packetcraft / prismacloudappintegrationforgithub-tf Goto Github PK

View Code? Open in Web Editor NEW

1.0 1.0 1.0 53 KB

HCL 100.00%

prismacloudappintegrationforgithub-tf's People

Contributors

Stargazers

Watchers

Forkers

moengage

prismacloudappintegrationforgithub-tf's Issues

Prisma Cloud IaC Scan Failed - 39 Issues found in scan

Prisma Cloud Security Issues for pull request : #11

Severity	Policy Name	Files
High	AWS CloudTrail bucket is publicly accessible	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,38,48,49]
High	AWS ECS task definition resource limits not set	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	AWS EKS unsupported Master node version	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[382]
High	AWS S3 Object Versioning is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,13,22]
High	AWS S3 buckets are accessible to public	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16]
High	AWS Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS Security Group allows all traffic on RDP port (3389)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS Security Group allows all traffic on SSH port (22)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	Copy of AWS ECS task definition resource limits not set - Solal	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	Ivan-Avoid-Publicly-Exposed-S3	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16]
High	TMX - AWS S3 buckets are accessible to public	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16]
High	pasq - Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,13,28]
Medium	AWS CloudTrail logs are not encrypted using Customer Master Keys (CMKs)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34]
Medium	AWS Customer Master Key (CMK) rotation is not enabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[233,235]
Medium	AWS ECS/Fargate task definition execution IAM Role not found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[260,270,286,296]
Medium	AWS IAM password policy allows password reuse	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[338]
Medium	AWS IAM password policy does not expire in 12 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not expire in 90 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a lowercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,347]
Medium	AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a number	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,350]
Medium	AWS IAM password policy does not have a symbol	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,353]
Medium	AWS IAM password policy does not have an uppercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,356]
Medium	AWS RDS event subscription disabled for DB security groups	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[191,210,228]
Medium	AWS Redshift does not have require_ssl configured	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[182,185]
Medium	AWS VPC NACL allows egress traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,164]
Medium	AWS VPC NACL allows traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,174]
Medium	AWS VPC allows unauthorized peering	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[55,56]
Medium	AWS security group allows egress traffic to blocked ports - 21,22,135,137-139,445,69	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]
Medium	BA - AWS IAM password policy does not have a minimum of 20 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	DOkeyode AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	Erosen Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	Tobi Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Low	AWS IAM policy attached to users	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[128,364]
Low	AWS S3 CloudTrail buckets for which access logging is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,44]
Low	Terrafrom Kube	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[46,316,375]
Low	everitt-BuildPolicy1	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]
Low	everitt-build2	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]

Prisma Cloud IaC Scan Failed - 39 Issues found in scan

Prisma Cloud Security Issues for pull request : #14

Severity	Policy Name	Files
High	AWS CloudTrail bucket is publicly accessible	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,38,48,49]
High	AWS ECS task definition resource limits not set	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	AWS EKS unsupported Master node version	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[382]
High	AWS Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS Security Group allows all traffic on RDP port (3389)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS Security Group allows all traffic on SSH port (22)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	Copy of AWS ECS task definition resource limits not set - Solal	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	pasq - Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS S3 Object Versioning is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,13,22] ./TF/tf12_with_issues/tf12_with_issues.tf:[9]
High	AWS S3 buckets are accessible to public	./TF/tf12_variable_values/main.tf:[16] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_variable_files/smelks.tfvars:[1] ./TF/tf12_variable_files/main.tf:[16]
High	Ivan-Avoid-Publicly-Exposed-S3	./TF/tf12_variable_values/main.tf:[16] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_variable_files/smelks.tfvars:[1] ./TF/tf12_variable_files/main.tf:[16]
High	TMX - AWS S3 buckets are accessible to public	./TF/tf12_variable_values/main.tf:[16] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_variable_files/smelks.tfvars:[1] ./TF/tf12_variable_files/main.tf:[16]
Medium	AWS CloudTrail logs are not encrypted using Customer Master Keys (CMKs)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34]
Medium	AWS ECS/Fargate task definition execution IAM Role not found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[260,270,286,296]
Medium	AWS IAM password policy allows password reuse	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[338]
Medium	AWS IAM password policy does not expire in 12 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not expire in 90 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a lowercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,347]
Medium	AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a number	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,350]
Medium	AWS IAM password policy does not have a symbol	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,353]
Medium	AWS IAM password policy does not have an uppercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,356]
Medium	AWS RDS event subscription disabled for DB security groups	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[191,210,228]
Medium	AWS Redshift does not have require_ssl configured	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[182,185]
Medium	AWS VPC NACL allows egress traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,164]
Medium	AWS VPC NACL allows traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,174]
Medium	AWS VPC allows unauthorized peering	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[55,56]
Medium	AWS security group allows egress traffic to blocked ports - 21,22,135,137-139,445,69	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]
Medium	BA - AWS IAM password policy does not have a minimum of 20 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	DOkeyode AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	Erosen Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	Tobi Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS Customer Master Key (CMK) rotation is not enabled	./TF/tf12_multiple-modules/examples/s3-replication/main.tf:[24] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[233,235] ./TF/tf12_multiple-modules/examples/complete/main.tf:[9]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_variable_values/main.tf:[16] ./TF/tf12_nested_variable_files/main.tf:[16] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,13,28] ./TF/tf12_fixed_issues/tf12_fixed_issues.tf:[9,15] ./TF/tf12_with_issues/tf12_with_issues.tf:[9] ./TF/tf12_variable_files/main.tf:[16]
Low	AWS IAM policy attached to users	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[128,364]
Low	AWS S3 CloudTrail buckets for which access logging is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,44]
Low	Terrafrom Kube	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[46,316,375]
Low	everitt-BuildPolicy1	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]
Low	everitt-build2	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]

Prisma Cloud IaC Scan Failed - 2 Issues found in scan

Prisma Cloud Security Issues for pull request : #4

Severity	Policy Name	Files
High	AWS S3 buckets are accessible to public	./TF/tf12_variable_files/main.tf:[16] ./TF/tf12_variable_files/smelks.tfvars:[1] ./TF/tf12_variable_values/main.tf:[16]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_variable_files/main.tf:[16] ./TF/tf12_variable_values/main.tf:[16]

Prisma Cloud IaC Scan Failed - 2 Issues found in scan

Prisma Cloud Security Issues for pull request : #2

Severity	Policy Name	Files
High	AWS S3 buckets are accessible to public	./TF/tf12_variable_values/main.tf:[16]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_nested_variable_files/main.tf:[16] ./TF/tf12_variable_values/main.tf:[16]

Prisma Cloud IaC Scan Failed - 3 Issues found in scan

Prisma Cloud Security Issues for pull request : #6

Severity	Policy Name	Files
High	AWS S3 buckets are accessible to public	./TF/tf12_variable_files/main.tf:[16] ./TF/tf12_variable_files/smelks.tfvars:[1]
Medium	AWS Customer Master Key (CMK) rotation is not enabled	./TF/tf12_multiple-modules/examples/s3-replication/main.tf:[24]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_variable_files/main.tf:[16] ./TF/tf12_fixed_issues/tf12_fixed_issues.tf:[9,15]

Prisma Cloud IaC Scan Failed - 41 Issues found in scan

Prisma Cloud Security Issues for pull request : #16

Severity	Policy Name	Files
High	AWS CloudTrail bucket is publicly accessible	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,38,48,49]
High	AWS Default Security Group does not restrict all traffic	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[243,246]
High	AWS ECS task definition resource limits not set	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	AWS ECS/ Fargate task definition root user found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[273,299]
High	AWS EKS unsupported Master node version	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[382]
High	AWS Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS Security Group allows all traffic on RDP port (3389)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS Security Group allows all traffic on SSH port (22)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	Copy of AWS ECS task definition resource limits not set - Solal	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	pasq - Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS S3 Object Versioning is disabled	./TF/tf12_with_issues/tf12_with_issues.tf:[9] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,13,21]
High	AWS S3 buckets are accessible to public	./TF/tf12_nested_variable_files/main.tf:[16,18] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_variable_values/main.tf:[16,17] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_variable_files/main.tf:[16,18]
High	Ivan-Avoid-Publicly-Exposed-S3	./TF/tf12_nested_variable_files/main.tf:[16,18] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_variable_values/main.tf:[16,17] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_variable_files/main.tf:[16,18]
High	TMX - AWS S3 buckets are accessible to public	./TF/tf12_nested_variable_files/main.tf:[16,18] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_variable_values/main.tf:[16,17] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_variable_files/main.tf:[16,18]
Medium	AWS CloudTrail logs are not encrypted using Customer Master Keys (CMKs)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34]
Medium	AWS ECS/Fargate task definition execution IAM Role not found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[260,270,286,296]
Medium	AWS IAM password policy allows password reuse	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[338]
Medium	AWS IAM password policy does not expire in 12 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not expire in 90 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a lowercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,347]
Medium	AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a number	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,350]
Medium	AWS IAM password policy does not have a symbol	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,353]
Medium	AWS IAM password policy does not have an uppercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,356]
Medium	AWS RDS event subscription disabled for DB security groups	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[191,210,228]
Medium	AWS Redshift does not have require_ssl configured	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[182,185]
Medium	AWS VPC NACL allows egress traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,161]
Medium	AWS VPC NACL allows traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,171]
Medium	AWS VPC allows unauthorized peering	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[55,56]
Medium	AWS security group allows egress traffic to blocked ports - 21,22,135,137-139,445,69	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,89]
Medium	BA - AWS IAM password policy does not have a minimum of 20 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	DOkeyode AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	Erosen Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	Tobi Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS Customer Master Key (CMK) rotation is not enabled	./TF/tf12_multiple-modules/examples/s3-replication/main.tf:[24] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[233,235] ./TF/tf12_multiple-modules/examples/complete/main.tf:[9]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_nested_variable_files/main.tf:[16] ./TF/tf12_with_issues/tf12_with_issues.tf:[9] ./TF/tf12_variable_values/main.tf:[16] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9] ./TF/tf12_variable_files/main.tf:[16]
Low	AWS IAM policy attached to users	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[364]
Low	AWS S3 CloudTrail buckets for which access logging is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,44]
Low	Terrafrom Kube	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[46,316,375]
Low	everitt-BuildPolicy1	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,89]
Low	everitt-build2	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,89]

Prisma Cloud IaC Scan Failed - 25 Issues found in scan

Prisma Cloud Security Issues for pull request : #8

Severity	Policy Name	Files
High	AWS CloudTrail bucket is publicly accessible	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,38,48,49]
High	AWS ECS task definition resource limits not set	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[286,291]
High	AWS EKS unsupported Master node version	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[382]
High	AWS Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,79,103,125,147]
High	AWS S3 buckets are accessible to public	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[13,16] ./TF/tf12_variable_files/main.tf:[16] ./TF/tf12_variable_files/smelks.tfvars:[1]
Medium	AWS CloudTrail logs are not encrypted using Customer Master Keys (CMKs)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34]
Medium	AWS ECS/ Fargate task definition execution IAM Role not found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[260,270,286,296]
Medium	AWS ElasticSearch cluster not in a VPC	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[316]
Medium	AWS IAM password policy allows password reuse	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[338]
Medium	AWS IAM password policy does not expire in 90 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a lowercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,347]
Medium	AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335]
Medium	AWS IAM password policy does not have a number	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,350]
Medium	AWS IAM password policy does not have a symbol	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,353]
Medium	AWS IAM password policy does not have an uppercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[335,356]
Medium	AWS RDS event subscription disabled for DB security groups	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[191,210,228]
Medium	AWS Redshift does not have require_ssl configured	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[182,185]
Medium	AWS S3 Object Versioning is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,13,22]
Medium	AWS VPC NACL allows egress traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,164]
Medium	AWS VPC NACL allows traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[157,174]
Medium	AWS VPC allows unauthorized peering	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[55,56]
Medium	AWS security group allows egress traffic to blocked ports - 21,22,135,137-139,445,69	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[73,243]
Medium	AWS Customer Master Key (CMK) rotation is not enabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[233,235] ./TF/tf12_multiple-modules/examples/complete/main.tf:[9]
Low	AWS IAM policy attached to users	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[128,364]
Low	AWS S3 CloudTrail buckets for which access logging is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[34,44]

Prisma Cloud IaC Scan Failed - 41 Issues found in scan

Prisma Cloud Security Issues for pull request : #18

Severity	Policy Name	Files
High	AWS CloudTrail bucket is publicly accessible	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[40,44,57,58]
High	AWS Default Security Group does not restrict all traffic	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[290,293]
High	AWS ECS task definition resource limits not set	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[339,344]
High	AWS ECS/ Fargate task definition root user found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[323,352]
High	AWS EKS unsupported Master node version	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[441]
High	AWS Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[93,120,141,145,170]
High	AWS Security Group allows all traffic on RDP port (3389)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[93,120,141,145,170]
High	AWS Security Group allows all traffic on SSH port (22)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[93,120,141,145,170]
High	pasq - Security Group Inbound rule overly permissive to all traffic on all protocols (-1)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[93,120,141,145,170]
High	AWS S3 Object Versioning is disabled	./TF/tf12_with_issues/tf12_with_issues.tf:[9] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9,16,24]
High	AWS S3 buckets are accessible to public	./TF/tf12_variable_values/main.tf:[17,18] ./TF/tf12_variable_files/main.tf:[17,19] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[16,19] ./TF/tf12_nested_variable_files/main.tf:[17,19]
High	Ivan-Avoid-Publicly-Exposed-S3	./TF/tf12_variable_values/main.tf:[17,18] ./TF/tf12_variable_files/main.tf:[17,19] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[16,19] ./TF/tf12_nested_variable_files/main.tf:[17,19]
High	TMX - AWS S3 buckets are accessible to public	./TF/tf12_variable_values/main.tf:[17,18] ./TF/tf12_variable_files/main.tf:[17,19] ./TF/tf12_with_issues/tf12_with_issues.tf:[9,11] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[16,19] ./TF/tf12_nested_variable_files/main.tf:[17,19]
Medium	AWS CloudTrail logs are not encrypted using Customer Master Keys (CMKs)	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[40]
Medium	AWS ECS/Fargate task definition execution IAM Role not found	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[310,320,339,349]
Medium	AWS IAM password policy allows password reuse	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[397]
Medium	AWS IAM password policy does not expire in 12 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	AWS IAM password policy does not expire in 90 days	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	AWS IAM password policy does not have a lowercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394,406]
Medium	AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	AWS IAM password policy does not have a number	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394,409]
Medium	AWS IAM password policy does not have a symbol	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394,412]
Medium	AWS IAM password policy does not have an uppercase character	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394,415]
Medium	AWS RDS database instance is publicly accessible	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[223,235]
Medium	AWS RDS event subscription disabled for DB security groups	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[223,248,266]
Medium	AWS Redshift does not have require_ssl configured	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[211,214]
Medium	AWS VPC NACL allows egress traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[183,187]
Medium	AWS VPC NACL allows traffic from blocked ports	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[183,197]
Medium	AWS VPC allows unauthorized peering	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[64,65]
Medium	AWS security group allows egress traffic to blocked ports - 21,22,135,137-139,445,69	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[87,103]
Medium	BA - AWS IAM password policy does not have a minimum of 20 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	DOkeyode AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	Erosen Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	Tobi Copy of AWS IAM password policy does not have a minimum of 14 characters	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[394]
Medium	AWS Customer Master Key (CMK) rotation is not enabled	./TF/tf12_multiple-modules/examples/complete/main.tf:[9] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[274,276] ./TF/tf12_multiple-modules/examples/s3-replication/main.tf:[24]
Medium	AWS Access logging not enabled on S3 buckets	./TF/tf12_variable_values/main.tf:[17] ./TF/tf12_variable_files/main.tf:[17] ./TF/tf12_with_issues/tf12_with_issues.tf:[9] ./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[9] ./TF/tf12_nested_variable_files/main.tf:[17]
Low	AWS IAM policy attached to users	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[423]
Low	AWS S3 CloudTrail buckets for which access logging is disabled	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[40,50]
Low	Terrafrom Kube	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[55,372,434]
Low	everitt-BuildPolicy1	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[87,103]
Low	everitt-build2	./TF/tf12_aws_all_issues/tf12_aws_all_issues.tf:[87,103]

packetcraft / prismacloudappintegrationforgithub-tf Goto Github PK

prismacloudappintegrationforgithub-tf's People

Contributors

Stargazers

Watchers

Forkers

prismacloudappintegrationforgithub-tf's Issues

Prisma Cloud IaC Scan Failed - 39 Issues found in scan

Prisma Cloud IaC Scan Failed - 39 Issues found in scan

Prisma Cloud IaC Scan Failed - 2 Issues found in scan

Prisma Cloud IaC Scan Failed - 2 Issues found in scan

Prisma Cloud IaC Scan Failed - 3 Issues found in scan

Prisma Cloud IaC Scan Failed - 41 Issues found in scan

Prisma Cloud IaC Scan Failed - 25 Issues found in scan

Prisma Cloud IaC Scan Failed - 41 Issues found in scan

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent