Repository | gettek / terraform-azurerm-policy-as-code |
Description | Terraform modules that simplify the workflow of custom and built-in Azure Policies |
Stars | 119 |
|---|---|
Failed Checks |
Security Scanning |
Scan Date | 2023-10-30 17:57:40 |
Security Scanning
This repository failed the Experience Builder Terraform Module's Security Scanning validation. This means that a security scanning tool was not found to be implemented in any of the CICD tool configuration files in the repository.
There is an opportunity to:
- Remediate the findings identified by one of the recommended
Terraform security scanning tools (example
checkovoutput found below) - Implement one of the security scanning tools within the CICD framework used by the repository
Checkov Output
terraform scan results:
Passed checks: 0, Failed checks: 0, Skipped checks: 0, Parsing errors: 1
github_actions scan results:
Passed checks: 112, Failed checks: 4, Skipped checks: 0
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
FAILED for resource: on(ci)
File: /.github/workflows/ci.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
FAILED for resource: on(Close inactive issues)
File: /.github/workflows/lock.yaml:9-10
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
FAILED for resource: on(cd-machine-config)
File: /.github/workflows/cd-guest-config.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
FAILED for resource: on(cd)
File: /.github/workflows/cd.yml:0-1