Experience Builder


Terraform

< Back

Repository
antonbabenko / terraform-best-practices
Description

Terraform Best Practices free ebook translated into 🇬🇧🇫🇷🇩🇪🇮🇩🇮🇹🇧🇷🇵🇱🇺🇦🇪🇸🇮🇱🇷🇴🇹🇷🇨🇳🇦🇪🇧🇦🇬🇪🇬🇷🇮🇳

Stars

 1803

Failed Checks
  •  Security Scanning
     Linting

  • Scan Date

    2023-10-30 17:57:40

    Security Scanning

    This repository failed the Experience Builder Terraform Module's Security Scanning validation. This means that a security scanning tool was not found to be implemented in any of the CICD tool configuration files in the repository.

    There is an opportunity to:

    Checkov Output
                    
                      2023-10-05 14:39:12,547 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/alb/aws:~>6.0 (for external modules, the --download-external-modules flag is required)
    2023-10-05 14:39:12,548 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:~>3.0 (for external modules, the --download-external-modules flag is required)
    terraform scan results:
    
    Passed checks: 5, Failed checks: 4, Skipped checks: 0
    
    Check: CKV2_AWS_12: "Ensure the default security group of every VPC restricts all traffic"
    	FAILED for resource: aws_vpc.this
    	File: /examples/small-terraform/main.tf:11-15
    	Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-networking-policies/networking-4.html
    
    		11 | resource "aws_vpc" "this" {
    		12 |   count = local.create_vpc ? 1 : 0
    		13 | 
    		14 |   cidr_block = var.cidr
    		15 | }
    
    Check: CKV2_AWS_12: "Ensure the default security group of every VPC restricts all traffic"
    	FAILED for resource: aws_vpc.this
    	File: /snippets/locals.tf:6-9
    	Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-networking-policies/networking-4.html
    
    		6 | resource "aws_vpc" "this" {
    		7 |   cidr_block = "10.0.0.0/16"
    		8 |   # ...
    		9 | }
    
    Check: CKV2_AWS_11: "Ensure VPC flow logging is enabled in all VPCs"
    	FAILED for resource: aws_vpc.this
    	File: /examples/small-terraform/main.tf:11-15
    	Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-logging-policies/logging-9-enable-vpc-flow-logging.html
    
    		11 | resource "aws_vpc" "this" {
    		12 |   count = local.create_vpc ? 1 : 0
    		13 | 
    		14 |   cidr_block = var.cidr
    		15 | }
    
    Check: CKV2_AWS_11: "Ensure VPC flow logging is enabled in all VPCs"
    	FAILED for resource: aws_vpc.this
    	File: /snippets/locals.tf:6-9
    	Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-logging-policies/logging-9-enable-vpc-flow-logging.html
    
    		6 | resource "aws_vpc" "this" {
    		7 |   cidr_block = "10.0.0.0/16"
    		8 |   # ...
    		9 | }
    
    
    
                    
                  

    Linting

    This repository failed the Experience Builder Terraform Module's Linting validation. This means that a linting tool was not found to be implemented in any of the CICD tool configuration files in the repository.

    There is an opportunity to: