Repository | chadgeary / cloudblock |
Description | Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole D… |
Stars | 738 |
|---|---|
Failed Checks |
Security Scanning |
Scan Date | 2023-10-30 17:57:40 |
Security Scanning
This repository failed the Experience Builder Terraform Module's Security Scanning validation. This means that a security scanning tool was not found to be implemented in any of the CICD tool configuration files in the repository.
There is an opportunity to:
- Remediate the findings identified by one of the recommended
Terraform security scanning tools (example
checkovoutput found below) - Implement one of the security scanning tools within the CICD framework used by the repository
Checkov Output
terraform scan results:
Passed checks: 486, Failed checks: 108, Skipped checks: 0
Check: CKV_AWS_126: "Ensure that detailed monitoring is enabled for EC2 instances"
FAILED for resource: aws_instance.ph-instance
File: /aws/aws-instance.tf:11-43
Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-logging-policies/ensure-that-detailed-monitoring-is-enabled-for-ec2-instances.html
11 | resource "aws_instance" "ph-instance" {
12 | ami = aws_ami_copy.ph-latest-vendor-ami-with-cmk.id
13 | instance_type = var.instance_type
14 | iam_instance_profile = aws_iam_instance_profile.ph-instance-profile.name
15 | key_name = aws_key_pair.ph-instance-key.key_name
16 | subnet_id = aws_subnet.ph-pubnet.id
17 | private_ip = var.pubnet_instance_ip
18 | vpc_security_group_ids = [aws_security_group.ph-pubsg.id]
19 | tags = {
20 | Name = "${var.name_prefix}-cloudblock",
21 | cloudblock = "True"
22 | }
23 | user_data = <
Linting
This repository failed the Experience Builder Terraform Module's Linting validation. This means that a linting tool was not found to be implemented in any of the CICD tool configuration files in the repository.
There is an opportunity to:
- Remediate the findings identified by one of the recommended Terraform linting tools