Tags: flaccid/checkov
Tags
fix - tfplan - parsing where there are resources in root_module witho… …ut values key (bridgecrewio#760) * fix - tfplan - parsing where there is a module of modules
Merge pull request bridgecrewio#757 from bridgecrewio/bugfix/check_az… …ure_storage_name Handle empty azure storage configuration
Merge pull request bridgecrewio#756 from bridgecrewio/bugfix/string_i… …am_policy IAMRoleAllowAssumeFromAccount CF check to handle string policies
empty IAM role policies (bridgecrewio#752) * check for empty iam role policies in configuration * added UT for empty iam policies
skip check using pattern (wildcards) (bridgecrewio#750) * skip check using pattern Add the ability to skip check using a pattern * Update test_runner_filter.py Add unit test for the --skip-check using pattern/wildcard
Fix false positive for MSK cluster encryption (closes bridgecrewio#747)… … (bridgecrewio#748)
Merge pull request bridgecrewio#746 from chenrui333/cleanup-homebrew-… …file-again remove empty HomebrewFormula/checkov.rb file
check - tf - aurora encryption - CKV_AWS_96 (bridgecrewio#740)
Check - CF - WAFEnabled - CKV_AWS_68 (bridgecrewio#736) * added check and tests for docdb encryption for cloudformation * added MasterUsername and password parameters based on CF lint failure from actions * Check and tests for ensuring DocDB TLS is not disabled as it is enabled by default - Corresponds with terraform check already completed under bridgecrewio#165 * update to latest * check - cloudformation implementation of DocDB export to cloudwatch logs with logic coming from already existing terraform check * deleting some accidentally added files * unix eols * Merge remote-tracking branch 'upstream/master' * check - cloudformation - APIGatewayAccessLogging to be in line with terraform version of check * version data got out of sync * Merge branch 'master' of https://github.com/njgibbon/checkov * version data got out of sync * unix eol * version sync off again * Merge branch 'master' of https://github.com/njgibbon/checkov * version sync off again * Somehow doc did not get merged from upstream - syncing up * sorry, gh actions has been working against me. Sorted now. * Updated test data fieldsbased off failed cflint - Turns out the docs provide bad test data * refactored the check into 2 checks based on discovering the that V1 and V2 API GW Stage has different paths for access logging - AccessLogSetting vs AccessLogSettings * fix - seperate api g2 check v1 and v2 in to different checks with different IDs because the API has changed * Cloudformation check for ECRImmutableTags following the same logic as the terraform one * Consistency of string marks * Update to latest cflint version * check - cf - api gateway - xray enabled - same as tf * check - cf - apigw authorizer inline with tf check CKV_AWS_59 * corrext line endings * check - cloudformation - CloudfrontDistributionLogging * cflint issues * cflint issues - fixing test data * cflint issues - misaligned yaml * Fix - Check - Terraform - Github - i714 - CKV_GIT_1 - Updating check to reflect newer provider API * fix - check - CKV_AWS_21 - fundamental issue with terraform base resource check class * fix - check - CKV_AWS_21 - remove some commented out test data * fix - check - CKV_AWS_21 - remove some commented out test data and revert to before to see the blast of trying to fix this class which is used a lot * refix * fix - azure rbac and eks publix endpoint issues which were hidden by issue. * fix - gcp storge bucket uniform access check and test fix - hopefully to finish off the change * fix - check - Aurora config different than rest of RDS - Issue 586 * fix - ctn lint * fix - missed colon on condition * fix - cfnlint and stablise change * fix - uname pword cflint on db instance stuff * fix - reimplementation with overriding parent to check exception to the normal case * fix - sorted out the testing in a good way to repeat * fix - remove copied over code * check - cf - aurora db encryption - other half of issue issue 586 * cflint 0 * fix - doc error in cloudformation causing a bit of confusion - resolved that * check - CF - CKV_AWS_68
PreviousNext