Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Test 5 - Demo #22

Open
wants to merge 33 commits into
base: main
Choose a base branch
from
Open

Test 5 - Demo #22

wants to merge 33 commits into from

Conversation

fatihtokus
Copy link
Collaborator

No description provided.

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a HIGH severity issue from rule aws-s3-block-public-acls:

No public access block so not blocking public acls

More information available here and here

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a HIGH severity issue from rule aws-s3-block-public-policy:

No public access block so not blocking public policies

More information available here and here

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a HIGH severity issue from rule aws-s3-enable-bucket-encryption:

Bucket does not have encryption enabled

More information available here and here

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a MEDIUM severity issue from rule aws-s3-enable-bucket-logging:

Bucket does not have logging enabled

More information available here and here

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a MEDIUM severity issue from rule aws-s3-enable-versioning:

Bucket does not have versioning enabled

More information available here and here

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a HIGH severity issue from rule aws-s3-encryption-customer-key:

Bucket does not encrypt data with a customer managed key.

More information available here and here

@fatihtokus
Copy link
Collaborator Author

Resource
A
B

1 similar comment
@fatihtokus
Copy link
Collaborator Author

Resource
A
B

@fatihtokus
Copy link
Collaborator Author

Resource
A
B

@fatihtokus
Copy link
Collaborator Author

aaaa

3 similar comments
@fatihtokus
Copy link
Collaborator Author

aaaa

@fatihtokus
Copy link
Collaborator Author

aaaa

@fatihtokus
Copy link
Collaborator Author

aaaa

@fatihtokus
Copy link
Collaborator Author

aaaaaaa1212a

@fatihtokus
Copy link
Collaborator Author

aaaa

@fatihtokus
Copy link
Collaborator Author

Resource
A

@fatihtokus
Copy link
Collaborator Author

Resource
A
B

@github-actions
Copy link

github-actions bot commented Jan 27, 2023

Resource
A
B

@github-actions
Copy link

^|Resource^|
^|-^|
^|^|
^|^|

@github-actions
Copy link

github-actions bot commented Jan 27, 2023

Resource
foo bar
baz bim

@github-actions
Copy link

^|Resource^|
^|-^|
^|^|
^|^|

@github-actions
Copy link

github-actions bot commented Jan 27, 2023

foo bar
baz bim
baz bim

@github-actions
Copy link

Resource Path Severity RuleId Description
aws_security_group_rule.my-rule1/github/workspace/main.tfCRITICALAVD-AWS-0107An ingress security group rule allows traffic from /0.
aws_security_group_rule.my-rule2/github/workspace/main.tfCRITICALAVD-AWS-0107An ingress security group rule allows traffic from /0.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0086S3 Access block should block public ACL
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0086S3 Access block should block public ACL
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0087S3 Access block should block public policy
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0087S3 Access block should block public policy
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0088Unencrypted S3 bucket.
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0088Unencrypted S3 bucket.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0132S3 encryption should use Customer Managed Keys
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0132S3 encryption should use Customer Managed Keys
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0091S3 Access Block should Ignore Public Acl
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0091S3 Access Block should Ignore Public Acl
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0093S3 Access block should restrict public bucket to limit access
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0093S3 Access block should restrict public bucket to limit access
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfMEDIUMAVD-AWS-0089S3 Bucket does not have logging enabled.
aws_s3_bucket.my-bucket/github/workspace/main.tfMEDIUMAVD-AWS-0089S3 Bucket does not have logging enabled.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfMEDIUMAVD-AWS-0090S3 Data should be versioned
aws_s3_bucket.my-bucket/github/workspace/main.tfMEDIUMAVD-AWS-0090S3 Data should be versioned
aws_security_group_rule.my-rule1/github/workspace/main.tfLOWAVD-AWS-0124Missing description for security group rule.
aws_security_group_rule.my-rule2/github/workspace/main.tfLOWAVD-AWS-0124Missing description for security group rule.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfLOWAVD-AWS-0094S3 buckets should each define an aws_s3_bucket_public_access_block
aws_s3_bucket.my-bucket/github/workspace/main.tfLOWAVD-AWS-0094S3 buckets should each define an aws_s3_bucket_public_access_block

Comment on lines +1 to +4
resource "aws_s3_bucket" "my-bucket-test1" {
bucket = "foobar"
acl = "private"
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a HIGH severity issue from rule aws-s3-no-public-access-with-acl:

More information available here and here

@github-actions
Copy link

github-actions bot commented Feb 1, 2023

Resource Path Severity RuleId Description
aws_security_group_rule.my-rule1/github/workspace/main.tfCRITICALAVD-AWS-0107An ingress security group rule allows traffic from /0.
aws_security_group_rule.my-rule2/github/workspace/main.tfCRITICALAVD-AWS-0107An ingress security group rule allows traffic from /0.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0086S3 Access block should block public ACL
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0086S3 Access block should block public ACL
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0087S3 Access block should block public policy
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0087S3 Access block should block public policy
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0088Unencrypted S3 bucket.
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0088Unencrypted S3 bucket.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0132S3 encryption should use Customer Managed Keys
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0132S3 encryption should use Customer Managed Keys
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0091S3 Access Block should Ignore Public Acl
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0091S3 Access Block should Ignore Public Acl
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0092S3 Buckets not publicly accessible through ACL.
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0092S3 Buckets not publicly accessible through ACL.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0093S3 Access block should restrict public bucket to limit access
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0093S3 Access block should restrict public bucket to limit access
/github/workspaceMEDIUMAVD-AWS-0177RDS Deletion Protection Disabled
/github/workspaceMEDIUMAVD-AWS-0176RDS IAM Database Authentication Disabled
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfMEDIUMAVD-AWS-0089S3 Bucket does not have logging enabled.
aws_s3_bucket.my-bucket/github/workspace/main.tfMEDIUMAVD-AWS-0089S3 Bucket does not have logging enabled.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfMEDIUMAVD-AWS-0090S3 Data should be versioned
aws_s3_bucket.my-bucket/github/workspace/main.tfMEDIUMAVD-AWS-0090S3 Data should be versioned
aws_security_group_rule.my-rule1/github/workspace/main.tfLOWAVD-AWS-0124Missing description for security group rule.
aws_security_group_rule.my-rule2/github/workspace/main.tfLOWAVD-AWS-0124Missing description for security group rule.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfLOWAVD-AWS-0094S3 buckets should each define an aws_s3_bucket_public_access_block
aws_s3_bucket.my-bucket/github/workspace/main.tfLOWAVD-AWS-0094S3 buckets should each define an aws_s3_bucket_public_access_block

@github-actions
Copy link

github-actions bot commented Feb 1, 2023

Resource Path Severity RuleId Description
aws_security_group_rule.my-rule1/github/workspace/main.tfCRITICALAVD-AWS-0107An ingress security group rule allows traffic from /0.
aws_security_group_rule.my-rule2/github/workspace/main.tfCRITICALAVD-AWS-0107An ingress security group rule allows traffic from /0.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0086S3 Access block should block public ACL
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0086S3 Access block should block public ACL
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0087S3 Access block should block public policy
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0087S3 Access block should block public policy
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0088Unencrypted S3 bucket.
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0088Unencrypted S3 bucket.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0132S3 encryption should use Customer Managed Keys
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0132S3 encryption should use Customer Managed Keys
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0091S3 Access Block should Ignore Public Acl
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0091S3 Access Block should Ignore Public Acl
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0092S3 Buckets not publicly accessible through ACL.
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0092S3 Buckets not publicly accessible through ACL.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfHIGHAVD-AWS-0093S3 Access block should restrict public bucket to limit access
aws_s3_bucket.my-bucket/github/workspace/main.tfHIGHAVD-AWS-0093S3 Access block should restrict public bucket to limit access
/github/workspaceMEDIUMAVD-AWS-0177RDS Deletion Protection Disabled
/github/workspaceMEDIUMAVD-AWS-0176RDS IAM Database Authentication Disabled
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfMEDIUMAVD-AWS-0089S3 Bucket does not have logging enabled.
aws_s3_bucket.my-bucket/github/workspace/main.tfMEDIUMAVD-AWS-0089S3 Bucket does not have logging enabled.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfMEDIUMAVD-AWS-0090S3 Data should be versioned
aws_s3_bucket.my-bucket/github/workspace/main.tfMEDIUMAVD-AWS-0090S3 Data should be versioned
aws_security_group_rule.my-rule1/github/workspace/main.tfLOWAVD-AWS-0124Missing description for security group rule.
aws_security_group_rule.my-rule2/github/workspace/main.tfLOWAVD-AWS-0124Missing description for security group rule.
aws_s3_bucket.my-bucket-test1/github/workspace/test1.tfLOWAVD-AWS-0094S3 buckets should each define an aws_s3_bucket_public_access_block
aws_s3_bucket.my-bucket/github/workspace/main.tfLOWAVD-AWS-0094S3 buckets should each define an aws_s3_bucket_public_access_block

@github-actions
Copy link

github-actions bot commented Feb 1, 2023

<style> * { box-sizing: border-box; }

#myInput {
background-image: url('/css/searchicon.png');
background-position: 10px 10px;
background-repeat: no-repeat;
width: 100%;
font-size: 16px;
padding: 12px 20px 12px 40px;
border: 1px solid #ddd;
margin-bottom: 12px;
}

#myTable {
border-collapse: collapse;
width: 100%;
border: 1px solid #ddd;
font-size: 18px;
}

#myTable th, #myTable td {
text-align: left;
padding: 12px;
}

#myTable tr {
border-bottom: 1px solid #ddd;
}

#myTable tr.header, #myTable tr:hover {
background-color: #f1f1f1;
}
</style>

My Customers

Name Country
Alfreds Futterkiste Germany
Berglunds snabbkop Sweden
Island Trading UK
Koniglich Essen Germany
Laughing Bacchus Winecellars Canada
Magazzini Alimentari Riuniti Italy
North/South UK
Paris specialites France
<script> function myFunction() { var input, filter, table, tr, td, i, txtValue; input = document.getElementById("myInput"); filter = input.value.toUpperCase(); table = document.getElementById("myTable"); tr = table.getElementsByTagName("tr"); for (i = 0; i < tr.length; i++) { td = tr[i].getElementsByTagName("td")[0]; if (td) { txtValue = td.textContent || td.innerText; if (txtValue.toUpperCase().indexOf(filter) > -1) { tr[i].style.display = ""; } else { tr[i].style.display = "none"; } } } } </script>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant