Skip to content

Commit

Permalink
Commenting out irrelevant checkov checks
Browse files Browse the repository at this point in the history
  • Loading branch information
SteveLinden committed Sep 13, 2023
1 parent a4cf698 commit c57dbfe
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,16 @@ data "aws_elb_service_account" "default" {}
###### IAM #####

data "aws_iam_policy_document" "ssm-admin-policy-doc" {

# Not relevant to what we are doing. This sets a high level access policy
#checkov:skip=CKV_AWS_110: "Ensure IAM policies does not allow privilege escalation"
#checkov:skip=CKV_AWS_109: "Ensure IAM policies does not allow permissions management / resource exposure without constraints"
#checkov:skip=CKV_AWS_107: "Ensure IAM policies does not allow credentials exposure"
#checkov:skip=CKV_AWS_108: "Ensure IAM policies does not allow data exfiltration"
#checkov:skip=CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"
#checkov:skip=CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
#checkov:skip=CKV_TF_1: "Ensure Terraform module sources use a commit hash"

statement {
actions = ["s3:*",
"ec2:*",
Expand Down

0 comments on commit c57dbfe

Please sign in to comment.