Experience Builder


Terraform

< Back

Repository
cloudposse / terraform-aws-elasticache-redis
Description

Terraform module to provision an ElastiCache Redis Cluster

Stars

 129

Failed Checks
  •  Security Scanning
     Linting

  • Scan Date

    2023-10-30 17:57:40

    Security Scanning

    This repository failed the Experience Builder Terraform Module's Security Scanning validation. This means that a security scanning tool was not found to be implemented in any of the CICD tool configuration files in the repository.

    There is an opportunity to:

    Checkov Output
                    
                      2023-10-05 14:55:39,856 [MainThread  ] [WARNI]  Failed to download module cloudposse/label/null:0.25.0 (for external modules, the --download-external-modules flag is required)
    2023-10-05 14:55:39,856 [MainThread  ] [WARNI]  Failed to download module cloudposse/security-group/aws:1.0.1 (for external modules, the --download-external-modules flag is required)
    2023-10-05 14:55:39,856 [MainThread  ] [WARNI]  Failed to download module cloudposse/route53-cluster-hostname/aws:0.12.2 (for external modules, the --download-external-modules flag is required)
    2023-10-05 14:55:39,856 [MainThread  ] [WARNI]  Failed to download module cloudposse/vpc/aws:2.1.0 (for external modules, the --download-external-modules flag is required)
    2023-10-05 14:55:39,857 [MainThread  ] [WARNI]  Failed to download module cloudposse/dynamic-subnets/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
    2023-10-05 14:55:39,857 [MainThread  ] [WARNI]  Failed to download module cloudposse/cloudwatch-logs/aws:0.6.5 (for external modules, the --download-external-modules flag is required)
    terraform scan results:
    
    Passed checks: 5, Failed checks: 3, Skipped checks: 0
    
    Check: CKV2_AWS_39: "Ensure Domain Name System (DNS) query logging is enabled for Amazon Route 53 hosted zones"
    	FAILED for resource: aws_route53_zone.private
    	File: /examples/complete/main.tf:29-35
    
    		29 | resource "aws_route53_zone" "private" {
    		30 |   name = format("elasticache-redis-terratest-%s.testing.cloudposse.co", try(module.this.attributes[0], "default"))
    		31 | 
    		32 |   vpc {
    		33 |     vpc_id = module.vpc.vpc_id
    		34 |   }
    		35 | }
    
    Check: CKV2_AWS_50: "Ensure AWS ElastiCache Redis cluster with Multi-AZ Automatic Failover feature set to enabled"
    	FAILED for resource: module.redis.aws_elasticache_replication_group.default
    	File: /main.tf:115-164
    	Guide: https://docs.paloaltonetworks.com/content/techdocs/en_US/prisma/prisma-cloud/prisma-cloud-code-security-policy-reference/aws-policies/aws-general-policies/ensure-aws-elasticache-redis-cluster-with-multi-az-automatic-failover-feature-set-to-enabled.html
    
    		Code lines for this resource are too many. Please use IDE of your choice to review the file.
    Check: CKV2_AWS_38: "Ensure Domain Name System Security Extensions (DNSSEC) signing is enabled for Amazon Route 53 public hosted zones"
    	FAILED for resource: aws_route53_zone.private
    	File: /examples/complete/main.tf:29-35
    
    		29 | resource "aws_route53_zone" "private" {
    		30 |   name = format("elasticache-redis-terratest-%s.testing.cloudposse.co", try(module.this.attributes[0], "default"))
    		31 | 
    		32 |   vpc {
    		33 |     vpc_id = module.vpc.vpc_id
    		34 |   }
    		35 | }
    
    github_actions scan results:
    
    Passed checks: 40, Failed checks: 0, Skipped checks: 0
    
    
    
                    
                  

    Linting

    This repository failed the Experience Builder Terraform Module's Linting validation. This means that a linting tool was not found to be implemented in any of the CICD tool configuration files in the repository.

    There is an opportunity to: