Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test circleci #51

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Test circleci #51

wants to merge 3 commits into from

Conversation

saargon
Copy link
Contributor

@saargon saargon commented Mar 2, 2023

No description provided.

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
Comment on lines +1 to +12
resource "aws_db_instance" "default" {
allocated_storage = 10
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t3.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0077
Check Name: RDS Cluster and RDS instance should have backup retention longer than default 1 day
Severity: MEDIUM
Message: Instance has very low backup retention period.
Resolution: Explicitly set the retention period to greater than the default
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/avd-aws-0077

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
Comment on lines +1 to +12
resource "aws_db_instance" "default" {
allocated_storage = 10
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t3.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0080
Check Name: RDS encryption has not been enabled at a DB Instance level.
Severity: HIGH
Message: Instance does not have storage encryption enabled.
Resolution: Enable encryption for RDS instances
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/avd-aws-0080

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0082
Check Name: A database resource is marked as publicly accessible.
Severity: CRITICAL
Message: Instance is exposed publicly.
Resolution: Set the database to not be publicly accessible
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/avd-aws-0082

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
Comment on lines +1 to +12
resource "aws_db_instance" "default" {
allocated_storage = 10
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t3.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0133
Check Name: Enable Performance Insights to detect potential problems
Severity: LOW
Message: Instance does not have performance insights enabled.
Resolution: Enable performance insights
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/avd-aws-0133

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
Comment on lines +1 to +12
resource "aws_db_instance" "default" {
allocated_storage = 10
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t3.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0176
Check Name: RDS IAM Database Authentication Disabled
Severity: MEDIUM
Message: Instance does not have IAM Authentication enabled
Resolution: Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/n/a

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
Comment on lines +1 to +12
resource "aws_db_instance" "default" {
allocated_storage = 10
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t3.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0177
Check Name: RDS Deletion Protection Disabled
Severity: MEDIUM
Message: Instance does not have Deletion Protection enabled
Resolution: Modify the RDS instances to enable deletion protection.
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/n/a

github-actions[bot]
github-actions bot reviewed Mar 2, 2023
View reviewed changes
circleci-test/insecure-db.tf
password = "foobarbaz"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
publicly_accessible = true
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Aqua detected misconfiguration in your code

Misconfiguration ID: AVD-AWS-0180
Check Name: RDS Publicly Accessible
Severity: HIGH
Message: Instance has Public Access enabled
Resolution: Remove the public endpoint from the RDS instance'
[This comment was created by Aqua Pipeline]

Read more at https://avd.aquasec.com/misconfig/n/a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@saargon