Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create kdfshfa.tf #13

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Create kdfshfa.tf #13

wants to merge 4 commits into from

Conversation

PavelLinearB
Copy link
Member

No description provided.

Copy link

@orca-security-us orca-security-us bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 3   info 3 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca

Copy link

@jit-ci jit-ci bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❌ Jit has detected 1 important finding in this PR that you should review.
The finding is detailed below as a comment.
It’s highly recommended that you fix this security issue before merge.

}
}

resource "aws_kms_key" "testkey" {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security control: Iac Misconfig Detection Terraform

Type: Customer Master Keys (Cmk) Must Have Rotation Enabled, Which Means The Attribute 'Enable Key Rotation' Must Be Set To 'True' When The Key Is Enabled.

Description: Customer Master Keys (CMK) must have rotation enabled, which means the attribute 'enable_key_rotation' must be set to 'true' when the key is enabled.

Severity: HIGH

Learn more about this issue



Jit Bot commands and options (e.g., ignore issue)

You can trigger Jit actions by commenting on this PR review:

  • #jit_ignore_fp Ignore and mark this specific single instance of finding as “False Positive”
  • #jit_ignore_accept Ignore and mark this specific single instance of finding as “Accept Risk”
  • #jit_undo_ignore Undo ignore command

@linear-b linear-b deleted a comment from gitstream-cm bot Jan 8, 2024
@linear-b linear-b deleted a comment from gitstream-cm bot Jan 8, 2024
Copy link

sonarcloud bot commented Jan 8, 2024

Quality Gate Failed Quality Gate failed

Failed conditions

4 Security Hotspots

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant