Experience Builder


Terraform

< Back

Repository
cloudposse / terraform-aws-ecr
Description

Terraform Module to manage Docker Container Registries on AWS ECR

Stars

 165

Failed Checks
  •  Security Scanning
     Linting

  • Scan Date

    2023-10-30 17:57:40

    Security Scanning

    This repository failed the Experience Builder Terraform Module's Security Scanning validation. This means that a security scanning tool was not found to be implemented in any of the CICD tool configuration files in the repository.

    There is an opportunity to:

    Checkov Output
                    
                      2023-10-05 14:54:19,648 [MainThread  ] [WARNI]  Failed to download module cloudposse/label/null:0.25.0 (for external modules, the --download-external-modules flag is required)
    terraform scan results:
    
    Passed checks: 71, Failed checks: 1, Skipped checks: 0
    
    Check: CKV_AWS_136: "Ensure that ECR repositories are encrypted using KMS"
    	FAILED for resource: module.ecr.aws_ecr_repository.name
    	File: /main.tf:14-33
    	Calling File: /examples/multiple-repo/main.tf:5-12
    	Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-general-policies/ensure-that-ecr-repositories-are-encrypted.html
    
    		14 | resource "aws_ecr_repository" "name" {
    		15 |   for_each             = toset(module.this.enabled ? local.image_names : [])
    		16 |   name                 = each.value
    		17 |   image_tag_mutability = var.image_tag_mutability
    		18 |   force_delete         = var.force_delete
    		19 | 
    		20 |   dynamic "encryption_configuration" {
    		21 |     for_each = var.encryption_configuration == null ? [] : [var.encryption_configuration]
    		22 |     content {
    		23 |       encryption_type = encryption_configuration.value.encryption_type
    		24 |       kms_key         = encryption_configuration.value.kms_key
    		25 |     }
    		26 |   }
    		27 | 
    		28 |   image_scanning_configuration {
    		29 |     scan_on_push = var.scan_images_on_push
    		30 |   }
    		31 | 
    		32 |   tags = module.this.tags
    		33 | }
    
    github_actions scan results:
    
    Passed checks: 40, Failed checks: 0, Skipped checks: 0
    
    
    
                    
                  

    Linting

    This repository failed the Experience Builder Terraform Module's Linting validation. This means that a linting tool was not found to be implemented in any of the CICD tool configuration files in the repository.

    There is an opportunity to: