Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

updated .github/workflows tfsec.yml file. #45

Merged
merged 1 commit into from
May 8, 2023
Merged

updated .github/workflows tfsec.yml file. #45

merged 1 commit into from
May 8, 2023

Conversation

vibhutigoyal
Copy link
Contributor

what
• updated .github/workflows tfsec.yml file.
why
• tfsec is a static analysis security scanner for your Terraform code.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output 
Result #1 MEDIUM VPC Flow Logs is not enabled for VPC  
────────────────────────────────────────────────────────────────────────────────
  main.tf:22-43
────────────────────────────────────────────────────────────────────────────────
   22  ┌ resource "aws_vpc" "default" {
   23count = var.vpc_enabled ? 1 : 0
   2425cidr_block                       = var.cidr_block
   26instance_tenancy                 = var.instance_tenancy
   27enable_dns_hostnames             = var.enable_dns_hostnames
   28enable_dns_support               = var.enable_dns_support
   29enable_classiclink               = var.enable_classiclink
   30enable_classiclink_dns_support   = var.enable_classiclink_dns_support
   ..  
────────────────────────────────────────────────────────────────────────────────
          ID aws-ec2-require-vpc-flow-logs-for-all-vpcs
      Impact Without VPC flow logs, you risk not having enough information about network traffic flow to investigate incidents or identify security issues.
  Resolution Enable flow logs for VPC

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/ec2/require-vpc-flow-logs-for-all-vpcs/
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             98.104µs
  parsing              75.227531ms
  adaptation           107.004µs
  checks               11.491518ms
  total                86.924157ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     51
  files read           3

  results
  ──────────────────────────────────────────
  passed               2
  ignored              0
  critical             0
  high                 0
  medium               1
  low                  0

  2 passed, 1 potential problem(s) detected.

@yadavprakash yadavprakash merged commit 7f2cc75 into master May 8, 2023
@delete-merged-branch delete-merged-branch bot deleted the issue-362 branch May 8, 2023 09:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@vibhutigoyal @clouddrove-ci @yadavprakash @vibutigoyal