[nc] scan testing

Signed-off-by: Nic Cheneweth <nchenewe@thoughtworks.com>
ThoughtWorks-DPS · May 20, 2024 · c0e5b67 · c0e5b67
1 parent ca5093d
commit c0e5b67
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,10 @@
+# Ignore selected warnings from scanning the official AWS terraform modules
+#
+# all logging is turned on, scanner unable to detect aparently
+AVD-AWS-0038
+# Intentionally configured for both external K8s API access and ingress gateway. nodes are all on private network.
+AVD-AWS-0040
+AVD-AWS-0041
+AVD-AWS-0401
+# eks base role intentionally using wildcard in permission definition
+AVD-AWS-0057
diff --git a/environments/sbx-i01-aws-us-east-1.auto.tfvars.json.tpl b/environments/sbx-i01-aws-us-east-1.auto.tfvars.json.tpl
@@ -5,7 +5,7 @@
   "aws_region": "us-east-1",
 
   "eks_version": "1.29",
-  "enable_log_types": ["api", "audit", "authenticator", "controllerManager", "scheduler"],
+  "enable_log_types": ["api","audit","authenticator","controllerManager","scheduler"],
   "node_subnet_identifier": "node",
   "intra_subnet_identifier": "intra",