Possible Security Problems #219
Comments
|
@ctindall Thanks for your report. As this CICD isn't invoked for anything except a merge to master/production, I'm not terribly concerned with most of this, as very few people have permissions to make those merges anyways. Regardless, I agree that the Resource: "*" on line 76 is a legitimate issue that we should address; everything else I see as a non-issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there! I noticed some possible problems in some code in this repo. A quick summary of a few of them is below, but let me know if you're interested in seeing a full report or talking about cloud security in general.
severity: serious
filename:
./cicd/CICD.cft.ymlline number(s): [54]
resource(s):
IAM role should not allow * action on its permissions policy
severity: warning
filename:
./cicd/CICD.cft.ymlline number(s): [196]
resource(s):
CloudFront Distribution should enable access logging
severity: warning
filename:
./cicd/CICD.cft.ymlline number(s): [10, 32]
resource(s):
CodeBuild project should specify an EncryptionKey value
severity: warning
filename:
./cicd/CICD.cft.ymlline number(s): [54]
resource(s):
IAM role should not allow * resource on its permissions policy
severity: warning
filename:
./cicd/CICD.cft.ymlline number(s): [54]
resource(s):
Resource found with an explicit name, this disallows updates that require replacement of this resource
The text was updated successfully, but these errors were encountered: