checkov icon indicating copy to clipboard operation
checkov copied to clipboard

Published 20 hours ago verified publisher icon bridgecrewio

Support for Packer and Vagrant

Open djdta opened this issue 4 years ago • 5 comments
trafficstars

Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Would like to see is the tool to support Packer Images and Vagrant Box.

Describe the solution you'd like A clear and concise description of what you want to happen.

What I would like the tool to do is have the ability to scan packer image after they have been build for any security risks also the same with vagrant boxes created. Then produce a report of the security risks.

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

There is no real tool that scans security risks with packer images or vagrant images.

Additional context Add any other context or screenshots about the feature request here.

djdta avatar Mar 08 '21 17:03 djdta

@djdta sound like a great idea. what would be an example security check for that?

schosterbarak avatar Mar 08 '21 17:03 schosterbarak

Hi,

Thanks for your reply.

For Packer you could do the following.

  • Is the ssh Username and Password is in clear text.?
  • No public Ip address to be used in deploy?
  • Is the ebs volume in encrypted?
  • No KMS used for encrypted Volume?

For Vagrant as this for locally Development.

  • Is the ssh Username and Password is in clear text.?
  • No public Ip address to be used in deploy?
  • Is the ebs volume in encrypted?
  • No KMS used for encrypted Volume?

You may have your own ideas also, but I think adding more support for the other tool would grow your project.

Keep up the great work with the tool :)

Regards, djdta

djdta avatar Mar 13 '21 15:03 djdta

Is there going to be support for packer?

mike-wazowski007 avatar Oct 26 '21 14:10 mike-wazowski007

Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at https://slack.bridgecrew.io Thanks!

stale[bot] avatar Jun 25 '22 19:06 stale[bot]

Closing issue due to inactivity. If you feel this is in error, please re-open, or reach out to the community via slack: https://slack.bridgecrew.io Thanks!

stale[bot] avatar Jul 09 '22 20:07 stale[bot]

Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at https://slack.bridgecrew.io Thanks!

stale[bot] avatar Jan 10 '23 02:01 stale[bot]

Closing issue due to inactivity. If you feel this is in error, please re-open, or reach out to the community via slack: https://slack.bridgecrew.io Thanks!

stale[bot] avatar Jan 25 '23 04:01 stale[bot]