bridgecrewio
feat(arm): add CKV_AZURE_86 to check resorce is a ContainerRegistry with tier "Standard"
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Description
The function checks if a specific resource is a ContainerRegistry with tier "Standard". If so, it returns a failure result; otherwise, it returns a success result.
New/Edited policies (Delete if not relevant)
Description
Include a description of what makes it a violation and any relevant external links.
Fix
How does someone fix the issue in code and/or in runtime?
Checklist:
- [v] My code follows the style guidelines of this project
- [v] I have performed a self-review of my own code
- [v] I have commented my code, particularly in hard-to-understand areas
- [v] I have made corresponding changes to the documentation
- [v] I have added tests that prove my feature, policy, or fix is effective and works
- [v] New and existing tests pass locally with my changes
- [v] Any dependent changes have been merged and published in downstream modules
I dont find the right resource type, how can Iknow it?
בתאריך יום ג׳, 21 במאי 2024 ב-12:17 מאת ChanochShayner < @.***>:
@.**** commented on this pull request.
In checkov/arm/checks/resource/AzureDefenderOnContainerRegistry.py https://github.com/bridgecrewio/checkov/pull/6336#discussion_r1607950123 :
tier = properties.get("tier")
resourceType = properties.get("resourceType")I don't see tier and resourceType fields in Microsoft.ContainerRegistry/registries Probably this is not the resource type.
— Reply to this email directly, view it on GitHub https://github.com/bridgecrewio/checkov/pull/6336#pullrequestreview-2068034311, or unsubscribe https://github.com/notifications/unsubscribe-auth/BD7L7SH6XPVKGZKNZ3XRHILZDMGK7AVCNFSM6AAAAABIBD27B6VHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDANRYGAZTIMZRGE . You are receiving this because you authored the thread.Message ID: @.***>
