checkov icon indicating copy to clipboard operation
checkov copied to clipboard
verified publisher icon bridgecrewio

feat(terraform): add CKV2_AZURE_23 to ensure that AKS cluster disables local accounts

Open tplisson opened this issue 3 years ago • 0 comments

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

This policy doesn't exist yet in Checkov and is a security best practice https://docs.microsoft.com/en-us/azure/aks/operator-best-practices-identity

Checklist:

  • [X] My code follows the style guidelines of this project
  • [X] I have performed a self-review of my own code
  • [X] I have commented my code, particularly in hard-to-understand areas
  • [X] I have made corresponding changes to the documentation
  • [X] I have added tests that prove my feature, policy, or fix is effective and works
  • [X] New and existing tests pass locally with my changes
  • [X] Any dependent changes have been merged and published in downstream modules

tplisson avatar Aug 19 '22 18:08 tplisson