Update ansible code from WIP branch #145
terraform-checks.yml
on: push
Formatting and validation Checks for Staging
25s
Formatting and validation Checks for Production
13s
Terrascan Staging Checks
26s
Terrascan Production Checks
39s
Checkov Staging Checks
21s
Checkov Production Checks
33s
Annotations
20 errors and 11 warnings
Checkov Staging Checks
CKV_AWS_158: "Ensure that CloudWatch Log Group is encrypted by KMS"
|
Checkov Staging Checks
CKV_AWS_338: "Ensure CloudWatch log groups retains logs for at least 1 year"
|
Checkov Staging Checks
CKV_AWS_23: "Ensure every security groups rule has a description"
|
Checkov Staging Checks
CKV_AWS_134: "Ensure that Amazon ElastiCache Redis clusters have automatic backup turned on"
|
Checkov Staging Checks
CKV_AWS_135: "Ensure that EC2 is EBS optimized"
|
Checkov Staging Checks
CKV_AWS_88: "EC2 instance should not have public IP."
|
Checkov Staging Checks
CKV_AWS_126: "Ensure that detailed monitoring is enabled for EC2 instances"
|
Checkov Staging Checks
CKV_AWS_8: "Ensure all data stored in the Launch configuration or instance Elastic Blocks Store is securely encrypted"
|
Checkov Staging Checks
CKV_AWS_79: "Ensure Instance Metadata Service Version 1 is not enabled"
|
Checkov Staging Checks
CKV_AWS_135: "Ensure that EC2 is EBS optimized"
|
Checkov Production Checks
CKV_AZURE_235: "Ensure that Azure container environment variables are configured with secure values only"
|
Checkov Production Checks
CKV_AZURE_59: "Ensure that Storage accounts disallow public access"
|
Checkov Production Checks
CKV_AZURE_190: "Ensure that Storage blobs restrict public access"
|
Checkov Production Checks
CKV_AZURE_33: "Ensure Storage logging is enabled for Queue service for read, write and delete requests"
|
Checkov Production Checks
CKV_AZURE_44: "Ensure Storage Account is using the latest version of TLS encryption"
|
Checkov Production Checks
CKV_AZURE_206: "Ensure that Storage Accounts use replication"
|
Checkov Production Checks
CKV_AZURE_109: "Ensure that key vault allows firewall rules settings"
|
Checkov Production Checks
CKV_AZURE_230: "Standard Replication should be enabled"
|
Checkov Production Checks
CKV2_AZURE_38: "Ensure soft-delete is enabled on Azure storage account"
|
Checkov Production Checks
CKV2_AZURE_47: "Ensure storage account is configured without blob anonymous access"
|
Formatting and validation Checks for Production
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, hashicorp/setup-terraform@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Checkov Staging Checks
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Terrascan Staging Checks
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Terrascan Staging Checks
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Terrascan Staging Checks
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Formatting and validation Checks for Staging
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, hashicorp/setup-terraform@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Checkov Production Checks
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Checkov Production Checks
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
Terrascan Production Checks
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Terrascan Production Checks
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Terrascan Production Checks
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|