, 2023 17:32
@github-actions GitHub Actions
Copy link
Contributor

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             224.861µs
  parsing              12.253164ms
  adaptation           243.858µs
  checks               9.63556ms
  total                22.357443ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     56
  files read           6

  results
  ──────────────────────────────────────────
  passed               2
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

Checkov Scan Success

Show Output 
*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
terraform scan results:

Passed checks: 56, Failed checks: 0, Skipped checks: 15

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
tflint_exitcode=0

@drobinson-moj drobinson-moj merged commit 8d4230e into main Dec 1, 2023
4 checks passed
@drobinson-moj drobinson-moj deleted the DSOS-2423-ssm-and-secrets-policy-fix branch December 1, 2023 09:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ASTRobinson ASTRobinson ASTRobinson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@drobinson-moj @ASTRobinson