Add files via upload #49
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| resource "aws_db_instance" "default" { | ||
| allocated_storage = 10 | ||
| engine = "mysql" | ||
| engine_version = "5.7" | ||
| instance_class = "db.t3.micro" | ||
| name = "mydb" | ||
| username = "foo" | ||
| password = "foobarbaz" | ||
| parameter_group_name = "default.mysql5.7" | ||
| skip_final_snapshot = true | ||
| publicly_accessible = true | ||
| } |
There was a problem hiding this comment.
⚠️ Aqua detected misconfiguration in your code
Misconfiguration ID: AVD-AWS-0077
Check Name: RDS Cluster and RDS instance should have backup retention longer than default 1 day
Severity: MEDIUM
Message: Instance has very low backup retention period.
[This comment was created by Aqua Pipeline]
Read more at https://avd.aquasec.com/misconfig/avd-aws-0077
| resource "aws_db_instance" "default" { | ||
| allocated_storage = 10 | ||
| engine = "mysql" | ||
| engine_version = "5.7" | ||
| instance_class = "db.t3.micro" | ||
| name = "mydb" | ||
| username = "foo" | ||
| password = "foobarbaz" | ||
| parameter_group_name = "default.mysql5.7" | ||
| skip_final_snapshot = true | ||
| publicly_accessible = true | ||
| } |
There was a problem hiding this comment.
⚠️ Aqua detected misconfiguration in your code
Misconfiguration ID: AVD-AWS-0080
Check Name: RDS encryption has not been enabled at a DB Instance level.
Severity: HIGH
Message: Instance does not have storage encryption enabled.
[This comment was created by Aqua Pipeline]
Read more at https://avd.aquasec.com/misconfig/avd-aws-0080
| password = "foobarbaz" | ||
| parameter_group_name = "default.mysql5.7" | ||
| skip_final_snapshot = true | ||
| publicly_accessible = true |
There was a problem hiding this comment.
⚠️ Aqua detected misconfiguration in your code
Misconfiguration ID: AVD-AWS-0082
Check Name: A database resource is marked as publicly accessible.
Severity: CRITICAL
Message: Instance is exposed publicly.
[This comment was created by Aqua Pipeline]
Read more at https://avd.aquasec.com/misconfig/avd-aws-0082
| resource "aws_db_instance" "default" { | ||
| allocated_storage = 10 | ||
| engine = "mysql" | ||
| engine_version = "5.7" | ||
| instance_class = "db.t3.micro" | ||
| name = "mydb" | ||
| username = "foo" | ||
| password = "foobarbaz" | ||
| parameter_group_name = "default.mysql5.7" | ||
| skip_final_snapshot = true | ||
| publicly_accessible = true | ||
| } |
There was a problem hiding this comment.
⚠️ Aqua detected misconfiguration in your code
Misconfiguration ID: AVD-AWS-0133
Check Name: Enable Performance Insights to detect potential problems
Severity: LOW
Message: Instance does not have performance insights enabled.
[This comment was created by Aqua Pipeline]
Read more at https://avd.aquasec.com/misconfig/avd-aws-0133
| resource "aws_db_instance" "default" { | ||
| allocated_storage = 10 | ||
| engine = "mysql" | ||
| engine_version = "5.7" | ||
| instance_class = "db.t3.micro" | ||
| name = "mydb" | ||
| username = "foo" | ||
| password = "foobarbaz" | ||
| parameter_group_name = "default.mysql5.7" | ||
| skip_final_snapshot = true | ||
| publicly_accessible = true | ||
| } |
There was a problem hiding this comment.
⚠️ Aqua detected misconfiguration in your code
Misconfiguration ID: AVD-AWS-0176
Check Name: RDS IAM Database Authentication Disabled
Severity: MEDIUM
Message: Instance does not have IAM Authentication enabled
[This comment was created by Aqua Pipeline]
Read more at https://avd.aquasec.com/misconfig/n/a
| resource "aws_db_instance" "default" { | ||
| allocated_storage = 10 | ||
| engine = "mysql" | ||
| engine_version = "5.7" | ||
| instance_class = "db.t3.micro" | ||
| name = "mydb" | ||
| username = "foo" | ||
| password = "foobarbaz" | ||
| parameter_group_name = "default.mysql5.7" | ||
| skip_final_snapshot = true | ||
| publicly_accessible = true | ||
| } |
There was a problem hiding this comment.
⚠️ Aqua detected misconfiguration in your code
Misconfiguration ID: AVD-AWS-0177
Check Name: RDS Deletion Protection Disabled
Severity: MEDIUM
Message: Instance does not have Deletion Protection enabled
[This comment was created by Aqua Pipeline]
Read more at https://avd.aquasec.com/misconfig/n/a
| } | ||
| tls { | ||
| secret_name = "tls-secret" | ||
| aws_access_key_id="AKIAIO5FODNN7EXAMPLE" |
There was a problem hiding this comment.
⚠️ Aqua detected sensitive data in your code
Category: AWS
Description: AWS Access Key ID
Severity: CRITICAL
Match: aws_access_key_id="********************"
[This comment was created by Aqua Pipeline]
No description provided.