Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

updated deprecated variables #16

Merged
merged 1 commit into from
Apr 5, 2023
Merged

updated deprecated variables #16

merged 1 commit into from
Apr 5, 2023

Conversation

h1manshu98
Copy link
Member

@h1manshu98 h1manshu98 commented Apr 5, 2023
edited
Loading

what

  • Updated deprecated variables in aws_iam_policy_document and syntax in their values:
  1. source_json to source_policy_documents
  2. override_json to override_policy_documents

@h1manshu98 h1manshu98 self-assigned this Apr 5, 2023
@github-advanced-security
Copy link

You have successfully added a new defsec configuration .github/workflows/tfsec.yml:tfsec. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output 
Result #1 LOW Repository is not encrypted using KMS. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:29-54
────────────────────────────────────────────────────────────────────────────────
   29  ┌ resource "aws_ecr_repository" "default" {
   30count                = var.enabled_ecr ? 1 : 0
   31name                 = module.labels.id
   32tags                 = module.labels.tags
   33image_tag_mutability = var.image_tag_mutability
   3435dynamic "encryption_configuration" {
   36for_each = var.encryption_configuration != null ? [var.encryption_configuration] : []
   37content {
   ..  
────────────────────────────────────────────────────────────────────────────────
          ID aws-ecr-repository-customer-key
      Impact Using AWS managed keys does not allow for fine grained control
  Resolution Use customer managed keys

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/ecr/repository-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#encryption_configuration
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             79.105µs
  parsing              237.727468ms
  adaptation           87.305µs
  checks               10.036045ms
  total                247.929923ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     32
  files read           3

  results
  ──────────────────────────────────────────
  passed               3
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  1

  3 passed, 1 ignored, 1 potential problem(s) detected.

@h1manshu98 h1manshu98 merged commit 357a36e into master Apr 5, 2023
@delete-merged-branch delete-merged-branch bot deleted the bug/6ix-81 branch April 5, 2023 10:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@omsharma07 omsharma07 Awaiting requested review from omsharma07

@nikitadugar nikitadugar Awaiting requested review from nikitadugar

@themaniskshah themaniskshah Awaiting requested review from themaniskshah

Assignees

@h1manshu98 h1manshu98

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@h1manshu98 @clouddrove-ci @anmolnagpal