-
Notifications
You must be signed in to change notification settings - Fork 0
add in terraform actions #1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from 13 commits
7cb3978
8af1df7
43445f9
5e573bc
f6bbb46
2eb272c
6ff24bf
6b25a14
d53360d
a4d6d7c
55b7d02
1b84569
ea254e7
dd641c8
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| name: tfactions | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| jobs: | ||
| tfactions: | ||
| name: tfactions | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - uses: hashicorp/setup-terraform@v3 | ||
| with: | ||
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | ||
|
|
||
| - name: Terraform fmt | ||
| id: fmt | ||
| run: terraform fmt -check | ||
| continue-on-error: true |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,0 +1,7 @@ | ||
| resource "aws_s3_bucket" "my_bucket" { | ||
| bucket = "test-bucket-42353242213123" | ||
| tags = { | ||
| Name = "MyS3Bucket" | ||
| Environment = "Dev" | ||
| } | ||
| } | ||
|
Comment on lines
+1
to
+7
Check failureCode scanning / defsec S3 Access block should block public policy Error
No public access block so not blocking public policies
Comment on lines
+1
to
+7
Check failureCode scanning / defsec Unencrypted S3 bucket. Error
Bucket does not have encryption enabled
Comment on lines
+1
to
+7
Check warningCode scanning / defsec S3 Bucket does not have logging enabled. Warning
Bucket does not have logging enabled
Comment on lines
+1
to
+7
Check warningCode scanning / defsec S3 Data should be versioned Warning
Bucket does not have versioning enabled
Comment on lines
+1
to
+7
Check failureCode scanning / defsec S3 encryption should use Customer Managed Keys Error
Bucket does not encrypt data with a customer managed key.
Comment on lines
+1
to
+7
Check failureCode scanning / defsec S3 Access Block should Ignore Public Acl Error
No public access block so not ignoring public acls
Comment on lines
+1
to
+7
Check failureCode scanning / defsec S3 Access block should restrict public bucket to limit access Error
No public access block so not restricting public buckets
Comment on lines
+1
to
+7
Check noticeCode scanning / defsec S3 buckets should each define an aws_s3_bucket_public_access_block Note
Bucket does not have a corresponding public access block.
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| variable "name" { | ||
| type = string | ||
| } | ||
|
|
||
| variable "region" { | ||
| description = "AWS region to create resources in" | ||
| type = string | ||
| default = "us-east-1" | ||
| } | ||
|
|
||
| variable "aws_account" { | ||
| description = "Account number to create AWS resources in. This variable should be defined in the Terraform Cloud workspace settings" | ||
| } |
Check failure
Code scanning / defsec
S3 Access block should block public ACL Error