appmeshworkshop icon indicating copy to clipboard operation
appmeshworkshop copied to clipboard

Published 20 hours ago verified publisher icon brentley

Possible Security Problems

Open ctindall opened this issue 5 years ago • 0 comments

Hey there! I noticed some possible problems in some code in this repo. A quick summary of a few of them is below, but let me know if you're interested in seeing a full report or talking about cloud security in general.

severity: serious

filename: ./templates/ci-cd-codepipeline.cfn.yml

line number(s): [204]

resource(s):

IAM role should not allow * resource with PassRole action on its permissions policy

severity: warning

filename: ./templates/ci-cd-codepipeline.cfn.yml

line number(s): [302]

resource(s):

CodeBuild project should specify an EncryptionKey value

severity: warning

filename: ./templates/ci-cd-codepipeline.cfn.yml

line number(s): [204, 240]

resource(s):

IAM role should not allow * resource on its permissions policy

severity: warning

filename: ./templates/ci-cd-codepipeline.cfn.yml

line number(s): [112]

resource(s):

S3 Bucket should have access logging configured

severity: warning

filename: ./templates/ci-cd-codepipeline.cfn.yml

line number(s): [112]

resource(s):

S3 Bucket should have encryption option set

severity: warning

filename: ./templates/amazon-eks-nodegroup-with-spot.yml

line number(s): [339]

resource(s):

Security Groups ingress with an ipProtocol of -1 found

severity: warning

filename: ./templates/amazon-eks-nodegroup-with-spot.yml

line number(s): [339]

resource(s):

Security Groups found ingress with port range instead of just a single port

ctindall avatar Oct 16 '19 07:10 ctindall