Skip to content
pull request

Monitor AMIs, Service Limits, PHD events #7

Sign in to view logs

Monitor AMIs, Service Limits, PHD events

Monitor AMIs, Service Limits, PHD events #7

GitHub Actions / tfsec completed Apr 16, 2024 in 0s

reviewdog [tfsec] report

reported by reviewdog 🐶

Findings (3)

monitor_ami_usage.tf|96| Log group is not encrypted.
monitor_ami_usage.tf|20| IAM policy document uses sensitive action 'cloudformation:DescribeStacks' on wildcarded resource '*'
monitor_ami_usage.tf|78| Function does not have tracing enabled.

Filtered Findings (0)

Annotations

Check notice on line 96 in monitor_ami_usage.tf

See this annotation in the file changed.

@github-actions github-actions / tfsec

[tfsec] monitor_ami_usage.tf#L96 <AVD-AWS-0017>(https://aquasecurity.github.io/tfsec/v1.28.5/checks/aws/cloudwatch/log-group-customer-key/) 

Log group is not encrypted.
Raw output 
message:"Log group is not encrypted."  location:{path:"/home/runner/work/terraform-aws-rhythmic-account-monitor/terraform-aws-rhythmic-account-monitor/monitor_ami_usage.tf"  range:{start:{line:96}}}  severity:INFO  source:{name:"tfsec"  url:"https://github.com/aquasecurity/tfsec"}  code:{value:"AVD-AWS-0017"  url:"https://aquasecurity.github.io/tfsec/v1.28.5/checks/aws/cloudwatch/log-group-customer-key/"}

Check failure on line 20 in monitor_ami_usage.tf

See this annotation in the file changed.

@github-actions github-actions / tfsec

[tfsec] monitor_ami_usage.tf#L20 <AVD-AWS-0057>(https://aquasecurity.github.io/tfsec/v1.28.5/checks/aws/iam/no-policy-wildcards/) 

IAM policy document uses sensitive action 'cloudformation:DescribeStacks' on wildcarded resource '*'
Raw output 
message:"IAM policy document uses sensitive action 'cloudformation:DescribeStacks' on wildcarded resource '*'"  location:{path:"/home/runner/work/terraform-aws-rhythmic-account-monitor/terraform-aws-rhythmic-account-monitor/monitor_ami_usage.tf"  range:{start:{line:20}}}  severity:ERROR  source:{name:"tfsec"  url:"https://github.com/aquasecurity/tfsec"}  code:{value:"AVD-AWS-0057"  url:"https://aquasecurity.github.io/tfsec/v1.28.5/checks/aws/iam/no-policy-wildcards/"}

Check notice on line 78 in monitor_ami_usage.tf

See this annotation in the file changed.

@github-actions github-actions / tfsec

[tfsec] monitor_ami_usage.tf#L78 <AVD-AWS-0066>(https://aquasecurity.github.io/tfsec/v1.28.5/checks/aws/lambda/enable-tracing/) 

Function does not have tracing enabled.
Raw output 
message:"Function does not have tracing enabled."  location:{path:"/home/runner/work/terraform-aws-rhythmic-account-monitor/terraform-aws-rhythmic-account-monitor/monitor_ami_usage.tf"  range:{start:{line:78}}}  severity:INFO  source:{name:"tfsec"  url:"https://github.com/aquasecurity/tfsec"}  code:{value:"AVD-AWS-0066"  url:"https://aquasecurity.github.io/tfsec/v1.28.5/checks/aws/lambda/enable-tracing/"}
View more details on GitHub Actions