-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.trivyignore
17 lines (14 loc) · 1.02 KB
/
.trivyignore
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
AVD-AWS-0040 #(CRITICAL): Public cluster access is enabled.
AVD-AWS-0041 #(CRITICAL): Cluster allows access from a public CIDR: 0.0.0.0/0
AVD-AWS-0104 #(CRITICAL): Security group rule allows egress to multiple public internet addresses.
AVD-AWS-0054 #(CRITICAL): Listener for application load balancer does not use HTTPS.
AVD-AWS-0028 #(HIGH): Instance does not require IMDS access to require a token.
AVD-AWS-0131 #(HIGH): Root block device is not encrypted.
AVD-AWS-0052 #(HIGH): Application load balancer is not set to drop invalid headers.
AVD-AWS-0053 #(HIGH): Load balancer is exposed publicly.
AVD-AWS-0107 #(HIGH): Security group rule allows ingress from public internet.
AVD-AWS-0343 #(MEDIUM): Cluster does not have Deletion Protection enabled
AVD-AWS-0178 #(MEDIUM): VPC does not have VPC Flow Logs enabled.
AVD-AWS-0038 #(MEDIUM): Control plane scheduler logging is not enabled.
AVD-AWS-0077 #(MEDIUM): Cluster instance has very low backup retention period.
AVD-AWS-0133 #(LOW): Instance does not have performance insights enabled.