This repository has been archived by the owner on Aug 19, 2021. It is now read-only.
Possible Security Problems #28
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hey there! I noticed some possible problems in some code in this repo. A quick summary of a few of them is below, but let me know if you're interested in seeing a full report or talking about cloud security in general.
severity: serious
filename:
./templates/ci-cd-codepipeline.cfn.ymlline number(s): [204]
resource(s):
IAM role should not allow * resource with PassRole action on its permissions policy
severity: warning
filename:
./templates/ci-cd-codepipeline.cfn.ymlline number(s): [302]
resource(s):
CodeBuild project should specify an EncryptionKey value
severity: warning
filename:
./templates/ci-cd-codepipeline.cfn.ymlline number(s): [204, 240]
resource(s):
IAM role should not allow * resource on its permissions policy
severity: warning
filename:
./templates/ci-cd-codepipeline.cfn.ymlline number(s): [112]
resource(s):
S3 Bucket should have access logging configured
severity: warning
filename:
./templates/ci-cd-codepipeline.cfn.ymlline number(s): [112]
resource(s):
S3 Bucket should have encryption option set
severity: warning
filename:
./templates/amazon-eks-nodegroup-with-spot.ymlline number(s): [339]
resource(s):
Security Groups ingress with an ipProtocol of -1 found
severity: warning
filename:
./templates/amazon-eks-nodegroup-with-spot.ymlline number(s): [339]
resource(s):
Security Groups found ingress with port range instead of just a single port
The text was updated successfully, but these errors were encountered: