| 0 |
CKV2_ADO_1 |
resource |
azuredevops_branch_policy_min_reviewers |
Ensure at least two approving reviews for PRs |
Terraform |
ADORepositoryHasMinTwoReviewers.yaml |
| 1 |
CKV2_ADO_1 |
resource |
azuredevops_git_repository |
Ensure at least two approving reviews for PRs |
Terraform |
ADORepositoryHasMinTwoReviewers.yaml |
| 2 |
CKV_ALI_1 |
resource |
alicloud_oss_bucket |
Alibaba Cloud OSS bucket accessible to public |
Terraform |
OSSBucketPublic.yaml |
| 3 |
CKV_ALI_1 |
resource |
alicloud_oss_bucket_acl |
Alibaba Cloud OSS bucket accessible to public |
Terraform |
OSSBucketPublic.yaml |
| 4 |
CKV_ALI_2 |
resource |
alicloud_security_group_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 22 |
Terraform |
SecurityGroupUnrestrictedIngress22.py |
| 5 |
CKV_ALI_3 |
resource |
alicloud_security_group_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 3389 |
Terraform |
SecurityGroupUnrestrictedIngress3389.py |
| 6 |
CKV_ALI_4 |
resource |
alicloud_actiontrail_trail |
Ensure Action Trail Logging for all regions |
Terraform |
ActionTrailLogAllRegions.py |
| 7 |
CKV_ALI_5 |
resource |
alicloud_actiontrail_trail |
Ensure Action Trail Logging for all events |
Terraform |
ActionTrailLogAllEvents.py |
| 8 |
CKV_ALI_6 |
resource |
alicloud_oss_bucket |
Ensure OSS bucket is encrypted with Customer Master Key |
Terraform |
OSSBucketEncryptedWithCMK.py |
| 9 |
CKV_ALI_7 |
resource |
alicloud_disk |
Ensure disk is encrypted |
Terraform |
DiskIsEncrypted.py |
| 10 |
CKV_ALI_8 |
resource |
alicloud_disk |
Ensure Disk is encrypted with Customer Master Key |
Terraform |
DiskEncryptedWithCMK.py |
| 11 |
CKV_ALI_9 |
resource |
alicloud_db_instance |
Ensure database instance is not public |
Terraform |
RDSIsPublic.py |
| 12 |
CKV_ALI_10 |
resource |
alicloud_oss_bucket |
Ensure OSS bucket has versioning enabled |
Terraform |
OSSBucketVersioning.py |
| 13 |
CKV_ALI_11 |
resource |
alicloud_oss_bucket |
Ensure OSS bucket has transfer Acceleration enabled |
Terraform |
OSSBucketTransferAcceleration.py |
| 14 |
CKV_ALI_12 |
resource |
alicloud_oss_bucket |
Ensure the OSS bucket has access logging enabled |
Terraform |
OSSBucketAccessLogs.py |
| 15 |
CKV_ALI_13 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy requires minimum length of 14 or greater |
Terraform |
RAMPasswordPolicyLength.py |
| 16 |
CKV_ALI_14 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy requires at least one number |
Terraform |
RAMPasswordPolicyNumber.py |
| 17 |
CKV_ALI_15 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy requires at least one symbol |
Terraform |
RAMPasswordPolicySymbol.py |
| 18 |
CKV_ALI_16 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy expires passwords within 90 days or less |
Terraform |
RAMPasswordPolicyExpiration.py |
| 19 |
CKV_ALI_17 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy requires at least one lowercase letter |
Terraform |
RAMPasswordPolicyLowercaseLetter.py |
| 20 |
CKV_ALI_18 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy prevents password reuse |
Terraform |
RAMPasswordPolicyReuse.py |
| 21 |
CKV_ALI_19 |
resource |
alicloud_ram_account_password_policy |
Ensure RAM password policy requires at least one uppercase letter |
Terraform |
RAMPasswordPolicyUppcaseLetter.py |
| 22 |
CKV_ALI_20 |
resource |
alicloud_db_instance |
Ensure RDS instance uses SSL |
Terraform |
RDSInstanceSSL.py |
| 23 |
CKV_ALI_21 |
resource |
alicloud_api_gateway_api |
Ensure API Gateway API Protocol HTTPS |
Terraform |
APIGatewayProtocolHTTPS.py |
| 24 |
CKV_ALI_22 |
resource |
alicloud_db_instance |
Ensure Transparent Data Encryption is Enabled on instance |
Terraform |
RDSTransparentDataEncryptionEnabled.py |
| 25 |
CKV_ALI_23 |
resource |
alicloud_ram_account_password_policy |
Ensure Ram Account Password Policy Max Login Attempts not > 5 |
Terraform |
RAMPasswordPolicyMaxLogin.py |
| 26 |
CKV_ALI_24 |
resource |
alicloud_ram_security_preference |
Ensure RAM enforces MFA |
Terraform |
RAMSecurityEnforceMFA.py |
| 27 |
CKV_ALI_25 |
resource |
alicloud_db_instance |
Ensure RDS Instance SQL Collector Retention Period should be greater than 180 |
Terraform |
RDSRetention.py |
| 28 |
CKV_ALI_26 |
resource |
alicloud_cs_kubernetes |
Ensure Kubernetes installs plugin Terway or Flannel to support standard policies |
Terraform |
K8sEnableNetworkPolicies.py |
| 29 |
CKV_ALI_27 |
resource |
alicloud_kms_key |
Ensure KMS Key Rotation is enabled |
Terraform |
KMSKeyRotationIsEnabled.py |
| 30 |
CKV_ALI_28 |
resource |
alicloud_kms_key |
Ensure KMS Keys are enabled |
Terraform |
KMSKeyIsEnabled.py |
| 31 |
CKV_ALI_29 |
resource |
alicloud_alb_acl_entry_attachment |
Alibaba ALB ACL does not restrict Access |
Terraform |
ALBACLIsUnrestricted.py |
| 32 |
CKV_ALI_30 |
resource |
alicloud_db_instance |
Ensure RDS instance auto upgrades for minor versions |
Terraform |
RDSInstanceAutoUpgrade.py |
| 33 |
CKV_ALI_31 |
resource |
alicloud_cs_kubernetes_node_pool |
Ensure K8s nodepools are set to auto repair |
Terraform |
K8sNodePoolAutoRepair.py |
| 34 |
CKV_ALI_32 |
resource |
alicloud_ecs_launch_template |
Ensure launch template data disks are encrypted |
Terraform |
LaunchTemplateDisksAreEncrypted.py |
| 35 |
CKV_ALI_33 |
resource |
alicloud_slb_tls_cipher_policy |
Alibaba Cloud Cypher Policy are secure |
Terraform |
TLSPoliciesAreSecure.py |
| 36 |
CKV_ALI_35 |
resource |
alicloud_db_instance |
Ensure RDS instance has log_duration enabled |
Terraform |
RDSInstanceLogsEnabled.py |
| 37 |
CKV_ALI_36 |
resource |
alicloud_db_instance |
Ensure RDS instance has log_disconnections enabled |
Terraform |
RDSInstanceLogDisconnections.py |
| 38 |
CKV_ALI_37 |
resource |
alicloud_db_instance |
Ensure RDS instance has log_connections enabled |
Terraform |
RDSInstanceLogConnections.py |
| 39 |
CKV_ALI_38 |
resource |
alicloud_log_audit |
Ensure log audit is enabled for RDS |
Terraform |
LogAuditRDSEnabled.py |
| 40 |
CKV_ALI_41 |
resource |
alicloud_mongodb_instance |
Ensure MongoDB is deployed inside a VPC |
Terraform |
MongoDBInsideVPC.py |
| 41 |
CKV_ALI_42 |
resource |
alicloud_mongodb_instance |
Ensure Mongodb instance uses SSL |
Terraform |
MongoDBInstanceSSL.py |
| 42 |
CKV_ALI_43 |
resource |
alicloud_mongodb_instance |
Ensure MongoDB instance is not public |
Terraform |
MongoDBIsPublic.py |
| 43 |
CKV_ALI_44 |
resource |
alicloud_mongodb_instance |
Ensure MongoDB has Transparent Data Encryption Enabled |
Terraform |
MongoDBTransparentDataEncryptionEnabled.py |
| 44 |
CKV_AWS_1 |
data |
aws_iam_policy_document |
Ensure IAM policies that allow full “-” administrative privileges are not created |
Terraform |
AdminPolicyDocument.py |
| 45 |
CKV_AWS_2 |
resource |
aws_alb_listener |
Ensure ALB protocol is HTTPS |
Terraform |
ALBListenerHTTPS.py |
| 46 |
CKV_AWS_2 |
resource |
aws_lb_listener |
Ensure ALB protocol is HTTPS |
Terraform |
ALBListenerHTTPS.py |
| 47 |
CKV_AWS_3 |
resource |
aws_ebs_volume |
Ensure all data stored in the EBS is securely encrypted |
Terraform |
EBSEncryption.py |
| 48 |
CKV_AWS_5 |
resource |
aws_elasticsearch_domain |
Ensure all data stored in the Elasticsearch is securely encrypted at rest |
Terraform |
ElasticsearchEncryption.py |
| 49 |
CKV_AWS_5 |
resource |
aws_opensearch_domain |
Ensure all data stored in the Elasticsearch is securely encrypted at rest |
Terraform |
ElasticsearchEncryption.py |
| 50 |
CKV_AWS_6 |
resource |
aws_elasticsearch_domain |
Ensure all Elasticsearch has node-to-node encryption enabled |
Terraform |
ElasticsearchNodeToNodeEncryption.py |
| 51 |
CKV_AWS_6 |
resource |
aws_opensearch_domain |
Ensure all Elasticsearch has node-to-node encryption enabled |
Terraform |
ElasticsearchNodeToNodeEncryption.py |
| 52 |
CKV_AWS_7 |
resource |
aws_kms_key |
Ensure rotation for customer created CMKs is enabled |
Terraform |
KMSRotation.py |
| 53 |
CKV_AWS_8 |
resource |
aws_instance |
Ensure all data stored in the Launch configuration or instance Elastic Blocks Store is securely encrypted |
Terraform |
LaunchConfigurationEBSEncryption.py |
| 54 |
CKV_AWS_8 |
resource |
aws_launch_configuration |
Ensure all data stored in the Launch configuration or instance Elastic Blocks Store is securely encrypted |
Terraform |
LaunchConfigurationEBSEncryption.py |
| 55 |
CKV_AWS_9 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy expires passwords within 90 days or less |
Terraform |
PasswordPolicyExpiration.py |
| 56 |
CKV_AWS_10 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy requires minimum length of 14 or greater |
Terraform |
PasswordPolicyLength.py |
| 57 |
CKV_AWS_11 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy requires at least one lowercase letter |
Terraform |
PasswordPolicyLowercaseLetter.py |
| 58 |
CKV_AWS_12 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy requires at least one number |
Terraform |
PasswordPolicyNumber.py |
| 59 |
CKV_AWS_13 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy prevents password reuse |
Terraform |
PasswordPolicyReuse.py |
| 60 |
CKV_AWS_14 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy requires at least one symbol |
Terraform |
PasswordPolicySymbol.py |
| 61 |
CKV_AWS_15 |
resource |
aws_iam_account_password_policy |
Ensure IAM password policy requires at least one uppercase letter |
Terraform |
PasswordPolicyUppercaseLetter.py |
| 62 |
CKV_AWS_16 |
resource |
aws_db_instance |
Ensure all data stored in the RDS is securely encrypted at rest |
Terraform |
RDSEncryption.py |
| 63 |
CKV_AWS_17 |
resource |
aws_db_instance |
Ensure all data stored in RDS is not publicly accessible |
Terraform |
RDSPubliclyAccessible.py |
| 64 |
CKV_AWS_17 |
resource |
aws_rds_cluster_instance |
Ensure all data stored in RDS is not publicly accessible |
Terraform |
RDSPubliclyAccessible.py |
| 65 |
CKV_AWS_18 |
resource |
aws_s3_bucket |
Ensure the S3 bucket has access logging enabled |
Terraform |
S3BucketLogging.yaml |
| 66 |
CKV_AWS_19 |
resource |
aws_s3_bucket |
Ensure all data stored in the S3 bucket is securely encrypted at rest |
Terraform |
S3BucketEncryption.yaml |
| 67 |
CKV_AWS_19 |
resource |
aws_s3_bucket_server_side_encryption_configuration |
Ensure all data stored in the S3 bucket is securely encrypted at rest |
Terraform |
S3BucketEncryption.yaml |
| 68 |
CKV_AWS_20 |
resource |
aws_s3_bucket |
S3 Bucket has an ACL defined which allows public READ access. |
Terraform |
S3PublicACLRead.yaml |
| 69 |
CKV_AWS_20 |
resource |
aws_s3_bucket_acl |
S3 Bucket has an ACL defined which allows public READ access. |
Terraform |
S3PublicACLRead.yaml |
| 70 |
CKV_AWS_21 |
resource |
aws_s3_bucket |
Ensure all data stored in the S3 bucket have versioning enabled |
Terraform |
S3BucketVersioning.yaml |
| 71 |
CKV_AWS_21 |
resource |
aws_s3_bucket_versioning |
Ensure all data stored in the S3 bucket have versioning enabled |
Terraform |
S3BucketVersioning.yaml |
| 72 |
CKV_AWS_22 |
resource |
aws_sagemaker_notebook_instance |
Ensure SageMaker Notebook is encrypted at rest using KMS CMK |
Terraform |
SagemakerNotebookEncryption.py |
| 73 |
CKV_AWS_23 |
resource |
aws_db_security_group |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 74 |
CKV_AWS_23 |
resource |
aws_elasticache_security_group |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 75 |
CKV_AWS_23 |
resource |
aws_redshift_security_group |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 76 |
CKV_AWS_23 |
resource |
aws_security_group |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 77 |
CKV_AWS_23 |
resource |
aws_security_group_rule |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 78 |
CKV_AWS_23 |
resource |
aws_vpc_security_group_egress_rule |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 79 |
CKV_AWS_23 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure every security group and rule has a description |
Terraform |
SecurityGroupRuleDescription.py |
| 80 |
CKV_AWS_24 |
resource |
aws_security_group |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 22 |
Terraform |
SecurityGroupUnrestrictedIngress22.py |
| 81 |
CKV_AWS_24 |
resource |
aws_security_group_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 22 |
Terraform |
SecurityGroupUnrestrictedIngress22.py |
| 82 |
CKV_AWS_24 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 22 |
Terraform |
SecurityGroupUnrestrictedIngress22.py |
| 83 |
CKV_AWS_25 |
resource |
aws_security_group |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 3389 |
Terraform |
SecurityGroupUnrestrictedIngress3389.py |
| 84 |
CKV_AWS_25 |
resource |
aws_security_group_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 3389 |
Terraform |
SecurityGroupUnrestrictedIngress3389.py |
| 85 |
CKV_AWS_25 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 3389 |
Terraform |
SecurityGroupUnrestrictedIngress3389.py |
| 86 |
CKV_AWS_26 |
resource |
aws_sns_topic |
Ensure all data stored in the SNS topic is encrypted |
Terraform |
SNSTopicEncryption.py |
| 87 |
CKV_AWS_27 |
resource |
aws_sqs_queue |
Ensure all data stored in the SQS queue is encrypted |
Terraform |
SQSQueueEncryption.py |
| 88 |
CKV_AWS_28 |
resource |
aws_dynamodb_table |
Ensure DynamoDB point in time recovery (backup) is enabled |
Terraform |
DynamodbRecovery.py |
| 89 |
CKV_AWS_29 |
resource |
aws_elasticache_replication_group |
Ensure all data stored in the ElastiCache Replication Group is securely encrypted at rest |
Terraform |
ElasticacheReplicationGroupEncryptionAtRest.py |
| 90 |
CKV_AWS_30 |
resource |
aws_elasticache_replication_group |
Ensure all data stored in the ElastiCache Replication Group is securely encrypted at transit |
Terraform |
ElasticacheReplicationGroupEncryptionAtTransit.py |
| 91 |
CKV_AWS_31 |
resource |
aws_elasticache_replication_group |
Ensure all data stored in the ElastiCache Replication Group is securely encrypted at transit and has auth token |
Terraform |
ElasticacheReplicationGroupEncryptionAtTransitAuthToken.py |
| 92 |
CKV_AWS_32 |
resource |
aws_ecr_repository_policy |
Ensure ECR policy is not set to public |
Terraform |
ECRPolicy.py |
| 93 |
CKV_AWS_33 |
resource |
aws_kms_key |
Ensure KMS key policy does not contain wildcard (*) principal |
Terraform |
KMSKeyWildcardPrincipal.py |
| 94 |
CKV_AWS_34 |
resource |
aws_cloudfront_distribution |
Ensure CloudFront distribution ViewerProtocolPolicy is set to HTTPS |
Terraform |
CloudfrontDistributionEncryption.py |
| 95 |
CKV_AWS_35 |
resource |
aws_cloudtrail |
Ensure CloudTrail logs are encrypted at rest using KMS CMKs |
Terraform |
CloudtrailEncryptionWithCMK.py |
| 96 |
CKV_AWS_36 |
resource |
aws_cloudtrail |
Ensure CloudTrail log file validation is enabled |
Terraform |
CloudtrailLogValidation.py |
| 97 |
CKV_AWS_37 |
resource |
aws_eks_cluster |
Ensure Amazon EKS control plane logging is enabled for all log types |
Terraform |
EKSControlPlaneLogging.py |
| 98 |
CKV_AWS_38 |
resource |
aws_eks_cluster |
Ensure Amazon EKS public endpoint not accessible to 0.0.0.0/0 |
Terraform |
EKSPublicAccessCIDR.py |
| 99 |
CKV_AWS_39 |
resource |
aws_eks_cluster |
Ensure Amazon EKS public endpoint disabled |
Terraform |
EKSPublicAccess.py |
| 100 |
CKV_AWS_40 |
resource |
aws_iam_policy_attachment |
Ensure IAM policies are attached only to groups or roles (Reducing access management complexity may in-turn reduce opportunity for a principal to inadvertently receive or retain excessive privileges.) |
Terraform |
IAMPolicyAttachedToGroupOrRoles.py |
| 101 |
CKV_AWS_40 |
resource |
aws_iam_user_policy |
Ensure IAM policies are attached only to groups or roles (Reducing access management complexity may in-turn reduce opportunity for a principal to inadvertently receive or retain excessive privileges.) |
Terraform |
IAMPolicyAttachedToGroupOrRoles.py |
| 102 |
CKV_AWS_40 |
resource |
aws_iam_user_policy_attachment |
Ensure IAM policies are attached only to groups or roles (Reducing access management complexity may in-turn reduce opportunity for a principal to inadvertently receive or retain excessive privileges.) |
Terraform |
IAMPolicyAttachedToGroupOrRoles.py |
| 103 |
CKV_AWS_41 |
provider |
aws |
Ensure no hard coded AWS access key and secret key exists in provider |
Terraform |
credentials.py |
| 104 |
CKV_AWS_42 |
resource |
aws_efs_file_system |
Ensure EFS is securely encrypted |
Terraform |
EFSEncryptionEnabled.py |
| 105 |
CKV_AWS_43 |
resource |
aws_kinesis_stream |
Ensure Kinesis Stream is securely encrypted |
Terraform |
KinesisStreamEncryptionType.py |
| 106 |
CKV_AWS_44 |
resource |
aws_neptune_cluster |
Ensure Neptune storage is securely encrypted |
Terraform |
NeptuneClusterStorageEncrypted.py |
| 107 |
CKV_AWS_45 |
resource |
aws_lambda_function |
Ensure no hard-coded secrets exist in lambda environment |
Terraform |
LambdaEnvironmentCredentials.py |
| 108 |
CKV_AWS_46 |
resource |
aws_instance |
Ensure no hard-coded secrets exist in EC2 user data |
Terraform |
EC2Credentials.py |
| 109 |
CKV_AWS_46 |
resource |
aws_launch_configuration |
Ensure no hard-coded secrets exist in EC2 user data |
Terraform |
EC2Credentials.py |
| 110 |
CKV_AWS_46 |
resource |
aws_launch_template |
Ensure no hard-coded secrets exist in EC2 user data |
Terraform |
EC2Credentials.py |
| 111 |
CKV_AWS_47 |
resource |
aws_dax_cluster |
Ensure DAX is encrypted at rest (default is unencrypted) |
Terraform |
DAXEncryption.py |
| 112 |
CKV_AWS_48 |
resource |
aws_mq_broker |
Ensure MQ Broker logging is enabled |
Terraform |
MQBrokerLogging.py |
| 113 |
CKV_AWS_49 |
data |
aws_iam_policy_document |
Ensure no IAM policies documents allow “*” as a statement’s actions |
Terraform |
StarActionPolicyDocument.py |
| 114 |
CKV_AWS_50 |
resource |
aws_lambda_function |
X-Ray tracing is enabled for Lambda |
Terraform |
LambdaXrayEnabled.py |
| 115 |
CKV_AWS_51 |
resource |
aws_ecr_repository |
Ensure ECR Image Tags are immutable |
Terraform |
ECRImmutableTags.py |
| 116 |
CKV_AWS_53 |
resource |
aws_s3_bucket_public_access_block |
Ensure S3 bucket has block public ACLS enabled |
Terraform |
S3BlockPublicACLs.py |
| 117 |
CKV_AWS_54 |
resource |
aws_s3_bucket_public_access_block |
Ensure S3 bucket has block public policy enabled |
Terraform |
S3BlockPublicPolicy.py |
| 118 |
CKV_AWS_55 |
resource |
aws_s3_bucket_public_access_block |
Ensure S3 bucket has ignore public ACLs enabled |
Terraform |
S3IgnorePublicACLs.py |
| 119 |
CKV_AWS_56 |
resource |
aws_s3_bucket_public_access_block |
Ensure S3 bucket has ‘restrict_public_buckets’ enabled |
Terraform |
S3RestrictPublicBuckets.py |
| 120 |
CKV_AWS_57 |
resource |
aws_s3_bucket |
S3 Bucket has an ACL defined which allows public WRITE access. |
Terraform |
S3PublicACLWrite.yaml |
| 121 |
CKV_AWS_57 |
resource |
aws_s3_bucket_acl |
S3 Bucket has an ACL defined which allows public WRITE access. |
Terraform |
S3PublicACLWrite.yaml |
| 122 |
CKV_AWS_58 |
resource |
aws_eks_cluster |
Ensure EKS Cluster has Secrets Encryption Enabled |
Terraform |
EKSSecretsEncryption.py |
| 123 |
CKV_AWS_59 |
resource |
aws_api_gateway_method |
Ensure there is no open access to back-end resources through API |
Terraform |
APIGatewayAuthorization.py |
| 124 |
CKV_AWS_60 |
resource |
aws_iam_role |
Ensure IAM role allows only specific services or principals to assume it |
Terraform |
IAMRoleAllowsPublicAssume.py |
| 125 |
CKV_AWS_61 |
resource |
aws_iam_role |
Ensure AWS IAM policy does not allow assume role permission across all services |
Terraform |
IAMRoleAllowAssumeFromAccount.py |
| 126 |
CKV_AWS_62 |
resource |
aws_iam_group_policy |
Ensure IAM policies that allow full “-” administrative privileges are not created |
Terraform |
IAMAdminPolicyDocument.py |
| 127 |
CKV_AWS_62 |
resource |
aws_iam_policy |
Ensure IAM policies that allow full “-” administrative privileges are not created |
Terraform |
IAMAdminPolicyDocument.py |
| 128 |
CKV_AWS_62 |
resource |
aws_iam_role_policy |
Ensure IAM policies that allow full “-” administrative privileges are not created |
Terraform |
IAMAdminPolicyDocument.py |
| 129 |
CKV_AWS_62 |
resource |
aws_iam_user_policy |
Ensure IAM policies that allow full “-” administrative privileges are not created |
Terraform |
IAMAdminPolicyDocument.py |
| 130 |
CKV_AWS_62 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure IAM policies that allow full “-” administrative privileges are not created |
Terraform |
IAMAdminPolicyDocument.py |
| 131 |
CKV_AWS_63 |
resource |
aws_iam_group_policy |
Ensure no IAM policies documents allow “*” as a statement’s actions |
Terraform |
IAMStarActionPolicyDocument.py |
| 132 |
CKV_AWS_63 |
resource |
aws_iam_policy |
Ensure no IAM policies documents allow “*” as a statement’s actions |
Terraform |
IAMStarActionPolicyDocument.py |
| 133 |
CKV_AWS_63 |
resource |
aws_iam_role_policy |
Ensure no IAM policies documents allow “*” as a statement’s actions |
Terraform |
IAMStarActionPolicyDocument.py |
| 134 |
CKV_AWS_63 |
resource |
aws_iam_user_policy |
Ensure no IAM policies documents allow “*” as a statement’s actions |
Terraform |
IAMStarActionPolicyDocument.py |
| 135 |
CKV_AWS_63 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure no IAM policies documents allow “*” as a statement’s actions |
Terraform |
IAMStarActionPolicyDocument.py |
| 136 |
CKV_AWS_64 |
resource |
aws_redshift_cluster |
Ensure all data stored in the Redshift cluster is securely encrypted at rest |
Terraform |
RedshiftClusterEncryption.py |
| 137 |
CKV_AWS_65 |
resource |
aws_ecs_cluster |
Ensure container insights are enabled on ECS cluster |
Terraform |
ECSClusterContainerInsights.py |
| 138 |
CKV_AWS_66 |
resource |
aws_cloudwatch_log_group |
Ensure that CloudWatch Log Group specifies retention days |
Terraform |
CloudWatchLogGroupRetention.py |
| 139 |
CKV_AWS_67 |
resource |
aws_cloudtrail |
Ensure CloudTrail is enabled in all Regions |
Terraform |
CloudtrailMultiRegion.py |
| 140 |
CKV_AWS_68 |
resource |
aws_cloudfront_distribution |
CloudFront Distribution should have WAF enabled |
Terraform |
WAFEnabled.py |
| 141 |
CKV_AWS_69 |
resource |
aws_mq_broker |
Ensure MQ Broker is not publicly exposed |
Terraform |
MQBrokerNotPubliclyExposed.py |
| 142 |
CKV_AWS_70 |
resource |
aws_s3_bucket |
Ensure S3 bucket does not allow an action with any Principal |
Terraform |
S3AllowsAnyPrincipal.py |
| 143 |
CKV_AWS_70 |
resource |
aws_s3_bucket_policy |
Ensure S3 bucket does not allow an action with any Principal |
Terraform |
S3AllowsAnyPrincipal.py |
| 144 |
CKV_AWS_71 |
resource |
aws_redshift_cluster |
Ensure Redshift Cluster logging is enabled |
Terraform |
RedshiftClusterLogging.py |
| 145 |
CKV_AWS_72 |
resource |
aws_sqs_queue_policy |
Ensure SQS policy does not allow ALL (*) actions. |
Terraform |
SQSPolicy.py |
| 146 |
CKV_AWS_73 |
resource |
aws_api_gateway_stage |
Ensure API Gateway has X-Ray Tracing enabled |
Terraform |
APIGatewayXray.py |
| 147 |
CKV_AWS_74 |
resource |
aws_docdb_cluster |
Ensure DocumentDB is encrypted at rest (default is unencrypted) |
Terraform |
DocDBEncryption.py |
| 148 |
CKV_AWS_75 |
resource |
aws_globalaccelerator_accelerator |
Ensure Global Accelerator accelerator has flow logs enabled |
Terraform |
GlobalAcceleratorAcceleratorFlowLogs.py |
| 149 |
CKV_AWS_76 |
resource |
aws_api_gateway_stage |
Ensure API Gateway has Access Logging enabled |
Terraform |
APIGatewayAccessLogging.py |
| 150 |
CKV_AWS_76 |
resource |
aws_apigatewayv2_stage |
Ensure API Gateway has Access Logging enabled |
Terraform |
APIGatewayAccessLogging.py |
| 151 |
CKV_AWS_77 |
resource |
aws_athena_database |
Ensure Athena Database is encrypted at rest (default is unencrypted) |
Terraform |
AthenaDatabaseEncryption.py |
| 152 |
CKV_AWS_78 |
resource |
aws_codebuild_project |
Ensure that CodeBuild Project encryption is not disabled |
Terraform |
CodeBuildProjectEncryption.py |
| 153 |
CKV_AWS_79 |
resource |
aws_instance |
Ensure Instance Metadata Service Version 1 is not enabled |
Terraform |
IMDSv1Disabled.py |
| 154 |
CKV_AWS_79 |
resource |
aws_launch_configuration |
Ensure Instance Metadata Service Version 1 is not enabled |
Terraform |
IMDSv1Disabled.py |
| 155 |
CKV_AWS_79 |
resource |
aws_launch_template |
Ensure Instance Metadata Service Version 1 is not enabled |
Terraform |
IMDSv1Disabled.py |
| 156 |
CKV_AWS_80 |
resource |
aws_msk_cluster |
Ensure MSK Cluster logging is enabled |
Terraform |
MSKClusterLogging.py |
| 157 |
CKV_AWS_81 |
resource |
aws_msk_cluster |
Ensure MSK Cluster encryption in rest and transit is enabled |
Terraform |
MSKClusterEncryption.py |
| 158 |
CKV_AWS_82 |
resource |
aws_athena_workgroup |
Ensure Athena Workgroup should enforce configuration to prevent client disabling encryption |
Terraform |
AthenaWorkgroupConfiguration.py |
| 159 |
CKV_AWS_83 |
resource |
aws_elasticsearch_domain |
Ensure Elasticsearch Domain enforces HTTPS |
Terraform |
ElasticsearchDomainEnforceHTTPS.py |
| 160 |
CKV_AWS_83 |
resource |
aws_opensearch_domain |
Ensure Elasticsearch Domain enforces HTTPS |
Terraform |
ElasticsearchDomainEnforceHTTPS.py |
| 161 |
CKV_AWS_84 |
resource |
aws_elasticsearch_domain |
Ensure Elasticsearch Domain Logging is enabled |
Terraform |
ElasticsearchDomainLogging.py |
| 162 |
CKV_AWS_84 |
resource |
aws_opensearch_domain |
Ensure Elasticsearch Domain Logging is enabled |
Terraform |
ElasticsearchDomainLogging.py |
| 163 |
CKV_AWS_85 |
resource |
aws_docdb_cluster |
Ensure DocumentDB Logging is enabled |
Terraform |
DocDBLogging.py |
| 164 |
CKV_AWS_86 |
resource |
aws_cloudfront_distribution |
Ensure CloudFront distribution has Access Logging enabled |
Terraform |
CloudfrontDistributionLogging.py |
| 165 |
CKV_AWS_87 |
resource |
aws_redshift_cluster |
Redshift cluster should not be publicly accessible |
Terraform |
RedshitClusterPubliclyAvailable.py |
| 166 |
CKV_AWS_88 |
resource |
aws_instance |
EC2 instance should not have public IP. |
Terraform |
EC2PublicIP.py |
| 167 |
CKV_AWS_88 |
resource |
aws_launch_template |
EC2 instance should not have public IP. |
Terraform |
EC2PublicIP.py |
| 168 |
CKV_AWS_89 |
resource |
aws_dms_replication_instance |
DMS replication instance should not be publicly accessible |
Terraform |
DMSReplicationInstancePubliclyAccessible.py |
| 169 |
CKV_AWS_90 |
resource |
aws_docdb_cluster_parameter_group |
Ensure DocumentDB TLS is not disabled |
Terraform |
DocDBTLS.py |
| 170 |
CKV_AWS_91 |
resource |
aws_alb |
Ensure the ELBv2 (Application/Network) has access logging enabled |
Terraform |
ELBv2AccessLogs.py |
| 171 |
CKV_AWS_91 |
resource |
aws_lb |
Ensure the ELBv2 (Application/Network) has access logging enabled |
Terraform |
ELBv2AccessLogs.py |
| 172 |
CKV_AWS_92 |
resource |
aws_elb |
Ensure the ELB has access logging enabled |
Terraform |
ELBAccessLogs.py |
| 173 |
CKV_AWS_93 |
resource |
aws_s3_bucket |
Ensure S3 bucket policy does not lockout all but root user. (Prevent lockouts needing root account fixes) |
Terraform |
S3ProtectAgainstPolicyLockout.py |
| 174 |
CKV_AWS_93 |
resource |
aws_s3_bucket_policy |
Ensure S3 bucket policy does not lockout all but root user. (Prevent lockouts needing root account fixes) |
Terraform |
S3ProtectAgainstPolicyLockout.py |
| 175 |
CKV_AWS_94 |
resource |
aws_glue_data_catalog_encryption_settings |
Ensure Glue Data Catalog Encryption is enabled |
Terraform |
GlueDataCatalogEncryption.py |
| 176 |
CKV_AWS_96 |
resource |
aws_rds_cluster |
Ensure all data stored in Aurora is securely encrypted at rest |
Terraform |
AuroraEncryption.py |
| 177 |
CKV_AWS_97 |
resource |
aws_ecs_task_definition |
Ensure Encryption in transit is enabled for EFS volumes in ECS Task definitions |
Terraform |
ECSTaskDefinitionEFSVolumeEncryption.py |
| 178 |
CKV_AWS_98 |
resource |
aws_sagemaker_endpoint_configuration |
Ensure all data stored in the Sagemaker Endpoint is securely encrypted at rest |
Terraform |
SagemakerEndpointConfigurationEncryption.py |
| 179 |
CKV_AWS_99 |
resource |
aws_glue_security_configuration |
Ensure Glue Security Configuration Encryption is enabled |
Terraform |
GlueSecurityConfiguration.py |
| 180 |
CKV_AWS_100 |
resource |
aws_eks_node_group |
Ensure AWS EKS node group does not have implicit SSH access from 0.0.0.0/0 |
Terraform |
EKSNodeGroupRemoteAccess.py |
| 181 |
CKV_AWS_101 |
resource |
aws_neptune_cluster |
Ensure Neptune logging is enabled |
Terraform |
NeptuneClusterLogging.py |
| 182 |
CKV_AWS_102 |
resource |
aws_neptune_cluster_instance |
Ensure Neptune Cluster instance is not publicly available |
Terraform |
NeptuneClusterInstancePublic.py |
| 183 |
CKV_AWS_103 |
resource |
aws_alb_listener |
Ensure that load balancer is using at least TLS 1.2 |
Terraform |
AppLoadBalancerTLS12.yaml |
| 184 |
CKV_AWS_103 |
resource |
aws_lb |
Ensure that load balancer is using at least TLS 1.2 |
Terraform |
AppLoadBalancerTLS12.yaml |
| 185 |
CKV_AWS_103 |
resource |
aws_lb_listener |
Ensure that load balancer is using at least TLS 1.2 |
Terraform |
AppLoadBalancerTLS12.yaml |
| 186 |
CKV_AWS_104 |
resource |
aws_docdb_cluster_parameter_group |
Ensure DocumentDB has audit logs enabled |
Terraform |
DocDBAuditLogs.py |
| 187 |
CKV_AWS_105 |
resource |
aws_redshift_parameter_group |
Ensure Redshift uses SSL |
Terraform |
RedShiftSSL.py |
| 188 |
CKV_AWS_106 |
resource |
aws_ebs_encryption_by_default |
Ensure EBS default encryption is enabled |
Terraform |
EBSDefaultEncryption.py |
| 189 |
CKV_AWS_107 |
data |
aws_iam_policy_document |
Ensure IAM policies does not allow credentials exposure |
Terraform |
IAMCredentialsExposure.py |
| 190 |
CKV_AWS_108 |
data |
aws_iam_policy_document |
Ensure IAM policies does not allow data exfiltration |
Terraform |
IAMDataExfiltration.py |
| 191 |
CKV_AWS_109 |
data |
aws_iam_policy_document |
Ensure IAM policies does not allow permissions management / resource exposure without constraints |
Terraform |
IAMPermissionsManagement.py |
| 192 |
CKV_AWS_110 |
data |
aws_iam_policy_document |
Ensure IAM policies does not allow privilege escalation |
Terraform |
IAMPrivilegeEscalation.py |
| 193 |
CKV_AWS_111 |
data |
aws_iam_policy_document |
Ensure IAM policies does not allow write access without constraints |
Terraform |
IAMWriteAccess.py |
| 194 |
CKV_AWS_112 |
resource |
aws_ssm_document |
Ensure Session Manager data is encrypted in transit |
Terraform |
SSMSessionManagerDocumentEncryption.py |
| 195 |
CKV_AWS_113 |
resource |
aws_ssm_document |
Ensure Session Manager logs are enabled and encrypted |
Terraform |
SSMSessionManagerDocumentLogging.py |
| 196 |
CKV_AWS_114 |
resource |
aws_emr_cluster |
Ensure that EMR clusters with Kerberos have Kerberos Realm set |
Terraform |
EMRClusterKerberosAttributes.py |
| 197 |
CKV_AWS_115 |
resource |
aws_lambda_function |
Ensure that AWS Lambda function is configured for function-level concurrent execution limit |
Terraform |
LambdaFunctionLevelConcurrentExecutionLimit.py |
| 198 |
CKV_AWS_116 |
resource |
aws_lambda_function |
Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ) |
Terraform |
LambdaDLQConfigured.py |
| 199 |
CKV_AWS_117 |
resource |
aws_lambda_function |
Ensure that AWS Lambda function is configured inside a VPC |
Terraform |
LambdaInVPC.py |
| 200 |
CKV_AWS_118 |
resource |
aws_db_instance |
Ensure that enhanced monitoring is enabled for Amazon RDS instances |
Terraform |
RDSEnhancedMonitorEnabled.py |
| 201 |
CKV_AWS_118 |
resource |
aws_rds_cluster_instance |
Ensure that enhanced monitoring is enabled for Amazon RDS instances |
Terraform |
RDSEnhancedMonitorEnabled.py |
| 202 |
CKV_AWS_119 |
resource |
aws_dynamodb_table |
Ensure DynamoDB Tables are encrypted using a KMS Customer Managed CMK |
Terraform |
DynamoDBTablesEncrypted.py |
| 203 |
CKV_AWS_120 |
resource |
aws_api_gateway_stage |
Ensure API Gateway caching is enabled |
Terraform |
APIGatewayCacheEnable.py |
| 204 |
CKV_AWS_121 |
resource |
aws_config_configuration_aggregator |
Ensure AWS Config is enabled in all regions |
Terraform |
ConfigConfgurationAggregatorAllRegions.py |
| 205 |
CKV_AWS_122 |
resource |
aws_sagemaker_notebook_instance |
Ensure that direct internet access is disabled for an Amazon SageMaker Notebook Instance |
Terraform |
SageMakerInternetAccessDisabled.py |
| 206 |
CKV_AWS_123 |
resource |
aws_vpc_endpoint_service |
Ensure that VPC Endpoint Service is configured for Manual Acceptance |
Terraform |
VPCEndpointAcceptanceConfigured.py |
| 207 |
CKV_AWS_124 |
resource |
aws_cloudformation_stack |
Ensure that CloudFormation stacks are sending event notifications to an SNS topic |
Terraform |
CloudformationStackNotificationArns.py |
| 208 |
CKV_AWS_126 |
resource |
aws_instance |
Ensure that detailed monitoring is enabled for EC2 instances |
Terraform |
EC2DetailedMonitoringEnabled.py |
| 209 |
CKV_AWS_127 |
resource |
aws_elb |
Ensure that Elastic Load Balancer(s) uses SSL certificates provided by AWS Certificate Manager |
Terraform |
ELBUsesSSL.py |
| 210 |
CKV_AWS_129 |
resource |
aws_db_instance |
Ensure that respective logs of Amazon Relational Database Service (Amazon RDS) are enabled |
Terraform |
DBInstanceLogging.py |
| 211 |
CKV_AWS_130 |
resource |
aws_subnet |
Ensure VPC subnets do not assign public IP by default |
Terraform |
SubnetPublicIP.py |
| 212 |
CKV_AWS_131 |
resource |
aws_alb |
Ensure that ALB drops HTTP headers |
Terraform |
ALBDropHttpHeaders.py |
| 213 |
CKV_AWS_131 |
resource |
aws_lb |
Ensure that ALB drops HTTP headers |
Terraform |
ALBDropHttpHeaders.py |
| 214 |
CKV_AWS_133 |
resource |
aws_db_instance |
Ensure that RDS instances has backup policy |
Terraform |
DBInstanceBackupRetentionPeriod.py |
| 215 |
CKV_AWS_133 |
resource |
aws_rds_cluster |
Ensure that RDS instances has backup policy |
Terraform |
DBInstanceBackupRetentionPeriod.py |
| 216 |
CKV_AWS_134 |
resource |
aws_elasticache_cluster |
Ensure that Amazon ElastiCache Redis clusters have automatic backup turned on |
Terraform |
ElasticCacheAutomaticBackup.py |
| 217 |
CKV_AWS_135 |
resource |
aws_instance |
Ensure that EC2 is EBS optimized |
Terraform |
EC2EBSOptimized.py |
| 218 |
CKV_AWS_136 |
resource |
aws_ecr_repository |
Ensure that ECR repositories are encrypted using KMS |
Terraform |
ECRRepositoryEncrypted.py |
| 219 |
CKV_AWS_137 |
resource |
aws_elasticsearch_domain |
Ensure that Elasticsearch is configured inside a VPC |
Terraform |
ElasticsearchInVPC.py |
| 220 |
CKV_AWS_137 |
resource |
aws_opensearch_domain |
Ensure that Elasticsearch is configured inside a VPC |
Terraform |
ElasticsearchInVPC.py |
| 221 |
CKV_AWS_138 |
resource |
aws_elb |
Ensure that ELB is cross-zone-load-balancing enabled |
Terraform |
ELBCrossZoneEnable.py |
| 222 |
CKV_AWS_139 |
resource |
aws_rds_cluster |
Ensure that RDS clusters have deletion protection enabled |
Terraform |
RDSDeletionProtection.py |
| 223 |
CKV_AWS_140 |
resource |
aws_rds_global_cluster |
Ensure that RDS global clusters are encrypted |
Terraform |
RDSClusterEncrypted.py |
| 224 |
CKV_AWS_141 |
resource |
aws_redshift_cluster |
Ensured that Redshift cluster allowing version upgrade by default |
Terraform |
RedshiftClusterAllowVersionUpgrade.py |
| 225 |
CKV_AWS_142 |
resource |
aws_redshift_cluster |
Ensure that Redshift cluster is encrypted by KMS |
Terraform |
RedshiftClusterKMSKey.py |
| 226 |
CKV_AWS_143 |
resource |
aws_s3_bucket |
Ensure that S3 bucket has lock configuration enabled by default |
Terraform |
S3BucketObjectLock.py |
| 227 |
CKV_AWS_144 |
resource |
aws_s3_bucket |
Ensure that S3 bucket has cross-region replication enabled |
Terraform |
S3BucketReplicationConfiguration.yaml |
| 228 |
CKV_AWS_144 |
resource |
aws_s3_bucket_replication_configuration |
Ensure that S3 bucket has cross-region replication enabled |
Terraform |
S3BucketReplicationConfiguration.yaml |
| 229 |
CKV_AWS_145 |
resource |
aws_s3_bucket |
Ensure that S3 buckets are encrypted with KMS by default |
Terraform |
S3KMSEncryptedByDefault.yaml |
| 230 |
CKV_AWS_145 |
resource |
aws_s3_bucket_server_side_encryption_configuration |
Ensure that S3 buckets are encrypted with KMS by default |
Terraform |
S3KMSEncryptedByDefault.yaml |
| 231 |
CKV_AWS_146 |
resource |
aws_db_cluster_snapshot |
Ensure that RDS database cluster snapshot is encrypted |
Terraform |
RDSClusterSnapshotEncrypted.py |
| 232 |
CKV_AWS_147 |
resource |
aws_codebuild_project |
Ensure that CodeBuild projects are encrypted using CMK |
Terraform |
CodebuildUsesCMK.py |
| 233 |
CKV_AWS_148 |
resource |
aws_default_vpc |
Ensure no default VPC is planned to be provisioned |
Terraform |
VPCDefaultNetwork.py |
| 234 |
CKV_AWS_149 |
resource |
aws_secretsmanager_secret |
Ensure that Secrets Manager secret is encrypted using KMS CMK |
Terraform |
SecretManagerSecretEncrypted.py |
| 235 |
CKV_AWS_150 |
resource |
aws_alb |
Ensure that Load Balancer has deletion protection enabled |
Terraform |
LBDeletionProtection.py |
| 236 |
CKV_AWS_150 |
resource |
aws_lb |
Ensure that Load Balancer has deletion protection enabled |
Terraform |
LBDeletionProtection.py |
| 237 |
CKV_AWS_152 |
resource |
aws_alb |
Ensure that Load Balancer (Network/Gateway) has cross-zone load balancing enabled |
Terraform |
LBCrossZone.py |
| 238 |
CKV_AWS_152 |
resource |
aws_lb |
Ensure that Load Balancer (Network/Gateway) has cross-zone load balancing enabled |
Terraform |
LBCrossZone.py |
| 239 |
CKV_AWS_153 |
resource |
aws_autoscaling_group |
Autoscaling groups should supply tags to launch configurations |
Terraform |
AutoScalingTagging.py |
| 240 |
CKV_AWS_154 |
resource |
aws_redshift_cluster |
Ensure Redshift is not deployed outside of a VPC |
Terraform |
RedshiftInEc2ClassicMode.py |
| 241 |
CKV_AWS_155 |
resource |
aws_workspaces_workspace |
Ensure that Workspace user volumes are encrypted |
Terraform |
WorkspaceUserVolumeEncrypted.py |
| 242 |
CKV_AWS_156 |
resource |
aws_workspaces_workspace |
Ensure that Workspace root volumes are encrypted |
Terraform |
WorkspaceRootVolumeEncrypted.py |
| 243 |
CKV_AWS_157 |
resource |
aws_db_instance |
Ensure that RDS instances have Multi-AZ enabled |
Terraform |
RDSMultiAZEnabled.py |
| 244 |
CKV_AWS_158 |
resource |
aws_cloudwatch_log_group |
Ensure that CloudWatch Log Group is encrypted by KMS |
Terraform |
CloudWatchLogGroupKMSKey.py |
| 245 |
CKV_AWS_159 |
resource |
aws_athena_workgroup |
Ensure that Athena Workgroup is encrypted |
Terraform |
AthenaWorkgroupEncryption.py |
| 246 |
CKV_AWS_160 |
resource |
aws_timestreamwrite_database |
Ensure that Timestream database is encrypted with KMS CMK |
Terraform |
TimestreamDatabaseKMSKey.py |
| 247 |
CKV_AWS_161 |
resource |
aws_db_instance |
Ensure RDS database has IAM authentication enabled |
Terraform |
RDSIAMAuthentication.py |
| 248 |
CKV_AWS_162 |
resource |
aws_rds_cluster |
Ensure RDS cluster has IAM authentication enabled |
Terraform |
RDSClusterIAMAuthentication.py |
| 249 |
CKV_AWS_163 |
resource |
aws_ecr_repository |
Ensure ECR image scanning on push is enabled |
Terraform |
ECRImageScanning.py |
| 250 |
CKV_AWS_164 |
resource |
aws_transfer_server |
Ensure Transfer Server is not exposed publicly. |
Terraform |
TransferServerIsPublic.py |
| 251 |
CKV_AWS_165 |
resource |
aws_dynamodb_global_table |
Ensure DynamoDB point in time recovery (backup) is enabled for global tables |
Terraform |
DynamoDBGlobalTableRecovery.py |
| 252 |
CKV_AWS_166 |
resource |
aws_backup_vault |
Ensure Backup Vault is encrypted at rest using KMS CMK |
Terraform |
BackupVaultEncrypted.py |
| 253 |
CKV_AWS_167 |
resource |
aws_glacier_vault |
Ensure Glacier Vault access policy is not public by only allowing specific services or principals to access it |
Terraform |
GlacierVaultAnyPrincipal.py |
| 254 |
CKV_AWS_168 |
resource |
aws_sqs_queue |
Ensure SQS queue policy is not public by only allowing specific services or principals to access it |
Terraform |
SQSQueuePolicyAnyPrincipal.py |
| 255 |
CKV_AWS_168 |
resource |
aws_sqs_queue_policy |
Ensure SQS queue policy is not public by only allowing specific services or principals to access it |
Terraform |
SQSQueuePolicyAnyPrincipal.py |
| 256 |
CKV_AWS_169 |
resource |
aws_sns_topic_policy |
Ensure SNS topic policy is not public by only allowing specific services or principals to access it |
Terraform |
SNSTopicPolicyAnyPrincipal.py |
| 257 |
CKV_AWS_170 |
resource |
aws_qldb_ledger |
Ensure QLDB ledger permissions mode is set to STANDARD |
Terraform |
QLDBLedgerPermissionsMode.py |
| 258 |
CKV_AWS_171 |
resource |
aws_emr_security_configuration |
Ensure EMR Cluster security configuration encryption is using SSE-KMS |
Terraform |
EMRClusterIsEncryptedKMS.py |
| 259 |
CKV_AWS_172 |
resource |
aws_qldb_ledger |
Ensure QLDB ledger has deletion protection enabled |
Terraform |
QLDBLedgerDeletionProtection.py |
| 260 |
CKV_AWS_173 |
resource |
aws_lambda_function |
Check encryption settings for Lambda environmental variable |
Terraform |
LambdaEnvironmentEncryptionSettings.py |
| 261 |
CKV_AWS_174 |
resource |
aws_cloudfront_distribution |
Verify CloudFront Distribution Viewer Certificate is using TLS v1.2 or higher |
Terraform |
CloudfrontTLS12.py |
| 262 |
CKV_AWS_175 |
resource |
aws_waf_web_acl |
Ensure WAF has associated rules |
Terraform |
WAFHasAnyRules.py |
| 263 |
CKV_AWS_175 |
resource |
aws_wafregional_web_acl |
Ensure WAF has associated rules |
Terraform |
WAFHasAnyRules.py |
| 264 |
CKV_AWS_175 |
resource |
aws_wafv2_web_acl |
Ensure WAF has associated rules |
Terraform |
WAFHasAnyRules.py |
| 265 |
CKV_AWS_176 |
resource |
aws_waf_web_acl |
Ensure Logging is enabled for WAF Web Access Control Lists |
Terraform |
WAFHasLogs.py |
| 266 |
CKV_AWS_176 |
resource |
aws_wafregional_web_acl |
Ensure Logging is enabled for WAF Web Access Control Lists |
Terraform |
WAFHasLogs.py |
| 267 |
CKV_AWS_177 |
resource |
aws_kinesis_video_stream |
Ensure Kinesis Video Stream is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
KinesisVideoEncryptedWithCMK.py |
| 268 |
CKV_AWS_178 |
resource |
aws_fsx_ontap_file_system |
Ensure fx ontap file system is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
FSXOntapFSEncryptedWithCMK.py |
| 269 |
CKV_AWS_179 |
resource |
aws_fsx_windows_file_system |
Ensure FSX Windows filesystem is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
FSXWindowsFSEncryptedWithCMK.py |
| 270 |
CKV_AWS_180 |
resource |
aws_imagebuilder_component |
Ensure Image Builder component is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
ImagebuilderComponentEncryptedWithCMK.py |
| 271 |
CKV_AWS_181 |
resource |
aws_s3_object_copy |
Ensure S3 Object Copy is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
S3ObjectCopyEncryptedWithCMK.py |
| 272 |
CKV_AWS_182 |
resource |
aws_docdb_cluster |
Ensure DocumentDB is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
DocDBEncryptedWithCMK.py |
| 273 |
CKV_AWS_183 |
resource |
aws_ebs_snapshot_copy |
Ensure EBS Snapshot Copy is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
EBSSnapshotCopyEncryptedWithCMK.py |
| 274 |
CKV_AWS_184 |
resource |
aws_efs_file_system |
Ensure resource is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
EFSFileSystemEncryptedWithCMK.py |
| 275 |
CKV_AWS_185 |
resource |
aws_kinesis_stream |
Ensure Kinesis Stream is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
KinesisStreamEncryptedWithCMK.py |
| 276 |
CKV_AWS_186 |
resource |
aws_s3_bucket_object |
Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
S3BucketObjectEncryptedWithCMK.py |
| 277 |
CKV_AWS_187 |
resource |
aws_sagemaker_domain |
Ensure Sagemaker domain and notebook instance are encrypted by KMS using a customer managed Key (CMK) |
Terraform |
SagemakerDomainEncryptedWithCMK.py |
| 278 |
CKV_AWS_187 |
resource |
aws_sagemaker_notebook_instance |
Ensure Sagemaker domain and notebook instance are encrypted by KMS using a customer managed Key (CMK) |
Terraform |
SagemakerDomainEncryptedWithCMK.py |
| 279 |
CKV_AWS_189 |
resource |
aws_ebs_volume |
Ensure EBS Volume is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
EBSVolumeEncryptedWithCMK.py |
| 280 |
CKV_AWS_190 |
resource |
aws_fsx_lustre_file_system |
Ensure lustre file systems is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
LustreFSEncryptedWithCMK.py |
| 281 |
CKV_AWS_191 |
resource |
aws_elasticache_replication_group |
Ensure ElastiCache replication group is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
ElasticacheReplicationGroupEncryptedWithCMK.py |
| 282 |
CKV_AWS_192 |
resource |
aws_wafv2_web_acl |
Ensure WAF prevents message lookup in Log4j2. See CVE-2021-44228 aka log4jshell |
Terraform |
WAFACLCVE202144228.py |
| 283 |
CKV_AWS_193 |
resource |
aws_appsync_graphql_api |
Ensure AppSync has Logging enabled |
Terraform |
AppSyncLogging.py |
| 284 |
CKV_AWS_194 |
resource |
aws_appsync_graphql_api |
Ensure AppSync has Field-Level logs enabled |
Terraform |
AppSyncFieldLevelLogs.py |
| 285 |
CKV_AWS_195 |
resource |
aws_glue_crawler |
Ensure Glue component has a security configuration associated |
Terraform |
GlueSecurityConfigurationEnabled.py |
| 286 |
CKV_AWS_195 |
resource |
aws_glue_dev_endpoint |
Ensure Glue component has a security configuration associated |
Terraform |
GlueSecurityConfigurationEnabled.py |
| 287 |
CKV_AWS_195 |
resource |
aws_glue_job |
Ensure Glue component has a security configuration associated |
Terraform |
GlueSecurityConfigurationEnabled.py |
| 288 |
CKV_AWS_196 |
resource |
aws_elasticache_security_group |
Ensure no aws_elasticache_security_group resources exist |
Terraform |
ElasticacheHasSecurityGroup.py |
| 289 |
CKV_AWS_197 |
resource |
aws_mq_broker |
Ensure MQ Broker Audit logging is enabled |
Terraform |
MQBrokerAuditLogging.py |
| 290 |
CKV_AWS_198 |
resource |
aws_db_security_group |
Ensure no aws_db_security_group resources exist |
Terraform |
RDSHasSecurityGroup.py |
| 291 |
CKV_AWS_199 |
resource |
aws_imagebuilder_distribution_configuration |
Ensure Image Builder Distribution Configuration encrypts AMI’s using KMS - a customer managed Key (CMK) |
Terraform |
ImagebuilderDistributionConfigurationEncryptedWithCMK.py |
| 292 |
CKV_AWS_200 |
resource |
aws_imagebuilder_image_recipe |
Ensure that Image Recipe EBS Disk are encrypted with CMK |
Terraform |
ImagebuilderImageRecipeEBSEncrypted.py |
| 293 |
CKV_AWS_201 |
resource |
aws_memorydb_cluster |
Ensure MemoryDB is encrypted at rest using KMS CMKs |
Terraform |
MemoryDBEncryptionWithCMK.py |
| 294 |
CKV_AWS_202 |
resource |
aws_memorydb_cluster |
Ensure MemoryDB data is encrypted in transit |
Terraform |
MemoryDBClusterIntransitEncryption.py |
| 295 |
CKV_AWS_203 |
resource |
aws_fsx_openzfs_file_system |
Ensure resource is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
FSXOpenZFSFileSystemEncryptedWithCMK.py |
| 296 |
CKV_AWS_204 |
resource |
aws_ami |
Ensure AMIs are encrypted using KMS CMKs |
Terraform |
AMIEncryption.py |
| 297 |
CKV_AWS_205 |
resource |
aws_ami_launch_permission |
Ensure to Limit AMI launch Permissions |
Terraform |
AMILaunchIsShared.py |
| 298 |
CKV_AWS_206 |
resource |
aws_api_gateway_domain_name |
Ensure API Gateway Domain uses a modern security Policy |
Terraform |
APIGatewayDomainNameTLS.py |
| 299 |
CKV_AWS_207 |
resource |
aws_mq_broker |
Ensure MQ Broker minor version updates are enabled |
Terraform |
MQBrokerMinorAutoUpgrade.py |
| 300 |
CKV_AWS_208 |
resource |
aws_mq_broker |
Ensure MQ Broker version is current |
Terraform |
MQBrokerVersion.py |
| 301 |
CKV_AWS_208 |
resource |
aws_mq_configuration |
Ensure MQ Broker version is current |
Terraform |
MQBrokerVersion.py |
| 302 |
CKV_AWS_209 |
resource |
aws_mq_broker |
Ensure MQ broker encrypted by KMS using a customer managed Key (CMK) |
Terraform |
MQBrokerEncryptedWithCMK.py |
| 303 |
CKV_AWS_210 |
resource |
aws_batch_job_definition |
Batch job does not define a privileged container |
Terraform |
BatchJobIsNotPrivileged.py |
| 304 |
CKV_AWS_211 |
resource |
aws_db_instance |
Ensure RDS uses a modern CaCert |
Terraform |
RDSCACertIsRecent.py |
| 305 |
CKV_AWS_212 |
resource |
aws_dms_replication_instance |
Ensure DMS replication instance is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
DMSReplicationInstanceEncryptedWithCMK.py |
| 306 |
CKV_AWS_213 |
resource |
aws_load_balancer_policy |
Ensure ELB Policy uses only secure protocols |
Terraform |
ELBPolicyUsesSecureProtocols.py |
| 307 |
CKV_AWS_214 |
resource |
aws_appsync_api_cache |
Ensure AppSync API Cache is encrypted at rest |
Terraform |
AppsyncAPICacheEncryptionAtRest.py |
| 308 |
CKV_AWS_215 |
resource |
aws_appsync_api_cache |
Ensure AppSync API Cache is encrypted in transit |
Terraform |
AppsyncAPICacheEncryptionInTransit.py |
| 309 |
CKV_AWS_216 |
resource |
aws_cloudfront_distribution |
Ensure CloudFront distribution is enabled |
Terraform |
CloudfrontDistributionEnabled.py |
| 310 |
CKV_AWS_217 |
resource |
aws_api_gateway_deployment |
Ensure Create before destroy for API deployments |
Terraform |
APIGatewayDeploymentCreateBeforeDestroy.py |
| 311 |
CKV_AWS_218 |
resource |
aws_cloudsearch_domain |
Ensure that CloudSearch is using latest TLS |
Terraform |
CloudsearchDomainTLS.py |
| 312 |
CKV_AWS_219 |
resource |
aws_codepipeline |
Ensure CodePipeline Artifact store is using a KMS CMK |
Terraform |
CodePipelineArtifactsEncrypted.py |
| 313 |
CKV_AWS_220 |
resource |
aws_cloudsearch_domain |
Ensure that CloudSearch is using https |
Terraform |
CloudsearchDomainEnforceHttps.py |
| 314 |
CKV_AWS_221 |
resource |
aws_codeartifact_domain |
Ensure CodeArtifact Domain is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
CodeArtifactDomainEncryptedWithCMK.py |
| 315 |
CKV_AWS_222 |
resource |
aws_dms_replication_instance |
Ensure DMS replication instance gets all minor upgrade automatically |
Terraform |
DMSReplicationInstanceMinorUpgrade.py |
| 316 |
CKV_AWS_223 |
resource |
aws_ecs_cluster |
Ensure ECS Cluster enables logging of ECS Exec |
Terraform |
ECSClusterLoggingEnabled.py |
| 317 |
CKV_AWS_224 |
resource |
aws_ecs_cluster |
Ensure ECS Cluster logging is enabled and client to container communication uses CMK |
Terraform |
ECSClusterLoggingEncryptedWithCMK.py |
| 318 |
CKV_AWS_225 |
resource |
aws_api_gateway_method_settings |
Ensure API Gateway method setting caching is enabled |
Terraform |
APIGatewayMethodSettingsCacheEnabled.py |
| 319 |
CKV_AWS_226 |
resource |
aws_db_instance |
Ensure DB instance gets all minor upgrades automatically |
Terraform |
DBInstanceMinorUpgrade.py |
| 320 |
CKV_AWS_226 |
resource |
aws_rds_cluster_instance |
Ensure DB instance gets all minor upgrades automatically |
Terraform |
DBInstanceMinorUpgrade.py |
| 321 |
CKV_AWS_227 |
resource |
aws_kms_key |
Ensure KMS key is enabled |
Terraform |
KMSKeyIsEnabled.py |
| 322 |
CKV_AWS_228 |
resource |
aws_elasticsearch_domain |
Verify Elasticsearch domain is using an up to date TLS policy |
Terraform |
ElasticsearchTLSPolicy.py |
| 323 |
CKV_AWS_228 |
resource |
aws_opensearch_domain |
Verify Elasticsearch domain is using an up to date TLS policy |
Terraform |
ElasticsearchTLSPolicy.py |
| 324 |
CKV_AWS_229 |
resource |
aws_network_acl |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 21 |
Terraform |
NetworkACLUnrestrictedIngress21.py |
| 325 |
CKV_AWS_229 |
resource |
aws_network_acl_rule |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 21 |
Terraform |
NetworkACLUnrestrictedIngress21.py |
| 326 |
CKV_AWS_230 |
resource |
aws_network_acl |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 20 |
Terraform |
NetworkACLUnrestrictedIngress20.py |
| 327 |
CKV_AWS_230 |
resource |
aws_network_acl_rule |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 20 |
Terraform |
NetworkACLUnrestrictedIngress20.py |
| 328 |
CKV_AWS_231 |
resource |
aws_network_acl |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 3389 |
Terraform |
NetworkACLUnrestrictedIngress3389.py |
| 329 |
CKV_AWS_231 |
resource |
aws_network_acl_rule |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 3389 |
Terraform |
NetworkACLUnrestrictedIngress3389.py |
| 330 |
CKV_AWS_232 |
resource |
aws_network_acl |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 22 |
Terraform |
NetworkACLUnrestrictedIngress22.py |
| 331 |
CKV_AWS_232 |
resource |
aws_network_acl_rule |
Ensure no NACL allow ingress from 0.0.0.0:0 to port 22 |
Terraform |
NetworkACLUnrestrictedIngress22.py |
| 332 |
CKV_AWS_233 |
resource |
aws_acm_certificate |
Ensure Create before destroy for ACM certificates |
Terraform |
ACMCertCreateBeforeDestroy.py |
| 333 |
CKV_AWS_234 |
resource |
aws_acm_certificate |
Verify logging preference for ACM certificates |
Terraform |
ACMCertSetLoggingPreference.py |
| 334 |
CKV_AWS_235 |
resource |
aws_ami_copy |
Ensure that copied AMIs are encrypted |
Terraform |
AMICopyIsEncrypted.py |
| 335 |
CKV_AWS_236 |
resource |
aws_ami_copy |
Ensure AMI copying uses a CMK |
Terraform |
AMICopyUsesCMK.py |
| 336 |
CKV_AWS_237 |
resource |
aws_api_gateway_rest_api |
Ensure Create before destroy for API Gateway |
Terraform |
APIGatewayCreateBeforeDestroy.py |
| 337 |
CKV_AWS_238 |
resource |
aws_guardduty_detector |
Ensure that GuardDuty detector is enabled |
Terraform |
GuarddutyDetectorEnabled.py |
| 338 |
CKV_AWS_239 |
resource |
aws_dax_cluster |
Ensure DAX cluster endpoint is using TLS |
Terraform |
DAXEndpointTLS.py |
| 339 |
CKV_AWS_240 |
resource |
aws_kinesis_firehose_delivery_stream |
Ensure Kinesis Firehose delivery stream is encrypted |
Terraform |
KinesisFirehoseDeliveryStreamSSE.py |
| 340 |
CKV_AWS_241 |
resource |
aws_kinesis_firehose_delivery_stream |
Ensure that Kinesis Firehose Delivery Streams are encrypted with CMK |
Terraform |
KinesisFirehoseDeliveryStreamUsesCMK.py |
| 341 |
CKV_AWS_242 |
resource |
aws_mwaa_environment |
Ensure MWAA environment has scheduler logs enabled |
Terraform |
MWAASchedulerLogsEnabled.py |
| 342 |
CKV_AWS_243 |
resource |
aws_mwaa_environment |
Ensure MWAA environment has worker logs enabled |
Terraform |
MWAAWorkerLogsEnabled.py |
| 343 |
CKV_AWS_244 |
resource |
aws_mwaa_environment |
Ensure MWAA environment has webserver logs enabled |
Terraform |
MWAAWebserverLogsEnabled.py |
| 344 |
CKV_AWS_245 |
resource |
aws_db_instance_automated_backups_replication |
Ensure replicated backups are encrypted at rest using KMS CMKs |
Terraform |
RDSInstanceAutoBackupEncryptionWithCMK.py |
| 345 |
CKV_AWS_246 |
resource |
aws_rds_cluster_activity_stream |
Ensure RDS Cluster activity streams are encrypted using KMS CMKs |
Terraform |
RDSClusterActivityStreamEncryptedWithCMK.py |
| 346 |
CKV_AWS_247 |
resource |
aws_elasticsearch_domain |
Ensure all data stored in the Elasticsearch is encrypted with a CMK |
Terraform |
ElasticsearchEncryptionWithCMK.py |
| 347 |
CKV_AWS_247 |
resource |
aws_opensearch_domain |
Ensure all data stored in the Elasticsearch is encrypted with a CMK |
Terraform |
ElasticsearchEncryptionWithCMK.py |
| 348 |
CKV_AWS_248 |
resource |
aws_elasticsearch_domain |
Ensure that Elasticsearch is not using the default Security Group |
Terraform |
ElasticsearchDefaultSG.py |
| 349 |
CKV_AWS_248 |
resource |
aws_opensearch_domain |
Ensure that Elasticsearch is not using the default Security Group |
Terraform |
ElasticsearchDefaultSG.py |
| 350 |
CKV_AWS_249 |
resource |
aws_ecs_task_definition |
Ensure that the Execution Role ARN and the Task Role ARN are different in ECS Task definitions |
Terraform |
ECSTaskDefinitionRoleCheck.py |
| 351 |
CKV_AWS_250 |
resource |
aws_db_instance |
Ensure that RDS PostgreSQL instances use a non vulnerable version with the log_fdw extension (https://aws.amazon.com/security/security-bulletins/AWS-2022-004/) |
Terraform |
RDSPostgreSQLLogFDWExtension.py |
| 352 |
CKV_AWS_250 |
resource |
aws_rds_cluster |
Ensure that RDS PostgreSQL instances use a non vulnerable version with the log_fdw extension (https://aws.amazon.com/security/security-bulletins/AWS-2022-004/) |
Terraform |
RDSPostgreSQLLogFDWExtension.py |
| 353 |
CKV_AWS_251 |
resource |
aws_cloudtrail |
Ensure CloudTrail logging is enabled |
Terraform |
CloudtrailEnableLogging.py |
| 354 |
CKV_AWS_252 |
resource |
aws_cloudtrail |
Ensure CloudTrail defines an SNS Topic |
Terraform |
CloudtrailDefinesSNSTopic.py |
| 355 |
CKV_AWS_253 |
resource |
aws_dlm_lifecycle_policy |
Ensure DLM cross region events are encrypted |
Terraform |
DLMEventsCrossRegionEncryption.py |
| 356 |
CKV_AWS_254 |
resource |
aws_dlm_lifecycle_policy |
Ensure DLM cross region events are encrypted with Customer Managed Key |
Terraform |
DLMEventsCrossRegionEncryptionWithCMK.py |
| 357 |
CKV_AWS_255 |
resource |
aws_dlm_lifecycle_policy |
Ensure DLM cross region schedules are encrypted |
Terraform |
DLMScheduleCrossRegionEncryption.py |
| 358 |
CKV_AWS_256 |
resource |
aws_dlm_lifecycle_policy |
Ensure DLM cross region schedules are encrypted using a Customer Managed Key |
Terraform |
DLMScheduleCrossRegionEncryptionWithCMK.py |
| 359 |
CKV_AWS_257 |
resource |
aws_codecommit_approval_rule_template |
Ensure CodeCommit branch changes have at least 2 approvals |
Terraform |
CodecommitApprovalsRulesRequireMin2.py |
| 360 |
CKV_AWS_258 |
resource |
aws_lambda_function_url |
Ensure that Lambda function URLs AuthType is not None |
Terraform |
LambdaFunctionURLAuth.py |
| 361 |
CKV_AWS_259 |
resource |
aws_cloudfront_response_headers_policy |
Ensure CloudFront response header policy enforces Strict Transport Security |
Terraform |
CloudFrontResponseHeaderStrictTransportSecurity.py |
| 362 |
CKV_AWS_260 |
resource |
aws_security_group |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 80 |
Terraform |
SecurityGroupUnrestrictedIngress80.py |
| 363 |
CKV_AWS_260 |
resource |
aws_security_group_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 80 |
Terraform |
SecurityGroupUnrestrictedIngress80.py |
| 364 |
CKV_AWS_260 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 80 |
Terraform |
SecurityGroupUnrestrictedIngress80.py |
| 365 |
CKV_AWS_261 |
resource |
aws_alb_target_group |
Ensure HTTP HTTPS Target group defines Healthcheck |
Terraform |
LBTargetGroupsDefinesHealthcheck.py |
| 366 |
CKV_AWS_261 |
resource |
aws_lb_target_group |
Ensure HTTP HTTPS Target group defines Healthcheck |
Terraform |
LBTargetGroupsDefinesHealthcheck.py |
| 367 |
CKV_AWS_262 |
resource |
aws_kendra_index |
Ensure Kendra index Server side encryption uses CMK |
Terraform |
KendraIndexSSEUsesCMK.py |
| 368 |
CKV_AWS_263 |
resource |
aws_appflow_flow |
Ensure AppFlow flow uses CMK |
Terraform |
AppFlowUsesCMK.py |
| 369 |
CKV_AWS_264 |
resource |
aws_appflow_connector_profile |
Ensure AppFlow connector profile uses CMK |
Terraform |
AppFlowConnectorProfileUsesCMK.py |
| 370 |
CKV_AWS_265 |
resource |
aws_keyspaces_table |
Ensure Keyspaces Table uses CMK |
Terraform |
KeyspacesTableUsesCMK.py |
| 371 |
CKV_AWS_266 |
resource |
aws_db_snapshot_copy |
Ensure DB Snapshot copy uses CMK |
Terraform |
DBSnapshotCopyUsesCMK.py |
| 372 |
CKV_AWS_267 |
resource |
aws_comprehend_entity_recognizer |
Ensure that Comprehend Entity Recognizer’s model is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
ComprehendEntityRecognizerModelUsesCMK.py |
| 373 |
CKV_AWS_268 |
resource |
aws_comprehend_entity_recognizer |
Ensure that Comprehend Entity Recognizer’s volume is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
ComprehendEntityRecognizerVolumeUsesCMK.py |
| 374 |
CKV_AWS_269 |
resource |
aws_connect_instance_storage_config |
Ensure Connect Instance Kinesis Video Stream Storage Config uses CMK |
Terraform |
ConnectInstanceKinesisVideoStreamStorageConfigUsesCMK.py |
| 375 |
CKV_AWS_270 |
resource |
aws_connect_instance_storage_config |
Ensure Connect Instance S3 Storage Config uses CMK |
Terraform |
ConnectInstanceS3StorageConfigUsesCMK.py |
| 376 |
CKV_AWS_271 |
resource |
aws_dynamodb_table_replica |
Ensure DynamoDB table replica KMS encryption uses CMK |
Terraform |
DynamoDBTableReplicaKMSUsesCMK.py |
| 377 |
CKV_AWS_272 |
resource |
aws_lambda_function |
Ensure AWS Lambda function is configured to validate code-signing |
Terraform |
LambdaCodeSigningConfigured.py |
| 378 |
CKV_AWS_273 |
resource |
aws_iam_user |
Ensure access is controlled through SSO and not AWS IAM defined users |
Terraform |
IAMUserNotUsedForAccess.py |
| 379 |
CKV_AWS_274 |
resource |
aws_iam_group_policy_attachment |
Disallow IAM roles, users, and groups from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 380 |
CKV_AWS_274 |
resource |
aws_iam_policy_attachment |
Disallow IAM roles, users, and groups from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 381 |
CKV_AWS_274 |
resource |
aws_iam_role |
Disallow IAM roles, users, and groups from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 382 |
CKV_AWS_274 |
resource |
aws_iam_role_policy_attachment |
Disallow IAM roles, users, and groups from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 383 |
CKV_AWS_274 |
resource |
aws_iam_user_policy_attachment |
Disallow IAM roles, users, and groups from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 384 |
CKV_AWS_274 |
resource |
aws_ssoadmin_managed_policy_attachment |
Disallow IAM roles, users, and groups from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 385 |
CKV_AWS_275 |
data |
aws_iam_policy |
Disallow policies from using the AWS AdministratorAccess policy |
Terraform |
IAMManagedAdminPolicy.py |
| 386 |
CKV_AWS_276 |
resource |
aws_api_gateway_method_settings |
Ensure Data Trace is not enabled in API Gateway Method Settings |
Terraform |
APIGatewayMethodSettingsDataTrace.py |
| 387 |
CKV_AWS_277 |
resource |
aws_security_group |
Ensure no security groups allow ingress from 0.0.0.0:0 to port -1 |
Terraform |
SecurityGroupUnrestrictedIngressAny.py |
| 388 |
CKV_AWS_277 |
resource |
aws_security_group_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port -1 |
Terraform |
SecurityGroupUnrestrictedIngressAny.py |
| 389 |
CKV_AWS_277 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure no security groups allow ingress from 0.0.0.0:0 to port -1 |
Terraform |
SecurityGroupUnrestrictedIngressAny.py |
| 390 |
CKV_AWS_278 |
resource |
aws_memorydb_snapshot |
Ensure MemoryDB snapshot is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
MemoryDBSnapshotEncryptionWithCMK.py |
| 391 |
CKV_AWS_279 |
resource |
aws_neptune_cluster_snapshot |
Ensure Neptune snapshot is securely encrypted |
Terraform |
NeptuneClusterSnapshotEncrypted.py |
| 392 |
CKV_AWS_280 |
resource |
aws_neptune_cluster_snapshot |
Ensure Neptune snapshot is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
NeptuneClusterSnapshotEncryptedWithCMK.py |
| 393 |
CKV_AWS_281 |
resource |
aws_redshift_snapshot_copy_grant |
Ensure RedShift snapshot copy is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
RedshiftClusterSnapshotCopyGrantEncryptedWithCMK.py |
| 394 |
CKV_AWS_282 |
resource |
aws_redshiftserverless_namespace |
Ensure that Redshift Serverless namespace is encrypted by KMS using a customer managed key (CMK) |
Terraform |
RedshiftServerlessNamespaceKMSKey.py |
| 395 |
CKV_AWS_283 |
data |
aws_iam_policy_document |
Ensure no IAM policies documents allow ALL or any AWS principal permissions to the resource |
Terraform |
IAMPublicActionsPolicy.py |
| 396 |
CKV_AWS_284 |
resource |
aws_sfn_state_machine |
Ensure State Machine has X-Ray tracing enabled |
Terraform |
StateMachineXray.py |
| 397 |
CKV_AWS_285 |
resource |
aws_sfn_state_machine |
Ensure State Machine has execution history logging enabled |
Terraform |
StateMachineLoggingExecutionHistory.py |
| 398 |
CKV_AWS_286 |
resource |
aws_iam_group_policy |
Ensure IAM policies does not allow privilege escalation |
Terraform |
IAMPrivilegeEscalation.py |
| 399 |
CKV_AWS_286 |
resource |
aws_iam_policy |
Ensure IAM policies does not allow privilege escalation |
Terraform |
IAMPrivilegeEscalation.py |
| 400 |
CKV_AWS_286 |
resource |
aws_iam_role_policy |
Ensure IAM policies does not allow privilege escalation |
Terraform |
IAMPrivilegeEscalation.py |
| 401 |
CKV_AWS_286 |
resource |
aws_iam_user_policy |
Ensure IAM policies does not allow privilege escalation |
Terraform |
IAMPrivilegeEscalation.py |
| 402 |
CKV_AWS_286 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure IAM policies does not allow privilege escalation |
Terraform |
IAMPrivilegeEscalation.py |
| 403 |
CKV_AWS_287 |
resource |
aws_iam_group_policy |
Ensure IAM policies does not allow credentials exposure |
Terraform |
IAMCredentialsExposure.py |
| 404 |
CKV_AWS_287 |
resource |
aws_iam_policy |
Ensure IAM policies does not allow credentials exposure |
Terraform |
IAMCredentialsExposure.py |
| 405 |
CKV_AWS_287 |
resource |
aws_iam_role_policy |
Ensure IAM policies does not allow credentials exposure |
Terraform |
IAMCredentialsExposure.py |
| 406 |
CKV_AWS_287 |
resource |
aws_iam_user_policy |
Ensure IAM policies does not allow credentials exposure |
Terraform |
IAMCredentialsExposure.py |
| 407 |
CKV_AWS_287 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure IAM policies does not allow credentials exposure |
Terraform |
IAMCredentialsExposure.py |
| 408 |
CKV_AWS_288 |
resource |
aws_iam_group_policy |
Ensure IAM policies does not allow data exfiltration |
Terraform |
IAMDataExfiltration.py |
| 409 |
CKV_AWS_288 |
resource |
aws_iam_policy |
Ensure IAM policies does not allow data exfiltration |
Terraform |
IAMDataExfiltration.py |
| 410 |
CKV_AWS_288 |
resource |
aws_iam_role_policy |
Ensure IAM policies does not allow data exfiltration |
Terraform |
IAMDataExfiltration.py |
| 411 |
CKV_AWS_288 |
resource |
aws_iam_user_policy |
Ensure IAM policies does not allow data exfiltration |
Terraform |
IAMDataExfiltration.py |
| 412 |
CKV_AWS_288 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure IAM policies does not allow data exfiltration |
Terraform |
IAMDataExfiltration.py |
| 413 |
CKV_AWS_289 |
resource |
aws_iam_group_policy |
Ensure IAM policies does not allow permissions management / resource exposure without constraints |
Terraform |
IAMPermissionsManagement.py |
| 414 |
CKV_AWS_289 |
resource |
aws_iam_policy |
Ensure IAM policies does not allow permissions management / resource exposure without constraints |
Terraform |
IAMPermissionsManagement.py |
| 415 |
CKV_AWS_289 |
resource |
aws_iam_role_policy |
Ensure IAM policies does not allow permissions management / resource exposure without constraints |
Terraform |
IAMPermissionsManagement.py |
| 416 |
CKV_AWS_289 |
resource |
aws_iam_user_policy |
Ensure IAM policies does not allow permissions management / resource exposure without constraints |
Terraform |
IAMPermissionsManagement.py |
| 417 |
CKV_AWS_289 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure IAM policies does not allow permissions management / resource exposure without constraints |
Terraform |
IAMPermissionsManagement.py |
| 418 |
CKV_AWS_290 |
resource |
aws_iam_group_policy |
Ensure IAM policies does not allow write access without constraints |
Terraform |
IAMWriteAccess.py |
| 419 |
CKV_AWS_290 |
resource |
aws_iam_policy |
Ensure IAM policies does not allow write access without constraints |
Terraform |
IAMWriteAccess.py |
| 420 |
CKV_AWS_290 |
resource |
aws_iam_role_policy |
Ensure IAM policies does not allow write access without constraints |
Terraform |
IAMWriteAccess.py |
| 421 |
CKV_AWS_290 |
resource |
aws_iam_user_policy |
Ensure IAM policies does not allow write access without constraints |
Terraform |
IAMWriteAccess.py |
| 422 |
CKV_AWS_290 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure IAM policies does not allow write access without constraints |
Terraform |
IAMWriteAccess.py |
| 423 |
CKV_AWS_291 |
resource |
aws_msk_cluster |
Ensure MSK nodes are private |
Terraform |
MSKClusterNodesArePrivate.py |
| 424 |
CKV_AWS_292 |
resource |
aws_docdb_global_cluster |
Ensure DocumentDB Global Cluster is encrypted at rest (default is unencrypted) |
Terraform |
DocDBGlobalClusterEncryption.py |
| 425 |
CKV_AWS_293 |
resource |
aws_db_instance |
Ensure that AWS database instances have deletion protection enabled |
Terraform |
RDSInstanceDeletionProtection.py |
| 426 |
CKV_AWS_294 |
resource |
aws_cloudtrail_event_data_store |
Ensure CloudTrail Event Data Store uses CMK |
Terraform |
CloudtrailEventDataStoreUsesCMK.py |
| 427 |
CKV_AWS_295 |
resource |
aws_datasync_location_object_storage |
Ensure DataSync Location Object Storage doesn’t expose secrets |
Terraform |
DatasyncLocationExposesSecrets.py |
| 428 |
CKV_AWS_296 |
resource |
aws_dms_endpoint |
Ensure DMS endpoint uses Customer Managed Key (CMK) |
Terraform |
DMSEndpointUsesCMK.py |
| 429 |
CKV_AWS_297 |
resource |
aws_scheduler_schedule |
Ensure EventBridge Scheduler Schedule uses Customer Managed Key (CMK) |
Terraform |
SchedulerScheduleUsesCMK.py |
| 430 |
CKV_AWS_298 |
resource |
aws_dms_s3_endpoint |
Ensure DMS S3 uses Customer Managed Key (CMK) |
Terraform |
DMSS3UsesCMK.py |
| 431 |
CKV_AWS_300 |
resource |
aws_s3_bucket_lifecycle_configuration |
Ensure S3 lifecycle configuration sets period for aborting failed uploads |
Terraform |
S3AbortIncompleteUploads.py |
| 432 |
CKV_AWS_301 |
resource |
aws_lambda_permission |
Ensure that AWS Lambda function is not publicly accessible |
Terraform |
LambdaFunctionIsNotPublic.py |
| 433 |
CKV_AWS_302 |
resource |
aws_db_snapshot |
Ensure DB Snapshots are not Public |
Terraform |
DBSnapshotsArePrivate.py |
| 434 |
CKV_AWS_303 |
resource |
aws_ssm_document |
Ensure SSM documents are not Public |
Terraform |
SSMDocumentsArePrivate.py |
| 435 |
CKV_AWS_304 |
resource |
aws_secretsmanager_secret_rotation |
Ensure Secrets Manager secrets should be rotated within 90 days |
Terraform |
SecretManagerSecret90days.py |
| 436 |
CKV_AWS_305 |
resource |
aws_cloudfront_distribution |
Ensure CloudFront distribution has a default root object configured |
Terraform |
CloudfrontDistributionDefaultRoot.py |
| 437 |
CKV_AWS_306 |
resource |
aws_sagemaker_notebook_instance |
Ensure SageMaker notebook instances should be launched into a custom VPC |
Terraform |
SagemakerNotebookInCustomVPC.py |
| 438 |
CKV_AWS_307 |
resource |
aws_sagemaker_notebook_instance |
Ensure SageMaker Users should not have root access to SageMaker notebook instances |
Terraform |
SagemakerNotebookRoot.py |
| 439 |
CKV_AWS_308 |
resource |
aws_api_gateway_method_settings |
Ensure API Gateway method setting caching is set to encrypted |
Terraform |
APIGatewayMethodSettingsCacheEncrypted.py |
| 440 |
CKV_AWS_309 |
resource |
aws_apigatewayv2_route |
Ensure API GatewayV2 routes specify an authorization type |
Terraform |
APIGatewayV2RouteDefinesAuthorizationType.py |
| 441 |
CKV_AWS_310 |
resource |
aws_cloudfront_distribution |
Ensure CloudFront distributions should have origin failover configured |
Terraform |
CloudfrontDistributionOriginFailover.py |
| 442 |
CKV_AWS_311 |
resource |
aws_codebuild_project |
Ensure that CodeBuild S3 logs are encrypted |
Terraform |
CodebuildS3LogsEncrypted.py |
| 443 |
CKV_AWS_312 |
resource |
aws_elastic_beanstalk_environment |
Ensure Elastic Beanstalk environments have enhanced health reporting enabled |
Terraform |
ElasticBeanstalkUseEnhancedHealthChecks.py |
| 444 |
CKV_AWS_313 |
resource |
aws_rds_cluster |
Ensure RDS cluster configured to copy tags to snapshots |
Terraform |
RDSClusterCopyTags.py |
| 445 |
CKV_AWS_314 |
resource |
aws_codebuild_project |
Ensure CodeBuild project environments have a logging configuration |
Terraform |
CodebuildHasLogs.py |
| 446 |
CKV_AWS_315 |
resource |
aws_autoscaling_group |
Ensure EC2 Auto Scaling groups use EC2 launch templates |
Terraform |
AutoScalingLaunchTemplate.py |
| 447 |
CKV_AWS_316 |
resource |
aws_codebuild_project |
Ensure CodeBuild project environments do not have privileged mode enabled |
Terraform |
CodeBuildPrivilegedMode.py |
| 448 |
CKV_AWS_317 |
resource |
aws_elasticsearch_domain |
Ensure Elasticsearch Domain Audit Logging is enabled |
Terraform |
ElasticsearchDomainAuditLogging.py |
| 449 |
CKV_AWS_317 |
resource |
aws_opensearch_domain |
Ensure Elasticsearch Domain Audit Logging is enabled |
Terraform |
ElasticsearchDomainAuditLogging.py |
| 450 |
CKV_AWS_318 |
resource |
aws_elasticsearch_domain |
Ensure Elasticsearch domains are configured with at least three dedicated master nodes for HA |
Terraform |
ElasticsearchDomainHA.py |
| 451 |
CKV_AWS_318 |
resource |
aws_opensearch_domain |
Ensure Elasticsearch domains are configured with at least three dedicated master nodes for HA |
Terraform |
ElasticsearchDomainHA.py |
| 452 |
CKV_AWS_319 |
resource |
aws_cloudwatch_metric_alarm |
Ensure that CloudWatch alarm actions are enabled |
Terraform |
CloudWatchAlarmsEnabled.py |
| 453 |
CKV_AWS_320 |
resource |
aws_redshift_cluster |
Ensure Redshift clusters do not use the default database name |
Terraform |
RedshiftClusterDatabaseName.py |
| 454 |
CKV_AWS_321 |
resource |
aws_redshift_cluster |
Ensure Redshift clusters use enhanced VPC routing |
Terraform |
RedshiftClusterUseEnhancedVPCRouting.py |
| 455 |
CKV_AWS_322 |
resource |
aws_elasticache_cluster |
Ensure ElastiCache for Redis cache clusters have auto minor version upgrades enabled |
Terraform |
ElasticCacheAutomaticMinorUpgrades.py |
| 456 |
CKV_AWS_323 |
resource |
aws_elasticache_cluster |
Ensure ElastiCache clusters do not use the default subnet group |
Terraform |
ElastiCacheHasCustomSubnet.py |
| 457 |
CKV_AWS_324 |
resource |
aws_rds_cluster |
Ensure that RDS Cluster log capture is enabled |
Terraform |
RDSClusterLogging.py |
| 458 |
CKV_AWS_325 |
resource |
aws_rds_cluster |
Ensure that RDS Cluster audit logging is enabled for MySQL engine |
Terraform |
RDSClusterAuditLogging.py |
| 459 |
CKV_AWS_326 |
resource |
aws_rds_cluster |
Ensure that RDS Aurora Clusters have backtracking enabled |
Terraform |
RDSClusterAuroraBacktrack.py |
| 460 |
CKV_AWS_327 |
resource |
aws_rds_cluster |
Ensure RDS Clusters are encrypted using KMS CMKs |
Terraform |
RDSClusterEncryptedWithCMK.py |
| 461 |
CKV_AWS_328 |
resource |
aws_alb |
Ensure that ALB is configured with defensive or strictest desync mitigation mode |
Terraform |
ALBDesyncMode.py |
| 462 |
CKV_AWS_328 |
resource |
aws_elb |
Ensure that ALB is configured with defensive or strictest desync mitigation mode |
Terraform |
ALBDesyncMode.py |
| 463 |
CKV_AWS_328 |
resource |
aws_lb |
Ensure that ALB is configured with defensive or strictest desync mitigation mode |
Terraform |
ALBDesyncMode.py |
| 464 |
CKV_AWS_329 |
resource |
aws_efs_access_point |
EFS access points should enforce a root directory |
Terraform |
EFSAccessPointRoot.py |
| 465 |
CKV_AWS_330 |
resource |
aws_efs_access_point |
EFS access points should enforce a user identity |
Terraform |
EFSAccessUserIdentity.py |
| 466 |
CKV_AWS_331 |
resource |
aws_ec2_transit_gateway |
Ensure Transit Gateways do not automatically accept VPC attachment requests |
Terraform |
Ec2TransitGatewayAutoAccept.py |
| 467 |
CKV_AWS_332 |
resource |
aws_ecs_service |
Ensure ECS Fargate services run on the latest Fargate platform version |
Terraform |
ECSServiceFargateLatest.py |
| 468 |
CKV_AWS_333 |
resource |
aws_ecs_service |
Ensure ECS services do not have public IP addresses assigned to them automatically |
Terraform |
ECSServicePublicIP.py |
| 469 |
CKV_AWS_334 |
resource |
aws_ecs_task_definition |
Ensure ECS containers should run as non-privileged |
Terraform |
ECSContainerPrivilege.py |
| 470 |
CKV_AWS_335 |
resource |
aws_ecs_task_definition |
Ensure ECS task definitions should not share the host’s process namespace |
Terraform |
ECSContainerHostProcess.py |
| 471 |
CKV_AWS_336 |
resource |
aws_ecs_task_definition |
Ensure ECS containers are limited to read-only access to root filesystems |
Terraform |
ECSContainerReadOnlyRoot.py |
| 472 |
CKV_AWS_337 |
resource |
aws_ssm_parameter |
Ensure SSM parameters are using KMS CMK |
Terraform |
SSMParameterUsesCMK.py |
| 473 |
CKV_AWS_338 |
resource |
aws_cloudwatch_log_group |
Ensure CloudWatch log groups retains logs for at least 1 year |
Terraform |
CloudWatchLogGroupRetentionYear.py |
| 474 |
CKV_AWS_339 |
resource |
aws_eks_cluster |
Ensure EKS clusters run on a supported Kubernetes version |
Terraform |
EKSPlatformVersion.py |
| 475 |
CKV_AWS_340 |
resource |
aws_elastic_beanstalk_environment |
Ensure Elastic Beanstalk managed platform updates are enabled |
Terraform |
ElasticBeanstalkUseManagedUpdates.py |
| 476 |
CKV_AWS_341 |
resource |
aws_launch_configuration |
Ensure Launch template should not have a metadata response hop limit greater than 1 |
Terraform |
LaunchTemplateMetadataHop.py |
| 477 |
CKV_AWS_341 |
resource |
aws_launch_template |
Ensure Launch template should not have a metadata response hop limit greater than 1 |
Terraform |
LaunchTemplateMetadataHop.py |
| 478 |
CKV_AWS_342 |
resource |
aws_waf_rule_group |
Ensure WAF rule has any actions |
Terraform |
WAFRuleHasAnyActions.py |
| 479 |
CKV_AWS_342 |
resource |
aws_waf_web_acl |
Ensure WAF rule has any actions |
Terraform |
WAFRuleHasAnyActions.py |
| 480 |
CKV_AWS_342 |
resource |
aws_wafregional_rule_group |
Ensure WAF rule has any actions |
Terraform |
WAFRuleHasAnyActions.py |
| 481 |
CKV_AWS_342 |
resource |
aws_wafregional_web_acl |
Ensure WAF rule has any actions |
Terraform |
WAFRuleHasAnyActions.py |
| 482 |
CKV_AWS_342 |
resource |
aws_wafv2_rule_group |
Ensure WAF rule has any actions |
Terraform |
WAFRuleHasAnyActions.py |
| 483 |
CKV_AWS_342 |
resource |
aws_wafv2_web_acl |
Ensure WAF rule has any actions |
Terraform |
WAFRuleHasAnyActions.py |
| 484 |
CKV_AWS_343 |
resource |
aws_redshift_cluster |
Ensure Amazon Redshift clusters should have automatic snapshots enabled |
Terraform |
RedshiftClusterAutoSnap.py |
| 485 |
CKV_AWS_344 |
resource |
aws_networkfirewall_firewall |
Ensure that Network firewalls have deletion protection enabled |
Terraform |
NetworkFirewallDeletionProtection.py |
| 486 |
CKV_AWS_345 |
resource |
aws_networkfirewall_firewall |
Ensure that Network firewall encryption is via a CMK |
Terraform |
NetworkFirewallUsesCMK.py |
| 487 |
CKV_AWS_345 |
resource |
aws_networkfirewall_rule_group |
Ensure that Network firewall encryption is via a CMK |
Terraform |
NetworkFirewallUsesCMK.py |
| 488 |
CKV_AWS_346 |
resource |
aws_networkfirewall_firewall_policy |
Ensure Network Firewall Policy defines an encryption configuration that uses a customer managed Key (CMK) |
Terraform |
NetworkFirewallPolicyDefinesCMK.py |
| 489 |
CKV_AWS_347 |
resource |
aws_neptune_cluster |
Ensure Neptune is encrypted by KMS using a customer managed Key (CMK) |
Terraform |
NeptuneClusterEncryptedWithCMK.py |
| 490 |
CKV_AWS_348 |
resource |
aws_iam_access_key |
Ensure IAM root user does not have Access keys |
Terraform |
IAMUserRootAccessKeys.py |
| 491 |
CKV_AWS_349 |
resource |
aws_emr_security_configuration |
Ensure EMR Cluster security configuration encrypts local disks |
Terraform |
EMRClusterConfEncryptsLocalDisk.py |
| 492 |
CKV_AWS_350 |
resource |
aws_emr_security_configuration |
Ensure EMR Cluster security configuration encrypts EBS disks |
Terraform |
EMRClusterConfEncryptsEBS.py |
| 493 |
CKV_AWS_351 |
resource |
aws_emr_security_configuration |
Ensure EMR Cluster security configuration encrypts InTransit |
Terraform |
EMRClusterConfEncryptsInTransit.py |
| 494 |
CKV_AWS_352 |
resource |
aws_network_acl_rule |
Ensure NACL ingress does not allow all Ports |
Terraform |
NetworkACLUnrestricted.py |
| 495 |
CKV_AWS_353 |
resource |
aws_db_instance |
Ensure that RDS instances have performance insights enabled |
Terraform |
RDSInstancePerformanceInsights.py |
| 496 |
CKV_AWS_353 |
resource |
aws_rds_cluster_instance |
Ensure that RDS instances have performance insights enabled |
Terraform |
RDSInstancePerformanceInsights.py |
| 497 |
CKV_AWS_354 |
resource |
aws_db_instance |
Ensure RDS Performance Insights are encrypted using KMS CMKs |
Terraform |
RDSInstancePerfInsightsEncryptionWithCMK.py |
| 498 |
CKV_AWS_354 |
resource |
aws_rds_cluster_instance |
Ensure RDS Performance Insights are encrypted using KMS CMKs |
Terraform |
RDSInstancePerfInsightsEncryptionWithCMK.py |
| 499 |
CKV_AWS_355 |
resource |
aws_iam_group_policy |
Ensure no IAM policies documents allow “*” as a statement’s resource for restrictable actions |
Terraform |
IAMStarResourcePolicyDocument.py |
| 500 |
CKV_AWS_355 |
resource |
aws_iam_policy |
Ensure no IAM policies documents allow “*” as a statement’s resource for restrictable actions |
Terraform |
IAMStarResourcePolicyDocument.py |
| 501 |
CKV_AWS_355 |
resource |
aws_iam_role_policy |
Ensure no IAM policies documents allow “*” as a statement’s resource for restrictable actions |
Terraform |
IAMStarResourcePolicyDocument.py |
| 502 |
CKV_AWS_355 |
resource |
aws_iam_user_policy |
Ensure no IAM policies documents allow “*” as a statement’s resource for restrictable actions |
Terraform |
IAMStarResourcePolicyDocument.py |
| 503 |
CKV_AWS_355 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure no IAM policies documents allow “*” as a statement’s resource for restrictable actions |
Terraform |
IAMStarResourcePolicyDocument.py |
| 504 |
CKV_AWS_356 |
data |
aws_iam_policy_document |
Ensure no IAM policies documents allow “*” as a statement’s resource for restrictable actions |
Terraform |
ResourcePolicyDocument.py |
| 505 |
CKV_AWS_357 |
resource |
aws_transfer_server |
Ensure Transfer Server allows only secure protocols |
Terraform |
TransferServerAllowsOnlySecureProtocols.py |
| 506 |
CKV_AWS_358 |
data |
aws_iam_policy_document |
Ensure AWS GitHub Actions OIDC authorization policies only allow safe claims and claim order |
Terraform |
GithubActionsOIDCTrustPolicy.py |
| 507 |
CKV_AWS_359 |
resource |
aws_neptune_cluster |
Neptune DB clusters should have IAM database authentication enabled |
Terraform |
NeptuneDBClustersIAMDatabaseAuthenticationEnabled.py |
| 508 |
CKV_AWS_360 |
resource |
aws_docdb_cluster |
Ensure DocumentDB has an adequate backup retention period |
Terraform |
DocDBBackupRetention.py |
| 509 |
CKV_AWS_361 |
resource |
aws_neptune_cluster |
Ensure that Neptune DB cluster has automated backups enabled with adequate retention |
Terraform |
NeptuneClusterBackupRetention.py |
| 510 |
CKV_AWS_362 |
resource |
aws_neptune_cluster |
Neptune DB clusters should be configured to copy tags to snapshots |
Terraform |
NeptuneDBClustersCopyTagsToSnapshots.py |
| 511 |
CKV_AWS_363 |
resource |
aws_lambda_function |
Ensure Lambda Runtime is not deprecated |
Terraform |
DeprecatedLambdaRuntime.py |
| 512 |
CKV_AWS_364 |
resource |
aws_lambda_permission |
Ensure that AWS Lambda function permissions delegated to AWS services are limited by SourceArn or SourceAccount |
Terraform |
LambdaServicePermission.py |
| 513 |
CKV_AWS_365 |
resource |
aws_ses_configuration_set |
Ensure SES Configuration Set enforces TLS usage |
Terraform |
SesConfigurationSetDefinesTLS.py |
| 514 |
CKV_AWS_366 |
resource |
aws_cognito_identity_pool |
Ensure AWS Cognito identity pool does not allow unauthenticated guest access |
Terraform |
CognitoUnauthenticatedIdentities.py |
| 515 |
CKV_AWS_367 |
resource |
aws_sagemaker_data_quality_job_definition |
Ensure Amazon Sagemaker Data Quality Job uses KMS to encrypt model artifacts |
Terraform |
SagemakerDataQualityJobDefinitionEncryption.py |
| 516 |
CKV_AWS_368 |
resource |
aws_sagemaker_data_quality_job_definition |
Ensure Amazon Sagemaker Data Quality Job uses KMS to encrypt data on attached storage volume |
Terraform |
SagemakerDataQualityJobDefinitionVolumeEncryption.py |
| 517 |
CKV_AWS_369 |
resource |
aws_sagemaker_data_quality_job_definition |
Ensure Amazon Sagemaker Data Quality Job encrypts all communications between instances used for monitoring jobs |
Terraform |
SagemakerDataQualityJobDefinitionTrafficEncryption.py |
| 518 |
CKV_AWS_370 |
resource |
aws_sagemaker_model |
Ensure Amazon SageMaker model uses network isolation |
Terraform |
SagemakerModelWithNetworkIsolation.py |
| 519 |
CKV_AWS_371 |
resource |
aws_sagemaker_notebook_instance |
Ensure Amazon SageMaker Notebook Instance only allows for IMDSv2 |
Terraform |
SagemakerNotebookInstanceAllowsIMDSv2.py |
| 520 |
CKV_AWS_372 |
resource |
aws_sagemaker_flow_definition |
Ensure Amazon SageMaker Flow Definition uses KMS for output configurations |
Terraform |
SagemakerFlowDefinitionUsesKMS.py |
| 521 |
CKV_AWS_373 |
resource |
aws_bedrockagent_agent |
Ensure Bedrock Agent is encrypted with a CMK |
Terraform |
BedrockAgentEncrypted.py |
| 522 |
CKV_AWS_374 |
resource |
aws_cloudfront_distribution |
Ensure AWS CloudFront web distribution has geo restriction enabled |
Terraform |
CloudFrontGeoRestrictionDisabled.py |
| 523 |
CKV_AWS_375 |
resource |
aws_s3_bucket_acl |
Ensure AWS S3 bucket does not have global view ACL permissions enabled |
Terraform |
S3GlobalViewACL.py |
| 524 |
CKV_AWS_376 |
resource |
aws_elb |
Ensure AWS Elastic Load Balancer listener uses TLS/SSL |
Terraform |
ELBwListenerNotTLSSSL.py |
| 525 |
CKV_AWS_377 |
resource |
aws_route53domains_registered_domain |
Ensure Route 53 domains have transfer lock protection |
Terraform |
Route53TransferLock.py |
| 526 |
CKV_AWS_378 |
resource |
aws_alb_listener |
Ensure AWS Load Balancer doesn’t use HTTP protocol |
Terraform |
LBTargetGroup.yaml |
| 527 |
CKV_AWS_378 |
resource |
aws_alb_target_group |
Ensure AWS Load Balancer doesn’t use HTTP protocol |
Terraform |
LBTargetGroup.yaml |
| 528 |
CKV_AWS_378 |
resource |
aws_lb_listener |
Ensure AWS Load Balancer doesn’t use HTTP protocol |
Terraform |
LBTargetGroup.yaml |
| 529 |
CKV_AWS_378 |
resource |
aws_lb_target_group |
Ensure AWS Load Balancer doesn’t use HTTP protocol |
Terraform |
LBTargetGroup.yaml |
| 530 |
CKV_AWS_379 |
resource |
aws_s3_bucket_acl |
Ensure AWS S3 bucket is configured with secure data transport policy |
Terraform |
S3SecureDataTransport.py |
| 531 |
CKV_AWS_380 |
resource |
aws_transfer_server |
Ensure AWS Transfer Server uses latest Security Policy |
Terraform |
TransferServerLatestPolicy.py |
| 532 |
CKV_AWS_381 |
resource |
aws_codegurureviewer_repository_association |
Make sure that aws_codegurureviewer_repository_association has a CMK |
Terraform |
AWSCodeGuruHasCMK.py |
| 533 |
CKV_AWS_382 |
resource |
aws_security_group |
Ensure no security groups allow egress from 0.0.0.0:0 to port -1 |
Terraform |
SecurityGroupUnrestrictedEgressAny.py |
| 534 |
CKV_AWS_382 |
resource |
aws_security_group_rule |
Ensure no security groups allow egress from 0.0.0.0:0 to port -1 |
Terraform |
SecurityGroupUnrestrictedEgressAny.py |
| 535 |
CKV_AWS_382 |
resource |
aws_vpc_security_group_egress_rule |
Ensure no security groups allow egress from 0.0.0.0:0 to port -1 |
Terraform |
SecurityGroupUnrestrictedEgressAny.py |
| 536 |
CKV_AWS_383 |
resource |
aws_bedrockagent_agent |
Ensure AWS Bedrock agent is associated with Bedrock guardrails |
Terraform |
BedrockGuardrails.py |
| 537 |
CKV_AWS_385 |
resource |
aws_sns_topic_policy |
Ensure AWS SNS topic policies do not allow cross-account access |
Terraform |
SNSCrossAccountAccess.py |
| 538 |
CKV_AWS_386 |
data |
aws_ami |
Reduce potential for WhoAMI cloud image name confusion attack |
Terraform |
WhoAMI.py |
| 539 |
CKV_AWS_387 |
resource |
aws_sqs_queue_policy |
Ensure SQS policy does not allow public access through wildcards |
Terraform |
SQSOverlyPermissive.py |
| 540 |
CKV_AWS_388 |
resource |
aws_db_instance |
Ensure AWS Aurora PostgreSQL is not exposed to local file read vulnerability |
Terraform |
UnpatchedAuroraPostgresDB.py |
| 541 |
CKV_AWS_389 |
resource |
aws_launch_configuration |
Ensure AWS Auto Scaling group launch configuration doesn’t have public IP address assignment enabled |
Terraform |
AutoScalingGroupWithPublicAccess.py |
| 542 |
CKV_AWS_390 |
resource |
aws_emr_block_public_access_configuration |
Ensure AWS EMR block public access setting is enabled |
Terraform |
EMRPubliclyAccessible.py |
| 543 |
CKV_AWS_391 |
resource |
aws_redshift_cluster |
Avoid AWS Redshift cluster with commonly used master username and public access setting enabled |
Terraform |
RedshiftClusterWithCommonUsernameAndPublicAccess.py |
| 544 |
CKV_AWS_392 |
resource |
aws_s3_access_point |
Ensure AWS S3 access point block public access setting is enabled |
Terraform |
S3AccessPointPubliclyAccessible.py |
| 545 |
CKV2_AWS_1 |
resource |
aws_network_acl |
Ensure that all NACL are attached to subnets |
Terraform |
SubnetHasACL.yaml |
| 546 |
CKV2_AWS_1 |
resource |
aws_subnet |
Ensure that all NACL are attached to subnets |
Terraform |
SubnetHasACL.yaml |
| 547 |
CKV2_AWS_2 |
resource |
aws_ebs_volume |
Ensure that only encrypted EBS volumes are attached to EC2 instances |
Terraform |
EncryptedEBSVolumeOnlyConnectedToEC2s.yaml |
| 548 |
CKV2_AWS_2 |
resource |
aws_volume_attachment |
Ensure that only encrypted EBS volumes are attached to EC2 instances |
Terraform |
EncryptedEBSVolumeOnlyConnectedToEC2s.yaml |
| 549 |
CKV2_AWS_3 |
resource |
aws_guardduty_detector |
Ensure GuardDuty is enabled to specific org/region |
Terraform |
GuardDutyIsEnabled.yaml |
| 550 |
CKV2_AWS_3 |
resource |
aws_guardduty_organization_configuration |
Ensure GuardDuty is enabled to specific org/region |
Terraform |
GuardDutyIsEnabled.yaml |
| 551 |
CKV2_AWS_4 |
resource |
aws_api_gateway_method_settings |
Ensure API Gateway stage have logging level defined as appropriate |
Terraform |
APIGWLoggingLevelsDefinedProperly.yaml |
| 552 |
CKV2_AWS_4 |
resource |
aws_api_gateway_stage |
Ensure API Gateway stage have logging level defined as appropriate |
Terraform |
APIGWLoggingLevelsDefinedProperly.yaml |
| 553 |
CKV2_AWS_5 |
resource |
aws_security_group |
Ensure that Security Groups are attached to another resource |
Terraform |
SGAttachedToResource.yaml |
| 554 |
CKV2_AWS_6 |
resource |
aws_s3_bucket |
Ensure that S3 bucket has a Public Access block |
Terraform |
S3BucketHasPublicAccessBlock.yaml |
| 555 |
CKV2_AWS_6 |
resource |
aws_s3_bucket_public_access_block |
Ensure that S3 bucket has a Public Access block |
Terraform |
S3BucketHasPublicAccessBlock.yaml |
| 556 |
CKV2_AWS_7 |
resource |
aws_emr_cluster |
Ensure that Amazon EMR clusters’ security groups are not open to the world |
Terraform |
AMRClustersNotOpenToInternet.yaml |
| 557 |
CKV2_AWS_7 |
resource |
aws_security_group |
Ensure that Amazon EMR clusters’ security groups are not open to the world |
Terraform |
AMRClustersNotOpenToInternet.yaml |
| 558 |
CKV2_AWS_8 |
resource |
aws_rds_cluster |
Ensure that RDS clusters has backup plan of AWS Backup |
Terraform |
RDSClusterHasBackupPlan.yaml |
| 559 |
CKV2_AWS_9 |
resource |
aws_backup_selection |
Ensure that EBS are added in the backup plans of AWS Backup |
Terraform |
EBSAddedBackup.yaml |
| 560 |
CKV2_AWS_10 |
resource |
aws_cloudtrail |
Ensure CloudTrail trails are integrated with CloudWatch Logs |
Terraform |
CloudtrailHasCloudwatch.yaml |
| 561 |
CKV2_AWS_11 |
resource |
aws_vpc |
Ensure VPC flow logging is enabled in all VPCs |
Terraform |
VPCHasFlowLog.yaml |
| 562 |
CKV2_AWS_12 |
resource |
aws_default_security_group |
Ensure the default security group of every VPC restricts all traffic |
Terraform |
VPCHasRestrictedSG.yaml |
| 563 |
CKV2_AWS_12 |
resource |
aws_vpc |
Ensure the default security group of every VPC restricts all traffic |
Terraform |
VPCHasRestrictedSG.yaml |
| 564 |
CKV2_AWS_14 |
resource |
aws_iam_group |
Ensure that IAM groups includes at least one IAM user |
Terraform |
IAMGroupHasAtLeastOneUser.yaml |
| 565 |
CKV2_AWS_14 |
resource |
aws_iam_group_membership |
Ensure that IAM groups includes at least one IAM user |
Terraform |
IAMGroupHasAtLeastOneUser.yaml |
| 566 |
CKV2_AWS_15 |
resource |
aws_autoscaling_group |
Ensure that auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks. |
Terraform |
AutoScallingEnabledELB.yaml |
| 567 |
CKV2_AWS_15 |
resource |
aws_elb |
Ensure that auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks. |
Terraform |
AutoScallingEnabledELB.yaml |
| 568 |
CKV2_AWS_15 |
resource |
aws_lb_target_group |
Ensure that auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks. |
Terraform |
AutoScallingEnabledELB.yaml |
| 569 |
CKV2_AWS_16 |
resource |
aws_appautoscaling_target |
Ensure that Auto Scaling is enabled on your DynamoDB tables |
Terraform |
AutoScalingEnableOnDynamoDBTables.yaml |
| 570 |
CKV2_AWS_16 |
resource |
aws_dynamodb_table |
Ensure that Auto Scaling is enabled on your DynamoDB tables |
Terraform |
AutoScalingEnableOnDynamoDBTables.yaml |
| 571 |
CKV2_AWS_18 |
resource |
aws_backup_selection |
Ensure that Elastic File System (Amazon EFS) file systems are added in the backup plans of AWS Backup |
Terraform |
EFSAddedBackup.yaml |
| 572 |
CKV2_AWS_19 |
resource |
aws_eip |
Ensure that all EIP addresses allocated to a VPC are attached to EC2 instances |
Terraform |
EIPAllocatedToVPCAttachedEC2.yaml |
| 573 |
CKV2_AWS_19 |
resource |
aws_eip_association |
Ensure that all EIP addresses allocated to a VPC are attached to EC2 instances |
Terraform |
EIPAllocatedToVPCAttachedEC2.yaml |
| 574 |
CKV2_AWS_20 |
resource |
aws_alb |
Ensure that ALB redirects HTTP requests into HTTPS ones |
Terraform |
ALBRedirectsHTTPToHTTPS.yaml |
| 575 |
CKV2_AWS_20 |
resource |
aws_alb_listener |
Ensure that ALB redirects HTTP requests into HTTPS ones |
Terraform |
ALBRedirectsHTTPToHTTPS.yaml |
| 576 |
CKV2_AWS_20 |
resource |
aws_lb |
Ensure that ALB redirects HTTP requests into HTTPS ones |
Terraform |
ALBRedirectsHTTPToHTTPS.yaml |
| 577 |
CKV2_AWS_20 |
resource |
aws_lb_listener |
Ensure that ALB redirects HTTP requests into HTTPS ones |
Terraform |
ALBRedirectsHTTPToHTTPS.yaml |
| 578 |
CKV2_AWS_21 |
resource |
aws_iam_group_membership |
Ensure that all IAM users are members of at least one IAM group. |
Terraform |
IAMUsersAreMembersAtLeastOneGroup.yaml |
| 579 |
CKV2_AWS_22 |
resource |
aws_iam_user |
Ensure an IAM User does not have access to the console |
Terraform |
IAMUserHasNoConsoleAccess.yaml |
| 580 |
CKV2_AWS_23 |
resource |
aws_route53_record |
Route53 A Record has Attached Resource |
Terraform |
Route53ARecordAttachedResource.yaml |
| 581 |
CKV2_AWS_27 |
resource |
aws_rds_cluster |
Ensure Postgres RDS as aws_rds_cluster has Query Logging enabled |
Terraform |
PostgresRDSHasQueryLoggingEnabled.yaml |
| 582 |
CKV2_AWS_27 |
resource |
aws_rds_cluster_parameter_group |
Ensure Postgres RDS as aws_rds_cluster has Query Logging enabled |
Terraform |
PostgresRDSHasQueryLoggingEnabled.yaml |
| 583 |
CKV2_AWS_28 |
resource |
aws_alb |
Ensure public facing ALB are protected by WAF |
Terraform |
ALBProtectedByWAF.yaml |
| 584 |
CKV2_AWS_28 |
resource |
aws_lb |
Ensure public facing ALB are protected by WAF |
Terraform |
ALBProtectedByWAF.yaml |
| 585 |
CKV2_AWS_29 |
resource |
aws_api_gateway_rest_api |
Ensure public API gateway are protected by WAF |
Terraform |
APIProtectedByWAF.yaml |
| 586 |
CKV2_AWS_29 |
resource |
aws_api_gateway_stage |
Ensure public API gateway are protected by WAF |
Terraform |
APIProtectedByWAF.yaml |
| 587 |
CKV2_AWS_30 |
resource |
aws_db_instance |
Ensure Postgres RDS as aws_db_instance has Query Logging enabled |
Terraform |
PostgresDBHasQueryLoggingEnabled.yaml |
| 588 |
CKV2_AWS_30 |
resource |
aws_db_parameter_group |
Ensure Postgres RDS as aws_db_instance has Query Logging enabled |
Terraform |
PostgresDBHasQueryLoggingEnabled.yaml |
| 589 |
CKV2_AWS_31 |
resource |
aws_wafv2_web_acl |
Ensure WAF2 has a Logging Configuration |
Terraform |
WAF2HasLogs.yaml |
| 590 |
CKV2_AWS_32 |
resource |
aws_cloudfront_distribution |
Ensure CloudFront distribution has a response headers policy attached |
Terraform |
CloudFrontHasResponseHeadersPolicy.yaml |
| 591 |
CKV2_AWS_33 |
resource |
aws_appsync_graphql_api |
Ensure AppSync is protected by WAF |
Terraform |
AppSyncProtectedByWAF.yaml |
| 592 |
CKV2_AWS_34 |
resource |
aws_ssm_parameter |
AWS SSM Parameter should be Encrypted |
Terraform |
AWSSSMParameterShouldBeEncrypted.yaml |
| 593 |
CKV2_AWS_35 |
resource |
aws_route |
AWS NAT Gateways should be utilized for the default route |
Terraform |
AWSNATGatewaysshouldbeutilized.yaml |
| 594 |
CKV2_AWS_35 |
resource |
aws_route_table |
AWS NAT Gateways should be utilized for the default route |
Terraform |
AWSNATGatewaysshouldbeutilized.yaml |
| 595 |
CKV2_AWS_36 |
resource |
aws_ssm_parameter |
Ensure terraform is not sending SSM secrets to untrusted domains over HTTP |
Terraform |
HTTPNotSendingPasswords.yaml |
| 596 |
CKV2_AWS_36 |
resource |
data.http |
Ensure terraform is not sending SSM secrets to untrusted domains over HTTP |
Terraform |
HTTPNotSendingPasswords.yaml |
| 597 |
CKV2_AWS_37 |
resource |
aws |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 598 |
CKV2_AWS_37 |
resource |
aws_accessanalyzer_analyzer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 599 |
CKV2_AWS_37 |
resource |
aws_accessanalyzer_archive_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 600 |
CKV2_AWS_37 |
resource |
aws_account_alternate_contact |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 601 |
CKV2_AWS_37 |
resource |
aws_account_primary_contact |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 602 |
CKV2_AWS_37 |
resource |
aws_account_region |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 603 |
CKV2_AWS_37 |
resource |
aws_acm_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 604 |
CKV2_AWS_37 |
resource |
aws_acm_certificate_validation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 605 |
CKV2_AWS_37 |
resource |
aws_acmpca_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 606 |
CKV2_AWS_37 |
resource |
aws_acmpca_certificate_authority |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 607 |
CKV2_AWS_37 |
resource |
aws_acmpca_certificate_authority_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 608 |
CKV2_AWS_37 |
resource |
aws_acmpca_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 609 |
CKV2_AWS_37 |
resource |
aws_acmpca_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 610 |
CKV2_AWS_37 |
resource |
aws_alb |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 611 |
CKV2_AWS_37 |
resource |
aws_alb_listener |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 612 |
CKV2_AWS_37 |
resource |
aws_alb_listener_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 613 |
CKV2_AWS_37 |
resource |
aws_alb_listener_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 614 |
CKV2_AWS_37 |
resource |
aws_alb_target_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 615 |
CKV2_AWS_37 |
resource |
aws_alb_target_group_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 616 |
CKV2_AWS_37 |
resource |
aws_ami |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 617 |
CKV2_AWS_37 |
resource |
aws_ami_copy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 618 |
CKV2_AWS_37 |
resource |
aws_ami_from_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 619 |
CKV2_AWS_37 |
resource |
aws_ami_launch_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 620 |
CKV2_AWS_37 |
resource |
aws_amplify_app |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 621 |
CKV2_AWS_37 |
resource |
aws_amplify_backend_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 622 |
CKV2_AWS_37 |
resource |
aws_amplify_branch |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 623 |
CKV2_AWS_37 |
resource |
aws_amplify_domain_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 624 |
CKV2_AWS_37 |
resource |
aws_amplify_webhook |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 625 |
CKV2_AWS_37 |
resource |
aws_api_gateway_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 626 |
CKV2_AWS_37 |
resource |
aws_api_gateway_api_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 627 |
CKV2_AWS_37 |
resource |
aws_api_gateway_authorizer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 628 |
CKV2_AWS_37 |
resource |
aws_api_gateway_base_path_mapping |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 629 |
CKV2_AWS_37 |
resource |
aws_api_gateway_client_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 630 |
CKV2_AWS_37 |
resource |
aws_api_gateway_deployment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 631 |
CKV2_AWS_37 |
resource |
aws_api_gateway_documentation_part |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 632 |
CKV2_AWS_37 |
resource |
aws_api_gateway_documentation_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 633 |
CKV2_AWS_37 |
resource |
aws_api_gateway_domain_name |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 634 |
CKV2_AWS_37 |
resource |
aws_api_gateway_domain_name_access_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 635 |
CKV2_AWS_37 |
resource |
aws_api_gateway_gateway_response |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 636 |
CKV2_AWS_37 |
resource |
aws_api_gateway_integration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 637 |
CKV2_AWS_37 |
resource |
aws_api_gateway_integration_response |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 638 |
CKV2_AWS_37 |
resource |
aws_api_gateway_method |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 639 |
CKV2_AWS_37 |
resource |
aws_api_gateway_method_response |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 640 |
CKV2_AWS_37 |
resource |
aws_api_gateway_method_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 641 |
CKV2_AWS_37 |
resource |
aws_api_gateway_model |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 642 |
CKV2_AWS_37 |
resource |
aws_api_gateway_request_validator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 643 |
CKV2_AWS_37 |
resource |
aws_api_gateway_resource |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 644 |
CKV2_AWS_37 |
resource |
aws_api_gateway_rest_api |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 645 |
CKV2_AWS_37 |
resource |
aws_api_gateway_rest_api_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 646 |
CKV2_AWS_37 |
resource |
aws_api_gateway_stage |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 647 |
CKV2_AWS_37 |
resource |
aws_api_gateway_usage_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 648 |
CKV2_AWS_37 |
resource |
aws_api_gateway_usage_plan_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 649 |
CKV2_AWS_37 |
resource |
aws_api_gateway_vpc_link |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 650 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_api |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 651 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_api_mapping |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 652 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_authorizer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 653 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_deployment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 654 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_domain_name |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 655 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_integration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 656 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_integration_response |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 657 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_model |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 658 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 659 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_route_response |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 660 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_stage |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 661 |
CKV2_AWS_37 |
resource |
aws_apigatewayv2_vpc_link |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 662 |
CKV2_AWS_37 |
resource |
aws_app_cookie_stickiness_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 663 |
CKV2_AWS_37 |
resource |
aws_appautoscaling_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 664 |
CKV2_AWS_37 |
resource |
aws_appautoscaling_scheduled_action |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 665 |
CKV2_AWS_37 |
resource |
aws_appautoscaling_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 666 |
CKV2_AWS_37 |
resource |
aws_appconfig_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 667 |
CKV2_AWS_37 |
resource |
aws_appconfig_configuration_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 668 |
CKV2_AWS_37 |
resource |
aws_appconfig_deployment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 669 |
CKV2_AWS_37 |
resource |
aws_appconfig_deployment_strategy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 670 |
CKV2_AWS_37 |
resource |
aws_appconfig_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 671 |
CKV2_AWS_37 |
resource |
aws_appconfig_extension |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 672 |
CKV2_AWS_37 |
resource |
aws_appconfig_extension_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 673 |
CKV2_AWS_37 |
resource |
aws_appconfig_hosted_configuration_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 674 |
CKV2_AWS_37 |
resource |
aws_appfabric_app_authorization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 675 |
CKV2_AWS_37 |
resource |
aws_appfabric_app_authorization_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 676 |
CKV2_AWS_37 |
resource |
aws_appfabric_app_bundle |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 677 |
CKV2_AWS_37 |
resource |
aws_appfabric_ingestion |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 678 |
CKV2_AWS_37 |
resource |
aws_appfabric_ingestion_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 679 |
CKV2_AWS_37 |
resource |
aws_appflow_connector_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 680 |
CKV2_AWS_37 |
resource |
aws_appflow_flow |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 681 |
CKV2_AWS_37 |
resource |
aws_appintegrations_data_integration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 682 |
CKV2_AWS_37 |
resource |
aws_appintegrations_event_integration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 683 |
CKV2_AWS_37 |
resource |
aws_applicationinsights_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 684 |
CKV2_AWS_37 |
resource |
aws_appmesh_gateway_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 685 |
CKV2_AWS_37 |
resource |
aws_appmesh_mesh |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 686 |
CKV2_AWS_37 |
resource |
aws_appmesh_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 687 |
CKV2_AWS_37 |
resource |
aws_appmesh_virtual_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 688 |
CKV2_AWS_37 |
resource |
aws_appmesh_virtual_node |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 689 |
CKV2_AWS_37 |
resource |
aws_appmesh_virtual_router |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 690 |
CKV2_AWS_37 |
resource |
aws_appmesh_virtual_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 691 |
CKV2_AWS_37 |
resource |
aws_apprunner_auto_scaling_configuration_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 692 |
CKV2_AWS_37 |
resource |
aws_apprunner_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 693 |
CKV2_AWS_37 |
resource |
aws_apprunner_custom_domain_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 694 |
CKV2_AWS_37 |
resource |
aws_apprunner_default_auto_scaling_configuration_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 695 |
CKV2_AWS_37 |
resource |
aws_apprunner_deployment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 696 |
CKV2_AWS_37 |
resource |
aws_apprunner_observability_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 697 |
CKV2_AWS_37 |
resource |
aws_apprunner_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 698 |
CKV2_AWS_37 |
resource |
aws_apprunner_vpc_connector |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 699 |
CKV2_AWS_37 |
resource |
aws_apprunner_vpc_ingress_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 700 |
CKV2_AWS_37 |
resource |
aws_appstream_directory_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 701 |
CKV2_AWS_37 |
resource |
aws_appstream_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 702 |
CKV2_AWS_37 |
resource |
aws_appstream_fleet_stack_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 703 |
CKV2_AWS_37 |
resource |
aws_appstream_image_builder |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 704 |
CKV2_AWS_37 |
resource |
aws_appstream_stack |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 705 |
CKV2_AWS_37 |
resource |
aws_appstream_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 706 |
CKV2_AWS_37 |
resource |
aws_appstream_user_stack_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 707 |
CKV2_AWS_37 |
resource |
aws_appsync_api_cache |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 708 |
CKV2_AWS_37 |
resource |
aws_appsync_api_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 709 |
CKV2_AWS_37 |
resource |
aws_appsync_datasource |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 710 |
CKV2_AWS_37 |
resource |
aws_appsync_domain_name |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 711 |
CKV2_AWS_37 |
resource |
aws_appsync_domain_name_api_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 712 |
CKV2_AWS_37 |
resource |
aws_appsync_function |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 713 |
CKV2_AWS_37 |
resource |
aws_appsync_graphql_api |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 714 |
CKV2_AWS_37 |
resource |
aws_appsync_resolver |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 715 |
CKV2_AWS_37 |
resource |
aws_appsync_source_api_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 716 |
CKV2_AWS_37 |
resource |
aws_appsync_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 717 |
CKV2_AWS_37 |
resource |
aws_athena_data_catalog |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 718 |
CKV2_AWS_37 |
resource |
aws_athena_database |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 719 |
CKV2_AWS_37 |
resource |
aws_athena_named_query |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 720 |
CKV2_AWS_37 |
resource |
aws_athena_prepared_statement |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 721 |
CKV2_AWS_37 |
resource |
aws_athena_workgroup |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 722 |
CKV2_AWS_37 |
resource |
aws_auditmanager_account_registration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 723 |
CKV2_AWS_37 |
resource |
aws_auditmanager_assessment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 724 |
CKV2_AWS_37 |
resource |
aws_auditmanager_assessment_delegation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 725 |
CKV2_AWS_37 |
resource |
aws_auditmanager_assessment_report |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 726 |
CKV2_AWS_37 |
resource |
aws_auditmanager_control |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 727 |
CKV2_AWS_37 |
resource |
aws_auditmanager_framework |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 728 |
CKV2_AWS_37 |
resource |
aws_auditmanager_framework_share |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 729 |
CKV2_AWS_37 |
resource |
aws_auditmanager_organization_admin_account_registration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 730 |
CKV2_AWS_37 |
resource |
aws_autoscaling_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 731 |
CKV2_AWS_37 |
resource |
aws_autoscaling_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 732 |
CKV2_AWS_37 |
resource |
aws_autoscaling_group_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 733 |
CKV2_AWS_37 |
resource |
aws_autoscaling_lifecycle_hook |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 734 |
CKV2_AWS_37 |
resource |
aws_autoscaling_notification |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 735 |
CKV2_AWS_37 |
resource |
aws_autoscaling_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 736 |
CKV2_AWS_37 |
resource |
aws_autoscaling_schedule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 737 |
CKV2_AWS_37 |
resource |
aws_autoscaling_traffic_source_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 738 |
CKV2_AWS_37 |
resource |
aws_autoscalingplans_scaling_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 739 |
CKV2_AWS_37 |
resource |
aws_az_info |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 740 |
CKV2_AWS_37 |
resource |
aws_backup_framework |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 741 |
CKV2_AWS_37 |
resource |
aws_backup_global_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 742 |
CKV2_AWS_37 |
resource |
aws_backup_logically_air_gapped_vault |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 743 |
CKV2_AWS_37 |
resource |
aws_backup_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 744 |
CKV2_AWS_37 |
resource |
aws_backup_region_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 745 |
CKV2_AWS_37 |
resource |
aws_backup_report_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 746 |
CKV2_AWS_37 |
resource |
aws_backup_restore_testing_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 747 |
CKV2_AWS_37 |
resource |
aws_backup_restore_testing_selection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 748 |
CKV2_AWS_37 |
resource |
aws_backup_selection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 749 |
CKV2_AWS_37 |
resource |
aws_backup_vault |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 750 |
CKV2_AWS_37 |
resource |
aws_backup_vault_lock_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 751 |
CKV2_AWS_37 |
resource |
aws_backup_vault_notifications |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 752 |
CKV2_AWS_37 |
resource |
aws_backup_vault_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 753 |
CKV2_AWS_37 |
resource |
aws_batch_compute_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 754 |
CKV2_AWS_37 |
resource |
aws_batch_job_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 755 |
CKV2_AWS_37 |
resource |
aws_batch_job_queue |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 756 |
CKV2_AWS_37 |
resource |
aws_batch_scheduling_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 757 |
CKV2_AWS_37 |
resource |
aws_bcmdataexports_export |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 758 |
CKV2_AWS_37 |
resource |
aws_bedrock_custom_model |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 759 |
CKV2_AWS_37 |
resource |
aws_bedrock_guardrail |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 760 |
CKV2_AWS_37 |
resource |
aws_bedrock_guardrail_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 761 |
CKV2_AWS_37 |
resource |
aws_bedrock_inference_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 762 |
CKV2_AWS_37 |
resource |
aws_bedrock_model_invocation_logging_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 763 |
CKV2_AWS_37 |
resource |
aws_bedrock_provisioned_model_throughput |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 764 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_agent |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 765 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_agent_action_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 766 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_agent_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 767 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_agent_collaborator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 768 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_agent_knowledge_base_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 769 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_data_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 770 |
CKV2_AWS_37 |
resource |
aws_bedrockagent_knowledge_base |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 771 |
CKV2_AWS_37 |
resource |
aws_budgets_budget |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 772 |
CKV2_AWS_37 |
resource |
aws_budgets_budget_action |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 773 |
CKV2_AWS_37 |
resource |
aws_caller_info |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 774 |
CKV2_AWS_37 |
resource |
aws_ce_anomaly_monitor |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 775 |
CKV2_AWS_37 |
resource |
aws_ce_anomaly_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 776 |
CKV2_AWS_37 |
resource |
aws_ce_cost_allocation_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 777 |
CKV2_AWS_37 |
resource |
aws_ce_cost_category |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 778 |
CKV2_AWS_37 |
resource |
aws_chatbot_slack_channel_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 779 |
CKV2_AWS_37 |
resource |
aws_chatbot_teams_channel_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 780 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 781 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 782 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector_logging |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 783 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector_origination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 784 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector_streaming |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 785 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector_termination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 786 |
CKV2_AWS_37 |
resource |
aws_chime_voice_connector_termination_credentials |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 787 |
CKV2_AWS_37 |
resource |
aws_chimesdkmediapipelines_media_insights_pipeline_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 788 |
CKV2_AWS_37 |
resource |
aws_chimesdkvoice_global_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 789 |
CKV2_AWS_37 |
resource |
aws_chimesdkvoice_sip_media_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 790 |
CKV2_AWS_37 |
resource |
aws_chimesdkvoice_sip_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 791 |
CKV2_AWS_37 |
resource |
aws_chimesdkvoice_voice_profile_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 792 |
CKV2_AWS_37 |
resource |
aws_cleanrooms_collaboration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 793 |
CKV2_AWS_37 |
resource |
aws_cleanrooms_configured_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 794 |
CKV2_AWS_37 |
resource |
aws_cleanrooms_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 795 |
CKV2_AWS_37 |
resource |
aws_cloud9_environment_ec2 |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 796 |
CKV2_AWS_37 |
resource |
aws_cloud9_environment_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 797 |
CKV2_AWS_37 |
resource |
aws_cloudcontrolapi_resource |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 798 |
CKV2_AWS_37 |
resource |
aws_cloudformation_stack |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 799 |
CKV2_AWS_37 |
resource |
aws_cloudformation_stack_instances |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 800 |
CKV2_AWS_37 |
resource |
aws_cloudformation_stack_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 801 |
CKV2_AWS_37 |
resource |
aws_cloudformation_stack_set_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 802 |
CKV2_AWS_37 |
resource |
aws_cloudformation_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 803 |
CKV2_AWS_37 |
resource |
aws_cloudfront_cache_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 804 |
CKV2_AWS_37 |
resource |
aws_cloudfront_continuous_deployment_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 805 |
CKV2_AWS_37 |
resource |
aws_cloudfront_distribution |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 806 |
CKV2_AWS_37 |
resource |
aws_cloudfront_field_level_encryption_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 807 |
CKV2_AWS_37 |
resource |
aws_cloudfront_field_level_encryption_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 808 |
CKV2_AWS_37 |
resource |
aws_cloudfront_function |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 809 |
CKV2_AWS_37 |
resource |
aws_cloudfront_key_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 810 |
CKV2_AWS_37 |
resource |
aws_cloudfront_key_value_store |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 811 |
CKV2_AWS_37 |
resource |
aws_cloudfront_monitoring_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 812 |
CKV2_AWS_37 |
resource |
aws_cloudfront_origin_access_control |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 813 |
CKV2_AWS_37 |
resource |
aws_cloudfront_origin_access_identity |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 814 |
CKV2_AWS_37 |
resource |
aws_cloudfront_origin_request_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 815 |
CKV2_AWS_37 |
resource |
aws_cloudfront_public_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 816 |
CKV2_AWS_37 |
resource |
aws_cloudfront_realtime_log_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 817 |
CKV2_AWS_37 |
resource |
aws_cloudfront_response_headers_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 818 |
CKV2_AWS_37 |
resource |
aws_cloudfront_vpc_origin |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 819 |
CKV2_AWS_37 |
resource |
aws_cloudfrontkeyvaluestore_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 820 |
CKV2_AWS_37 |
resource |
aws_cloudhsm_v2_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 821 |
CKV2_AWS_37 |
resource |
aws_cloudhsm_v2_hsm |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 822 |
CKV2_AWS_37 |
resource |
aws_cloudsearch_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 823 |
CKV2_AWS_37 |
resource |
aws_cloudsearch_domain_service_access_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 824 |
CKV2_AWS_37 |
resource |
aws_cloudtrail |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 825 |
CKV2_AWS_37 |
resource |
aws_cloudtrail_event_data_store |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 826 |
CKV2_AWS_37 |
resource |
aws_cloudtrail_organization_delegated_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 827 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_composite_alarm |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 828 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_dashboard |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 829 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_api_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 830 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_archive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 831 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_bus |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 832 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_bus_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 833 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 834 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 835 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 836 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 837 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_event_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 838 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_account_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 839 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_anomaly_detector |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 840 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_data_protection_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 841 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_delivery |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 842 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_delivery_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 843 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_delivery_destination_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 844 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_delivery_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 845 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 846 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_destination_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 847 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 848 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_index_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 849 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_metric_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 850 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 851 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 852 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_log_subscription_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 853 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_metric_alarm |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 854 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_metric_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 855 |
CKV2_AWS_37 |
resource |
aws_cloudwatch_query_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 856 |
CKV2_AWS_37 |
resource |
aws_codeartifact_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 857 |
CKV2_AWS_37 |
resource |
aws_codeartifact_domain_permissions_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 858 |
CKV2_AWS_37 |
resource |
aws_codeartifact_repository |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 859 |
CKV2_AWS_37 |
resource |
aws_codeartifact_repository_permissions_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 860 |
CKV2_AWS_37 |
resource |
aws_codebuild_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 861 |
CKV2_AWS_37 |
resource |
aws_codebuild_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 862 |
CKV2_AWS_37 |
resource |
aws_codebuild_report_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 863 |
CKV2_AWS_37 |
resource |
aws_codebuild_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 864 |
CKV2_AWS_37 |
resource |
aws_codebuild_source_credential |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 865 |
CKV2_AWS_37 |
resource |
aws_codebuild_webhook |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 866 |
CKV2_AWS_37 |
resource |
aws_codecatalyst_dev_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 867 |
CKV2_AWS_37 |
resource |
aws_codecatalyst_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 868 |
CKV2_AWS_37 |
resource |
aws_codecatalyst_source_repository |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 869 |
CKV2_AWS_37 |
resource |
aws_codecommit_approval_rule_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 870 |
CKV2_AWS_37 |
resource |
aws_codecommit_approval_rule_template_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 871 |
CKV2_AWS_37 |
resource |
aws_codecommit_repository |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 872 |
CKV2_AWS_37 |
resource |
aws_codecommit_trigger |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 873 |
CKV2_AWS_37 |
resource |
aws_codeconnections_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 874 |
CKV2_AWS_37 |
resource |
aws_codeconnections_host |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 875 |
CKV2_AWS_37 |
resource |
aws_codedeploy_app |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 876 |
CKV2_AWS_37 |
resource |
aws_codedeploy_deployment_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 877 |
CKV2_AWS_37 |
resource |
aws_codedeploy_deployment_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 878 |
CKV2_AWS_37 |
resource |
aws_codeguruprofiler_profiling_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 879 |
CKV2_AWS_37 |
resource |
aws_codegurureviewer_repository_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 880 |
CKV2_AWS_37 |
resource |
aws_codepipeline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 881 |
CKV2_AWS_37 |
resource |
aws_codepipeline_custom_action_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 882 |
CKV2_AWS_37 |
resource |
aws_codepipeline_webhook |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 883 |
CKV2_AWS_37 |
resource |
aws_codestarconnections_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 884 |
CKV2_AWS_37 |
resource |
aws_codestarconnections_host |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 885 |
CKV2_AWS_37 |
resource |
aws_codestarnotifications_notification_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 886 |
CKV2_AWS_37 |
resource |
aws_cognito_identity_pool |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 887 |
CKV2_AWS_37 |
resource |
aws_cognito_identity_pool_provider_principal_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 888 |
CKV2_AWS_37 |
resource |
aws_cognito_identity_pool_roles_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 889 |
CKV2_AWS_37 |
resource |
aws_cognito_identity_provider |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 890 |
CKV2_AWS_37 |
resource |
aws_cognito_managed_user_pool_client |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 891 |
CKV2_AWS_37 |
resource |
aws_cognito_resource_server |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 892 |
CKV2_AWS_37 |
resource |
aws_cognito_risk_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 893 |
CKV2_AWS_37 |
resource |
aws_cognito_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 894 |
CKV2_AWS_37 |
resource |
aws_cognito_user_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 895 |
CKV2_AWS_37 |
resource |
aws_cognito_user_in_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 896 |
CKV2_AWS_37 |
resource |
aws_cognito_user_pool |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 897 |
CKV2_AWS_37 |
resource |
aws_cognito_user_pool_client |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 898 |
CKV2_AWS_37 |
resource |
aws_cognito_user_pool_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 899 |
CKV2_AWS_37 |
resource |
aws_cognito_user_pool_ui_customization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 900 |
CKV2_AWS_37 |
resource |
aws_comprehend_document_classifier |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 901 |
CKV2_AWS_37 |
resource |
aws_comprehend_entity_recognizer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 902 |
CKV2_AWS_37 |
resource |
aws_computeoptimizer_enrollment_status |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 903 |
CKV2_AWS_37 |
resource |
aws_computeoptimizer_recommendation_preferences |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 904 |
CKV2_AWS_37 |
resource |
aws_config_aggregate_authorization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 905 |
CKV2_AWS_37 |
resource |
aws_config_config_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 906 |
CKV2_AWS_37 |
resource |
aws_config_configuration_aggregator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 907 |
CKV2_AWS_37 |
resource |
aws_config_configuration_recorder |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 908 |
CKV2_AWS_37 |
resource |
aws_config_configuration_recorder_status |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 909 |
CKV2_AWS_37 |
resource |
aws_config_conformance_pack |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 910 |
CKV2_AWS_37 |
resource |
aws_config_delivery_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 911 |
CKV2_AWS_37 |
resource |
aws_config_organization_conformance_pack |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 912 |
CKV2_AWS_37 |
resource |
aws_config_organization_custom_policy_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 913 |
CKV2_AWS_37 |
resource |
aws_config_organization_custom_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 914 |
CKV2_AWS_37 |
resource |
aws_config_organization_managed_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 915 |
CKV2_AWS_37 |
resource |
aws_config_remediation_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 916 |
CKV2_AWS_37 |
resource |
aws_config_retention_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 917 |
CKV2_AWS_37 |
resource |
aws_connect_bot_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 918 |
CKV2_AWS_37 |
resource |
aws_connect_contact_flow |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 919 |
CKV2_AWS_37 |
resource |
aws_connect_contact_flow_module |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 920 |
CKV2_AWS_37 |
resource |
aws_connect_hours_of_operation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 921 |
CKV2_AWS_37 |
resource |
aws_connect_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 922 |
CKV2_AWS_37 |
resource |
aws_connect_instance_storage_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 923 |
CKV2_AWS_37 |
resource |
aws_connect_lambda_function_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 924 |
CKV2_AWS_37 |
resource |
aws_connect_phone_number |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 925 |
CKV2_AWS_37 |
resource |
aws_connect_queue |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 926 |
CKV2_AWS_37 |
resource |
aws_connect_quick_connect |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 927 |
CKV2_AWS_37 |
resource |
aws_connect_routing_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 928 |
CKV2_AWS_37 |
resource |
aws_connect_security_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 929 |
CKV2_AWS_37 |
resource |
aws_connect_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 930 |
CKV2_AWS_37 |
resource |
aws_connect_user_hierarchy_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 931 |
CKV2_AWS_37 |
resource |
aws_connect_user_hierarchy_structure |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 932 |
CKV2_AWS_37 |
resource |
aws_connect_vocabulary |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 933 |
CKV2_AWS_37 |
resource |
aws_controltower_control |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 934 |
CKV2_AWS_37 |
resource |
aws_controltower_landing_zone |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 935 |
CKV2_AWS_37 |
resource |
aws_costoptimizationhub_enrollment_status |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 936 |
CKV2_AWS_37 |
resource |
aws_costoptimizationhub_preferences |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 937 |
CKV2_AWS_37 |
resource |
aws_cur_report_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 938 |
CKV2_AWS_37 |
resource |
aws_customer_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 939 |
CKV2_AWS_37 |
resource |
aws_customerprofiles_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 940 |
CKV2_AWS_37 |
resource |
aws_customerprofiles_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 941 |
CKV2_AWS_37 |
resource |
aws_dataexchange_data_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 942 |
CKV2_AWS_37 |
resource |
aws_dataexchange_revision |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 943 |
CKV2_AWS_37 |
resource |
aws_datapipeline_pipeline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 944 |
CKV2_AWS_37 |
resource |
aws_datapipeline_pipeline_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 945 |
CKV2_AWS_37 |
resource |
aws_datasync_agent |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 946 |
CKV2_AWS_37 |
resource |
aws_datasync_location_azure_blob |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 947 |
CKV2_AWS_37 |
resource |
aws_datasync_location_efs |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 948 |
CKV2_AWS_37 |
resource |
aws_datasync_location_fsx_lustre_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 949 |
CKV2_AWS_37 |
resource |
aws_datasync_location_fsx_ontap_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 950 |
CKV2_AWS_37 |
resource |
aws_datasync_location_fsx_openzfs_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 951 |
CKV2_AWS_37 |
resource |
aws_datasync_location_fsx_windows_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 952 |
CKV2_AWS_37 |
resource |
aws_datasync_location_hdfs |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 953 |
CKV2_AWS_37 |
resource |
aws_datasync_location_nfs |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 954 |
CKV2_AWS_37 |
resource |
aws_datasync_location_object_storage |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 955 |
CKV2_AWS_37 |
resource |
aws_datasync_location_s3 |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 956 |
CKV2_AWS_37 |
resource |
aws_datasync_location_smb |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 957 |
CKV2_AWS_37 |
resource |
aws_datasync_task |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 958 |
CKV2_AWS_37 |
resource |
aws_datazone_asset_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 959 |
CKV2_AWS_37 |
resource |
aws_datazone_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 960 |
CKV2_AWS_37 |
resource |
aws_datazone_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 961 |
CKV2_AWS_37 |
resource |
aws_datazone_environment_blueprint_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 962 |
CKV2_AWS_37 |
resource |
aws_datazone_environment_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 963 |
CKV2_AWS_37 |
resource |
aws_datazone_form_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 964 |
CKV2_AWS_37 |
resource |
aws_datazone_glossary |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 965 |
CKV2_AWS_37 |
resource |
aws_datazone_glossary_term |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 966 |
CKV2_AWS_37 |
resource |
aws_datazone_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 967 |
CKV2_AWS_37 |
resource |
aws_datazone_user_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 968 |
CKV2_AWS_37 |
resource |
aws_dax_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 969 |
CKV2_AWS_37 |
resource |
aws_dax_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 970 |
CKV2_AWS_37 |
resource |
aws_dax_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 971 |
CKV2_AWS_37 |
resource |
aws_db_cluster_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 972 |
CKV2_AWS_37 |
resource |
aws_db_event_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 973 |
CKV2_AWS_37 |
resource |
aws_db_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 974 |
CKV2_AWS_37 |
resource |
aws_db_instance_automated_backups_replication |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 975 |
CKV2_AWS_37 |
resource |
aws_db_instance_role_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 976 |
CKV2_AWS_37 |
resource |
aws_db_option_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 977 |
CKV2_AWS_37 |
resource |
aws_db_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 978 |
CKV2_AWS_37 |
resource |
aws_db_proxy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 979 |
CKV2_AWS_37 |
resource |
aws_db_proxy_default_target_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 980 |
CKV2_AWS_37 |
resource |
aws_db_proxy_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 981 |
CKV2_AWS_37 |
resource |
aws_db_proxy_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 982 |
CKV2_AWS_37 |
resource |
aws_db_security_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 983 |
CKV2_AWS_37 |
resource |
aws_db_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 984 |
CKV2_AWS_37 |
resource |
aws_db_snapshot_copy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 985 |
CKV2_AWS_37 |
resource |
aws_db_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 986 |
CKV2_AWS_37 |
resource |
aws_default_network_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 987 |
CKV2_AWS_37 |
resource |
aws_default_route_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 988 |
CKV2_AWS_37 |
resource |
aws_default_security_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 989 |
CKV2_AWS_37 |
resource |
aws_default_subnet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 990 |
CKV2_AWS_37 |
resource |
aws_default_vpc |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 991 |
CKV2_AWS_37 |
resource |
aws_default_vpc_dhcp_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 992 |
CKV2_AWS_37 |
resource |
aws_detective_graph |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 993 |
CKV2_AWS_37 |
resource |
aws_detective_invitation_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 994 |
CKV2_AWS_37 |
resource |
aws_detective_member |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 995 |
CKV2_AWS_37 |
resource |
aws_detective_organization_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 996 |
CKV2_AWS_37 |
resource |
aws_detective_organization_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 997 |
CKV2_AWS_37 |
resource |
aws_devicefarm_device_pool |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 998 |
CKV2_AWS_37 |
resource |
aws_devicefarm_instance_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 999 |
CKV2_AWS_37 |
resource |
aws_devicefarm_network_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1000 |
CKV2_AWS_37 |
resource |
aws_devicefarm_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1001 |
CKV2_AWS_37 |
resource |
aws_devicefarm_test_grid_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1002 |
CKV2_AWS_37 |
resource |
aws_devicefarm_upload |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1003 |
CKV2_AWS_37 |
resource |
aws_devopsguru_event_sources_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1004 |
CKV2_AWS_37 |
resource |
aws_devopsguru_notification_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1005 |
CKV2_AWS_37 |
resource |
aws_devopsguru_resource_collection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1006 |
CKV2_AWS_37 |
resource |
aws_devopsguru_service_integration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1007 |
CKV2_AWS_37 |
resource |
aws_directory_service_conditional_forwarder |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1008 |
CKV2_AWS_37 |
resource |
aws_directory_service_directory |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1009 |
CKV2_AWS_37 |
resource |
aws_directory_service_log_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1010 |
CKV2_AWS_37 |
resource |
aws_directory_service_radius_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1011 |
CKV2_AWS_37 |
resource |
aws_directory_service_region |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1012 |
CKV2_AWS_37 |
resource |
aws_directory_service_shared_directory |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1013 |
CKV2_AWS_37 |
resource |
aws_directory_service_shared_directory_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1014 |
CKV2_AWS_37 |
resource |
aws_directory_service_trust |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1015 |
CKV2_AWS_37 |
resource |
aws_dlm_lifecycle_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1016 |
CKV2_AWS_37 |
resource |
aws_dms_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1017 |
CKV2_AWS_37 |
resource |
aws_dms_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1018 |
CKV2_AWS_37 |
resource |
aws_dms_event_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1019 |
CKV2_AWS_37 |
resource |
aws_dms_replication_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1020 |
CKV2_AWS_37 |
resource |
aws_dms_replication_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1021 |
CKV2_AWS_37 |
resource |
aws_dms_replication_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1022 |
CKV2_AWS_37 |
resource |
aws_dms_replication_task |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1023 |
CKV2_AWS_37 |
resource |
aws_dms_s3_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1024 |
CKV2_AWS_37 |
resource |
aws_docdb_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1025 |
CKV2_AWS_37 |
resource |
aws_docdb_cluster_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1026 |
CKV2_AWS_37 |
resource |
aws_docdb_cluster_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1027 |
CKV2_AWS_37 |
resource |
aws_docdb_cluster_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1028 |
CKV2_AWS_37 |
resource |
aws_docdb_event_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1029 |
CKV2_AWS_37 |
resource |
aws_docdb_global_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1030 |
CKV2_AWS_37 |
resource |
aws_docdb_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1031 |
CKV2_AWS_37 |
resource |
aws_docdbelastic_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1032 |
CKV2_AWS_37 |
resource |
aws_drs_replication_configuration_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1033 |
CKV2_AWS_37 |
resource |
aws_dx_bgp_peer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1034 |
CKV2_AWS_37 |
resource |
aws_dx_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1035 |
CKV2_AWS_37 |
resource |
aws_dx_connection_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1036 |
CKV2_AWS_37 |
resource |
aws_dx_connection_confirmation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1037 |
CKV2_AWS_37 |
resource |
aws_dx_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1038 |
CKV2_AWS_37 |
resource |
aws_dx_gateway_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1039 |
CKV2_AWS_37 |
resource |
aws_dx_gateway_association_proposal |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1040 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1041 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_private_virtual_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1042 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_private_virtual_interface_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1043 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_public_virtual_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1044 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_public_virtual_interface_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1045 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_transit_virtual_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1046 |
CKV2_AWS_37 |
resource |
aws_dx_hosted_transit_virtual_interface_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1047 |
CKV2_AWS_37 |
resource |
aws_dx_lag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1048 |
CKV2_AWS_37 |
resource |
aws_dx_macsec_key_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1049 |
CKV2_AWS_37 |
resource |
aws_dx_private_virtual_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1050 |
CKV2_AWS_37 |
resource |
aws_dx_public_virtual_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1051 |
CKV2_AWS_37 |
resource |
aws_dx_transit_virtual_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1052 |
CKV2_AWS_37 |
resource |
aws_dynamodb_contributor_insights |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1053 |
CKV2_AWS_37 |
resource |
aws_dynamodb_global_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1054 |
CKV2_AWS_37 |
resource |
aws_dynamodb_kinesis_streaming_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1055 |
CKV2_AWS_37 |
resource |
aws_dynamodb_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1056 |
CKV2_AWS_37 |
resource |
aws_dynamodb_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1057 |
CKV2_AWS_37 |
resource |
aws_dynamodb_table_export |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1058 |
CKV2_AWS_37 |
resource |
aws_dynamodb_table_item |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1059 |
CKV2_AWS_37 |
resource |
aws_dynamodb_table_replica |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1060 |
CKV2_AWS_37 |
resource |
aws_dynamodb_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1061 |
CKV2_AWS_37 |
resource |
aws_ebs_default_kms_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1062 |
CKV2_AWS_37 |
resource |
aws_ebs_encryption_by_default |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1063 |
CKV2_AWS_37 |
resource |
aws_ebs_fast_snapshot_restore |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1064 |
CKV2_AWS_37 |
resource |
aws_ebs_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1065 |
CKV2_AWS_37 |
resource |
aws_ebs_snapshot_block_public_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1066 |
CKV2_AWS_37 |
resource |
aws_ebs_snapshot_copy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1067 |
CKV2_AWS_37 |
resource |
aws_ebs_snapshot_import |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1068 |
CKV2_AWS_37 |
resource |
aws_ebs_volume |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1069 |
CKV2_AWS_37 |
resource |
aws_ec2_availability_zone_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1070 |
CKV2_AWS_37 |
resource |
aws_ec2_capacity_block_reservation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1071 |
CKV2_AWS_37 |
resource |
aws_ec2_capacity_reservation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1072 |
CKV2_AWS_37 |
resource |
aws_ec2_carrier_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1073 |
CKV2_AWS_37 |
resource |
aws_ec2_client_vpn_authorization_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1074 |
CKV2_AWS_37 |
resource |
aws_ec2_client_vpn_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1075 |
CKV2_AWS_37 |
resource |
aws_ec2_client_vpn_network_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1076 |
CKV2_AWS_37 |
resource |
aws_ec2_client_vpn_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1077 |
CKV2_AWS_37 |
resource |
aws_ec2_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1078 |
CKV2_AWS_37 |
resource |
aws_ec2_host |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1079 |
CKV2_AWS_37 |
resource |
aws_ec2_image_block_public_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1080 |
CKV2_AWS_37 |
resource |
aws_ec2_instance_connect_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1081 |
CKV2_AWS_37 |
resource |
aws_ec2_instance_metadata_defaults |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1082 |
CKV2_AWS_37 |
resource |
aws_ec2_instance_state |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1083 |
CKV2_AWS_37 |
resource |
aws_ec2_local_gateway_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1084 |
CKV2_AWS_37 |
resource |
aws_ec2_local_gateway_route_table_vpc_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1085 |
CKV2_AWS_37 |
resource |
aws_ec2_managed_prefix_list |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1086 |
CKV2_AWS_37 |
resource |
aws_ec2_managed_prefix_list_entry |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1087 |
CKV2_AWS_37 |
resource |
aws_ec2_network_insights_analysis |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1088 |
CKV2_AWS_37 |
resource |
aws_ec2_network_insights_path |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1089 |
CKV2_AWS_37 |
resource |
aws_ec2_serial_console_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1090 |
CKV2_AWS_37 |
resource |
aws_ec2_subnet_cidr_reservation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1091 |
CKV2_AWS_37 |
resource |
aws_ec2_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1092 |
CKV2_AWS_37 |
resource |
aws_ec2_traffic_mirror_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1093 |
CKV2_AWS_37 |
resource |
aws_ec2_traffic_mirror_filter_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1094 |
CKV2_AWS_37 |
resource |
aws_ec2_traffic_mirror_session |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1095 |
CKV2_AWS_37 |
resource |
aws_ec2_traffic_mirror_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1096 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1097 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_connect |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1098 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_connect_peer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1099 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_default_route_table_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1100 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_default_route_table_propagation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1101 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_multicast_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1102 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_multicast_domain_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1103 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_multicast_group_member |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1104 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_multicast_group_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1105 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_peering_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1106 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_peering_attachment_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1107 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_policy_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1108 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_policy_table_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1109 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_prefix_list_reference |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1110 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1111 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_route_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1112 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_route_table_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1113 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_route_table_propagation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1114 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_vpc_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1115 |
CKV2_AWS_37 |
resource |
aws_ec2_transit_gateway_vpc_attachment_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1116 |
CKV2_AWS_37 |
resource |
aws_ecr_account_setting |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1117 |
CKV2_AWS_37 |
resource |
aws_ecr_lifecycle_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1118 |
CKV2_AWS_37 |
resource |
aws_ecr_pull_through_cache_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1119 |
CKV2_AWS_37 |
resource |
aws_ecr_registry_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1120 |
CKV2_AWS_37 |
resource |
aws_ecr_registry_scanning_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1121 |
CKV2_AWS_37 |
resource |
aws_ecr_replication_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1122 |
CKV2_AWS_37 |
resource |
aws_ecr_repository |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1123 |
CKV2_AWS_37 |
resource |
aws_ecr_repository_creation_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1124 |
CKV2_AWS_37 |
resource |
aws_ecr_repository_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1125 |
CKV2_AWS_37 |
resource |
aws_ecrpublic_repository |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1126 |
CKV2_AWS_37 |
resource |
aws_ecrpublic_repository_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1127 |
CKV2_AWS_37 |
resource |
aws_ecs_account_setting_default |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1128 |
CKV2_AWS_37 |
resource |
aws_ecs_capacity_provider |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1129 |
CKV2_AWS_37 |
resource |
aws_ecs_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1130 |
CKV2_AWS_37 |
resource |
aws_ecs_cluster_capacity_providers |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1131 |
CKV2_AWS_37 |
resource |
aws_ecs_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1132 |
CKV2_AWS_37 |
resource |
aws_ecs_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1133 |
CKV2_AWS_37 |
resource |
aws_ecs_task_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1134 |
CKV2_AWS_37 |
resource |
aws_ecs_task_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1135 |
CKV2_AWS_37 |
resource |
aws_efs_access_point |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1136 |
CKV2_AWS_37 |
resource |
aws_efs_backup_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1137 |
CKV2_AWS_37 |
resource |
aws_efs_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1138 |
CKV2_AWS_37 |
resource |
aws_efs_file_system_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1139 |
CKV2_AWS_37 |
resource |
aws_efs_mount_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1140 |
CKV2_AWS_37 |
resource |
aws_efs_replication_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1141 |
CKV2_AWS_37 |
resource |
aws_egress_only_internet_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1142 |
CKV2_AWS_37 |
resource |
aws_eip |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1143 |
CKV2_AWS_37 |
resource |
aws_eip_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1144 |
CKV2_AWS_37 |
resource |
aws_eip_domain_name |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1145 |
CKV2_AWS_37 |
resource |
aws_eks_access_entry |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1146 |
CKV2_AWS_37 |
resource |
aws_eks_access_policy_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1147 |
CKV2_AWS_37 |
resource |
aws_eks_addon |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1148 |
CKV2_AWS_37 |
resource |
aws_eks_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1149 |
CKV2_AWS_37 |
resource |
aws_eks_fargate_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1150 |
CKV2_AWS_37 |
resource |
aws_eks_identity_provider_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1151 |
CKV2_AWS_37 |
resource |
aws_eks_node_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1152 |
CKV2_AWS_37 |
resource |
aws_eks_pod_identity_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1153 |
CKV2_AWS_37 |
resource |
aws_elastic_beanstalk_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1154 |
CKV2_AWS_37 |
resource |
aws_elastic_beanstalk_application_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1155 |
CKV2_AWS_37 |
resource |
aws_elastic_beanstalk_configuration_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1156 |
CKV2_AWS_37 |
resource |
aws_elastic_beanstalk_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1157 |
CKV2_AWS_37 |
resource |
aws_elasticache_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1158 |
CKV2_AWS_37 |
resource |
aws_elasticache_global_replication_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1159 |
CKV2_AWS_37 |
resource |
aws_elasticache_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1160 |
CKV2_AWS_37 |
resource |
aws_elasticache_replication_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1161 |
CKV2_AWS_37 |
resource |
aws_elasticache_reserved_cache_node |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1162 |
CKV2_AWS_37 |
resource |
aws_elasticache_security_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1163 |
CKV2_AWS_37 |
resource |
aws_elasticache_serverless_cache |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1164 |
CKV2_AWS_37 |
resource |
aws_elasticache_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1165 |
CKV2_AWS_37 |
resource |
aws_elasticache_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1166 |
CKV2_AWS_37 |
resource |
aws_elasticache_user_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1167 |
CKV2_AWS_37 |
resource |
aws_elasticache_user_group_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1168 |
CKV2_AWS_37 |
resource |
aws_elasticsearch_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1169 |
CKV2_AWS_37 |
resource |
aws_elasticsearch_domain_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1170 |
CKV2_AWS_37 |
resource |
aws_elasticsearch_domain_saml_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1171 |
CKV2_AWS_37 |
resource |
aws_elasticsearch_vpc_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1172 |
CKV2_AWS_37 |
resource |
aws_elastictranscoder_pipeline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1173 |
CKV2_AWS_37 |
resource |
aws_elastictranscoder_preset |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1174 |
CKV2_AWS_37 |
resource |
aws_elb |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1175 |
CKV2_AWS_37 |
resource |
aws_elb_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1176 |
CKV2_AWS_37 |
resource |
aws_emr_block_public_access_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1177 |
CKV2_AWS_37 |
resource |
aws_emr_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1178 |
CKV2_AWS_37 |
resource |
aws_emr_instance_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1179 |
CKV2_AWS_37 |
resource |
aws_emr_instance_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1180 |
CKV2_AWS_37 |
resource |
aws_emr_managed_scaling_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1181 |
CKV2_AWS_37 |
resource |
aws_emr_security_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1182 |
CKV2_AWS_37 |
resource |
aws_emr_studio |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1183 |
CKV2_AWS_37 |
resource |
aws_emr_studio_session_mapping |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1184 |
CKV2_AWS_37 |
resource |
aws_emrcontainers_job_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1185 |
CKV2_AWS_37 |
resource |
aws_emrcontainers_virtual_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1186 |
CKV2_AWS_37 |
resource |
aws_emrserverless_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1187 |
CKV2_AWS_37 |
resource |
aws_evidently_feature |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1188 |
CKV2_AWS_37 |
resource |
aws_evidently_launch |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1189 |
CKV2_AWS_37 |
resource |
aws_evidently_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1190 |
CKV2_AWS_37 |
resource |
aws_evidently_segment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1191 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1192 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_database |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1193 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_dataview |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1194 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1195 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_scaling_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1196 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1197 |
CKV2_AWS_37 |
resource |
aws_finspace_kx_volume |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1198 |
CKV2_AWS_37 |
resource |
aws_fis_experiment_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1199 |
CKV2_AWS_37 |
resource |
aws_flow_log |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1200 |
CKV2_AWS_37 |
resource |
aws_fms_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1201 |
CKV2_AWS_37 |
resource |
aws_fms_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1202 |
CKV2_AWS_37 |
resource |
aws_fms_resource_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1203 |
CKV2_AWS_37 |
resource |
aws_fsx_backup |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1204 |
CKV2_AWS_37 |
resource |
aws_fsx_data_repository_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1205 |
CKV2_AWS_37 |
resource |
aws_fsx_file_cache |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1206 |
CKV2_AWS_37 |
resource |
aws_fsx_lustre_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1207 |
CKV2_AWS_37 |
resource |
aws_fsx_ontap_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1208 |
CKV2_AWS_37 |
resource |
aws_fsx_ontap_storage_virtual_machine |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1209 |
CKV2_AWS_37 |
resource |
aws_fsx_ontap_volume |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1210 |
CKV2_AWS_37 |
resource |
aws_fsx_openzfs_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1211 |
CKV2_AWS_37 |
resource |
aws_fsx_openzfs_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1212 |
CKV2_AWS_37 |
resource |
aws_fsx_openzfs_volume |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1213 |
CKV2_AWS_37 |
resource |
aws_fsx_windows_file_system |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1214 |
CKV2_AWS_37 |
resource |
aws_gamelift_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1215 |
CKV2_AWS_37 |
resource |
aws_gamelift_build |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1216 |
CKV2_AWS_37 |
resource |
aws_gamelift_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1217 |
CKV2_AWS_37 |
resource |
aws_gamelift_game_server_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1218 |
CKV2_AWS_37 |
resource |
aws_gamelift_game_session_queue |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1219 |
CKV2_AWS_37 |
resource |
aws_gamelift_script |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1220 |
CKV2_AWS_37 |
resource |
aws_glacier_vault |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1221 |
CKV2_AWS_37 |
resource |
aws_glacier_vault_lock |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1222 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_accelerator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1223 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_cross_account_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1224 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_custom_routing_accelerator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1225 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_custom_routing_endpoint_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1226 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_custom_routing_listener |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1227 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_endpoint_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1228 |
CKV2_AWS_37 |
resource |
aws_globalaccelerator_listener |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1229 |
CKV2_AWS_37 |
resource |
aws_glue_catalog_database |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1230 |
CKV2_AWS_37 |
resource |
aws_glue_catalog_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1231 |
CKV2_AWS_37 |
resource |
aws_glue_catalog_table_optimizer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1232 |
CKV2_AWS_37 |
resource |
aws_glue_classifier |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1233 |
CKV2_AWS_37 |
resource |
aws_glue_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1234 |
CKV2_AWS_37 |
resource |
aws_glue_crawler |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1235 |
CKV2_AWS_37 |
resource |
aws_glue_data_catalog_encryption_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1236 |
CKV2_AWS_37 |
resource |
aws_glue_data_quality_ruleset |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1237 |
CKV2_AWS_37 |
resource |
aws_glue_dev_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1238 |
CKV2_AWS_37 |
resource |
aws_glue_job |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1239 |
CKV2_AWS_37 |
resource |
aws_glue_ml_transform |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1240 |
CKV2_AWS_37 |
resource |
aws_glue_partition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1241 |
CKV2_AWS_37 |
resource |
aws_glue_partition_index |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1242 |
CKV2_AWS_37 |
resource |
aws_glue_registry |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1243 |
CKV2_AWS_37 |
resource |
aws_glue_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1244 |
CKV2_AWS_37 |
resource |
aws_glue_schema |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1245 |
CKV2_AWS_37 |
resource |
aws_glue_security_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1246 |
CKV2_AWS_37 |
resource |
aws_glue_trigger |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1247 |
CKV2_AWS_37 |
resource |
aws_glue_user_defined_function |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1248 |
CKV2_AWS_37 |
resource |
aws_glue_workflow |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1249 |
CKV2_AWS_37 |
resource |
aws_grafana_license_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1250 |
CKV2_AWS_37 |
resource |
aws_grafana_role_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1251 |
CKV2_AWS_37 |
resource |
aws_grafana_workspace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1252 |
CKV2_AWS_37 |
resource |
aws_grafana_workspace_api_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1253 |
CKV2_AWS_37 |
resource |
aws_grafana_workspace_saml_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1254 |
CKV2_AWS_37 |
resource |
aws_grafana_workspace_service_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1255 |
CKV2_AWS_37 |
resource |
aws_grafana_workspace_service_account_token |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1256 |
CKV2_AWS_37 |
resource |
aws_guardduty_detector |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1257 |
CKV2_AWS_37 |
resource |
aws_guardduty_detector_feature |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1258 |
CKV2_AWS_37 |
resource |
aws_guardduty_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1259 |
CKV2_AWS_37 |
resource |
aws_guardduty_invite_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1260 |
CKV2_AWS_37 |
resource |
aws_guardduty_ipset |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1261 |
CKV2_AWS_37 |
resource |
aws_guardduty_malware_protection_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1262 |
CKV2_AWS_37 |
resource |
aws_guardduty_member |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1263 |
CKV2_AWS_37 |
resource |
aws_guardduty_member_detector_feature |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1264 |
CKV2_AWS_37 |
resource |
aws_guardduty_organization_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1265 |
CKV2_AWS_37 |
resource |
aws_guardduty_organization_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1266 |
CKV2_AWS_37 |
resource |
aws_guardduty_organization_configuration_feature |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1267 |
CKV2_AWS_37 |
resource |
aws_guardduty_publishing_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1268 |
CKV2_AWS_37 |
resource |
aws_guardduty_threatintelset |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1269 |
CKV2_AWS_37 |
resource |
aws_iam_access_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1270 |
CKV2_AWS_37 |
resource |
aws_iam_account_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1271 |
CKV2_AWS_37 |
resource |
aws_iam_account_password_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1272 |
CKV2_AWS_37 |
resource |
aws_iam_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1273 |
CKV2_AWS_37 |
resource |
aws_iam_group_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1274 |
CKV2_AWS_37 |
resource |
aws_iam_group_policies_exclusive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1275 |
CKV2_AWS_37 |
resource |
aws_iam_group_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1276 |
CKV2_AWS_37 |
resource |
aws_iam_group_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1277 |
CKV2_AWS_37 |
resource |
aws_iam_group_policy_attachments_exclusive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1278 |
CKV2_AWS_37 |
resource |
aws_iam_instance_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1279 |
CKV2_AWS_37 |
resource |
aws_iam_openid_connect_provider |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1280 |
CKV2_AWS_37 |
resource |
aws_iam_organizations_features |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1281 |
CKV2_AWS_37 |
resource |
aws_iam_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1282 |
CKV2_AWS_37 |
resource |
aws_iam_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1283 |
CKV2_AWS_37 |
resource |
aws_iam_policy_document |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1284 |
CKV2_AWS_37 |
resource |
aws_iam_role |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1285 |
CKV2_AWS_37 |
resource |
aws_iam_role_policies_exclusive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1286 |
CKV2_AWS_37 |
resource |
aws_iam_role_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1287 |
CKV2_AWS_37 |
resource |
aws_iam_role_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1288 |
CKV2_AWS_37 |
resource |
aws_iam_role_policy_attachments_exclusive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1289 |
CKV2_AWS_37 |
resource |
aws_iam_saml_provider |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1290 |
CKV2_AWS_37 |
resource |
aws_iam_security_token_service_preferences |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1291 |
CKV2_AWS_37 |
resource |
aws_iam_server_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1292 |
CKV2_AWS_37 |
resource |
aws_iam_service_linked_role |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1293 |
CKV2_AWS_37 |
resource |
aws_iam_service_specific_credential |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1294 |
CKV2_AWS_37 |
resource |
aws_iam_signing_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1295 |
CKV2_AWS_37 |
resource |
aws_iam_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1296 |
CKV2_AWS_37 |
resource |
aws_iam_user_group_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1297 |
CKV2_AWS_37 |
resource |
aws_iam_user_login_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1298 |
CKV2_AWS_37 |
resource |
aws_iam_user_policies_exclusive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1299 |
CKV2_AWS_37 |
resource |
aws_iam_user_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1300 |
CKV2_AWS_37 |
resource |
aws_iam_user_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1301 |
CKV2_AWS_37 |
resource |
aws_iam_user_policy_attachments_exclusive |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1302 |
CKV2_AWS_37 |
resource |
aws_iam_user_ssh_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1303 |
CKV2_AWS_37 |
resource |
aws_iam_virtual_mfa_device |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1304 |
CKV2_AWS_37 |
resource |
aws_identitystore_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1305 |
CKV2_AWS_37 |
resource |
aws_identitystore_group_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1306 |
CKV2_AWS_37 |
resource |
aws_identitystore_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1307 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_component |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1308 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_container_recipe |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1309 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_distribution_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1310 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_image |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1311 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_image_pipeline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1312 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_image_recipe |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1313 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_infrastructure_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1314 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_lifecycle_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1315 |
CKV2_AWS_37 |
resource |
aws_imagebuilder_workflow |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1316 |
CKV2_AWS_37 |
resource |
aws_inspector2_delegated_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1317 |
CKV2_AWS_37 |
resource |
aws_inspector2_enabler |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1318 |
CKV2_AWS_37 |
resource |
aws_inspector2_member_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1319 |
CKV2_AWS_37 |
resource |
aws_inspector2_organization_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1320 |
CKV2_AWS_37 |
resource |
aws_inspector_assessment_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1321 |
CKV2_AWS_37 |
resource |
aws_inspector_assessment_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1322 |
CKV2_AWS_37 |
resource |
aws_inspector_resource_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1323 |
CKV2_AWS_37 |
resource |
aws_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1324 |
CKV2_AWS_37 |
resource |
aws_internet_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1325 |
CKV2_AWS_37 |
resource |
aws_internet_gateway_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1326 |
CKV2_AWS_37 |
resource |
aws_internetmonitor_monitor |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1327 |
CKV2_AWS_37 |
resource |
aws_iot_authorizer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1328 |
CKV2_AWS_37 |
resource |
aws_iot_billing_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1329 |
CKV2_AWS_37 |
resource |
aws_iot_ca_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1330 |
CKV2_AWS_37 |
resource |
aws_iot_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1331 |
CKV2_AWS_37 |
resource |
aws_iot_domain_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1332 |
CKV2_AWS_37 |
resource |
aws_iot_event_configurations |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1333 |
CKV2_AWS_37 |
resource |
aws_iot_indexing_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1334 |
CKV2_AWS_37 |
resource |
aws_iot_logging_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1335 |
CKV2_AWS_37 |
resource |
aws_iot_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1336 |
CKV2_AWS_37 |
resource |
aws_iot_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1337 |
CKV2_AWS_37 |
resource |
aws_iot_provisioning_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1338 |
CKV2_AWS_37 |
resource |
aws_iot_role_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1339 |
CKV2_AWS_37 |
resource |
aws_iot_thing |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1340 |
CKV2_AWS_37 |
resource |
aws_iot_thing_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1341 |
CKV2_AWS_37 |
resource |
aws_iot_thing_group_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1342 |
CKV2_AWS_37 |
resource |
aws_iot_thing_principal_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1343 |
CKV2_AWS_37 |
resource |
aws_iot_thing_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1344 |
CKV2_AWS_37 |
resource |
aws_iot_topic_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1345 |
CKV2_AWS_37 |
resource |
aws_iot_topic_rule_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1346 |
CKV2_AWS_37 |
resource |
aws_ivs_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1347 |
CKV2_AWS_37 |
resource |
aws_ivs_playback_key_pair |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1348 |
CKV2_AWS_37 |
resource |
aws_ivs_recording_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1349 |
CKV2_AWS_37 |
resource |
aws_ivschat_logging_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1350 |
CKV2_AWS_37 |
resource |
aws_ivschat_room |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1351 |
CKV2_AWS_37 |
resource |
aws_kendra_data_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1352 |
CKV2_AWS_37 |
resource |
aws_kendra_experience |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1353 |
CKV2_AWS_37 |
resource |
aws_kendra_faq |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1354 |
CKV2_AWS_37 |
resource |
aws_kendra_index |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1355 |
CKV2_AWS_37 |
resource |
aws_kendra_query_suggestions_block_list |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1356 |
CKV2_AWS_37 |
resource |
aws_kendra_thesaurus |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1357 |
CKV2_AWS_37 |
resource |
aws_key_pair |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1358 |
CKV2_AWS_37 |
resource |
aws_keyspaces_keyspace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1359 |
CKV2_AWS_37 |
resource |
aws_keyspaces_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1360 |
CKV2_AWS_37 |
resource |
aws_kinesis_analytics_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1361 |
CKV2_AWS_37 |
resource |
aws_kinesis_firehose_delivery_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1362 |
CKV2_AWS_37 |
resource |
aws_kinesis_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1363 |
CKV2_AWS_37 |
resource |
aws_kinesis_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1364 |
CKV2_AWS_37 |
resource |
aws_kinesis_stream_consumer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1365 |
CKV2_AWS_37 |
resource |
aws_kinesis_video_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1366 |
CKV2_AWS_37 |
resource |
aws_kinesisanalyticsv2_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1367 |
CKV2_AWS_37 |
resource |
aws_kinesisanalyticsv2_application_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1368 |
CKV2_AWS_37 |
resource |
aws_kms_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1369 |
CKV2_AWS_37 |
resource |
aws_kms_ciphertext |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1370 |
CKV2_AWS_37 |
resource |
aws_kms_custom_key_store |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1371 |
CKV2_AWS_37 |
resource |
aws_kms_external_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1372 |
CKV2_AWS_37 |
resource |
aws_kms_grant |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1373 |
CKV2_AWS_37 |
resource |
aws_kms_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1374 |
CKV2_AWS_37 |
resource |
aws_kms_key_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1375 |
CKV2_AWS_37 |
resource |
aws_kms_replica_external_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1376 |
CKV2_AWS_37 |
resource |
aws_kms_replica_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1377 |
CKV2_AWS_37 |
resource |
aws_lakeformation_data_cells_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1378 |
CKV2_AWS_37 |
resource |
aws_lakeformation_data_lake_settings |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1379 |
CKV2_AWS_37 |
resource |
aws_lakeformation_lf_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1380 |
CKV2_AWS_37 |
resource |
aws_lakeformation_permissions |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1381 |
CKV2_AWS_37 |
resource |
aws_lakeformation_resource |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1382 |
CKV2_AWS_37 |
resource |
aws_lakeformation_resource_lf_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1383 |
CKV2_AWS_37 |
resource |
aws_lakeformation_resource_lf_tags |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1384 |
CKV2_AWS_37 |
resource |
aws_lambda_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1385 |
CKV2_AWS_37 |
resource |
aws_lambda_code_signing_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1386 |
CKV2_AWS_37 |
resource |
aws_lambda_event_source_mapping |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1387 |
CKV2_AWS_37 |
resource |
aws_lambda_function |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1388 |
CKV2_AWS_37 |
resource |
aws_lambda_function_event_invoke_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1389 |
CKV2_AWS_37 |
resource |
aws_lambda_function_recursion_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1390 |
CKV2_AWS_37 |
resource |
aws_lambda_function_url |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1391 |
CKV2_AWS_37 |
resource |
aws_lambda_invocation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1392 |
CKV2_AWS_37 |
resource |
aws_lambda_layer_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1393 |
CKV2_AWS_37 |
resource |
aws_lambda_layer_version_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1394 |
CKV2_AWS_37 |
resource |
aws_lambda_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1395 |
CKV2_AWS_37 |
resource |
aws_lambda_provisioned_concurrency_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1396 |
CKV2_AWS_37 |
resource |
aws_lambda_runtime_management_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1397 |
CKV2_AWS_37 |
resource |
aws_launch_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1398 |
CKV2_AWS_37 |
resource |
aws_launch_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1399 |
CKV2_AWS_37 |
resource |
aws_lb |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1400 |
CKV2_AWS_37 |
resource |
aws_lb_cookie_stickiness_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1401 |
CKV2_AWS_37 |
resource |
aws_lb_listener |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1402 |
CKV2_AWS_37 |
resource |
aws_lb_listener_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1403 |
CKV2_AWS_37 |
resource |
aws_lb_listener_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1404 |
CKV2_AWS_37 |
resource |
aws_lb_ssl_negotiation_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1405 |
CKV2_AWS_37 |
resource |
aws_lb_target_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1406 |
CKV2_AWS_37 |
resource |
aws_lb_target_group_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1407 |
CKV2_AWS_37 |
resource |
aws_lb_trust_store |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1408 |
CKV2_AWS_37 |
resource |
aws_lb_trust_store_revocation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1409 |
CKV2_AWS_37 |
resource |
aws_lex_bot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1410 |
CKV2_AWS_37 |
resource |
aws_lex_bot_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1411 |
CKV2_AWS_37 |
resource |
aws_lex_intent |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1412 |
CKV2_AWS_37 |
resource |
aws_lex_slot_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1413 |
CKV2_AWS_37 |
resource |
aws_lexv2models_bot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1414 |
CKV2_AWS_37 |
resource |
aws_lexv2models_bot_locale |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1415 |
CKV2_AWS_37 |
resource |
aws_lexv2models_bot_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1416 |
CKV2_AWS_37 |
resource |
aws_lexv2models_intent |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1417 |
CKV2_AWS_37 |
resource |
aws_lexv2models_slot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1418 |
CKV2_AWS_37 |
resource |
aws_lexv2models_slot_type |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1419 |
CKV2_AWS_37 |
resource |
aws_licensemanager_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1420 |
CKV2_AWS_37 |
resource |
aws_licensemanager_grant |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1421 |
CKV2_AWS_37 |
resource |
aws_licensemanager_grant_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1422 |
CKV2_AWS_37 |
resource |
aws_licensemanager_license_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1423 |
CKV2_AWS_37 |
resource |
aws_lightsail_bucket |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1424 |
CKV2_AWS_37 |
resource |
aws_lightsail_bucket_access_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1425 |
CKV2_AWS_37 |
resource |
aws_lightsail_bucket_resource_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1426 |
CKV2_AWS_37 |
resource |
aws_lightsail_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1427 |
CKV2_AWS_37 |
resource |
aws_lightsail_container_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1428 |
CKV2_AWS_37 |
resource |
aws_lightsail_container_service_deployment_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1429 |
CKV2_AWS_37 |
resource |
aws_lightsail_database |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1430 |
CKV2_AWS_37 |
resource |
aws_lightsail_disk |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1431 |
CKV2_AWS_37 |
resource |
aws_lightsail_disk_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1432 |
CKV2_AWS_37 |
resource |
aws_lightsail_distribution |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1433 |
CKV2_AWS_37 |
resource |
aws_lightsail_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1434 |
CKV2_AWS_37 |
resource |
aws_lightsail_domain_entry |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1435 |
CKV2_AWS_37 |
resource |
aws_lightsail_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1436 |
CKV2_AWS_37 |
resource |
aws_lightsail_instance_public_ports |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1437 |
CKV2_AWS_37 |
resource |
aws_lightsail_key_pair |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1438 |
CKV2_AWS_37 |
resource |
aws_lightsail_lb |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1439 |
CKV2_AWS_37 |
resource |
aws_lightsail_lb_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1440 |
CKV2_AWS_37 |
resource |
aws_lightsail_lb_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1441 |
CKV2_AWS_37 |
resource |
aws_lightsail_lb_certificate_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1442 |
CKV2_AWS_37 |
resource |
aws_lightsail_lb_https_redirection_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1443 |
CKV2_AWS_37 |
resource |
aws_lightsail_lb_stickiness_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1444 |
CKV2_AWS_37 |
resource |
aws_lightsail_static_ip |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1445 |
CKV2_AWS_37 |
resource |
aws_lightsail_static_ip_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1446 |
CKV2_AWS_37 |
resource |
aws_load_balancer_backend_server_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1447 |
CKV2_AWS_37 |
resource |
aws_load_balancer_listener_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1448 |
CKV2_AWS_37 |
resource |
aws_load_balancer_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1449 |
CKV2_AWS_37 |
resource |
aws_location_geofence_collection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1450 |
CKV2_AWS_37 |
resource |
aws_location_map |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1451 |
CKV2_AWS_37 |
resource |
aws_location_place_index |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1452 |
CKV2_AWS_37 |
resource |
aws_location_route_calculator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1453 |
CKV2_AWS_37 |
resource |
aws_location_tracker |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1454 |
CKV2_AWS_37 |
resource |
aws_location_tracker_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1455 |
CKV2_AWS_37 |
resource |
aws_m2_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1456 |
CKV2_AWS_37 |
resource |
aws_m2_deployment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1457 |
CKV2_AWS_37 |
resource |
aws_m2_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1458 |
CKV2_AWS_37 |
resource |
aws_macie2_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1459 |
CKV2_AWS_37 |
resource |
aws_macie2_classification_export_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1460 |
CKV2_AWS_37 |
resource |
aws_macie2_classification_job |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1461 |
CKV2_AWS_37 |
resource |
aws_macie2_custom_data_identifier |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1462 |
CKV2_AWS_37 |
resource |
aws_macie2_findings_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1463 |
CKV2_AWS_37 |
resource |
aws_macie2_invitation_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1464 |
CKV2_AWS_37 |
resource |
aws_macie2_member |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1465 |
CKV2_AWS_37 |
resource |
aws_macie2_organization_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1466 |
CKV2_AWS_37 |
resource |
aws_macie_member_account_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1467 |
CKV2_AWS_37 |
resource |
aws_macie_s3_bucket_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1468 |
CKV2_AWS_37 |
resource |
aws_main_route_table_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1469 |
CKV2_AWS_37 |
resource |
aws_media_convert_queue |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1470 |
CKV2_AWS_37 |
resource |
aws_media_package_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1471 |
CKV2_AWS_37 |
resource |
aws_media_packagev2_channel_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1472 |
CKV2_AWS_37 |
resource |
aws_media_store_container |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1473 |
CKV2_AWS_37 |
resource |
aws_media_store_container_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1474 |
CKV2_AWS_37 |
resource |
aws_medialive_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1475 |
CKV2_AWS_37 |
resource |
aws_medialive_input |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1476 |
CKV2_AWS_37 |
resource |
aws_medialive_input_security_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1477 |
CKV2_AWS_37 |
resource |
aws_medialive_multiplex |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1478 |
CKV2_AWS_37 |
resource |
aws_medialive_multiplex_program |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1479 |
CKV2_AWS_37 |
resource |
aws_memorydb_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1480 |
CKV2_AWS_37 |
resource |
aws_memorydb_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1481 |
CKV2_AWS_37 |
resource |
aws_memorydb_multi_region_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1482 |
CKV2_AWS_37 |
resource |
aws_memorydb_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1483 |
CKV2_AWS_37 |
resource |
aws_memorydb_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1484 |
CKV2_AWS_37 |
resource |
aws_memorydb_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1485 |
CKV2_AWS_37 |
resource |
aws_memorydb_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1486 |
CKV2_AWS_37 |
resource |
aws_mq_broker |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1487 |
CKV2_AWS_37 |
resource |
aws_mq_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1488 |
CKV2_AWS_37 |
resource |
aws_msk_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1489 |
CKV2_AWS_37 |
resource |
aws_msk_cluster_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1490 |
CKV2_AWS_37 |
resource |
aws_msk_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1491 |
CKV2_AWS_37 |
resource |
aws_msk_replicator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1492 |
CKV2_AWS_37 |
resource |
aws_msk_scram_secret_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1493 |
CKV2_AWS_37 |
resource |
aws_msk_serverless_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1494 |
CKV2_AWS_37 |
resource |
aws_msk_single_scram_secret_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1495 |
CKV2_AWS_37 |
resource |
aws_msk_vpc_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1496 |
CKV2_AWS_37 |
resource |
aws_mskconnect_connector |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1497 |
CKV2_AWS_37 |
resource |
aws_mskconnect_custom_plugin |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1498 |
CKV2_AWS_37 |
resource |
aws_mskconnect_worker_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1499 |
CKV2_AWS_37 |
resource |
aws_mwaa_environment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1500 |
CKV2_AWS_37 |
resource |
aws_nat_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1501 |
CKV2_AWS_37 |
resource |
aws_neptune_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1502 |
CKV2_AWS_37 |
resource |
aws_neptune_cluster_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1503 |
CKV2_AWS_37 |
resource |
aws_neptune_cluster_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1504 |
CKV2_AWS_37 |
resource |
aws_neptune_cluster_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1505 |
CKV2_AWS_37 |
resource |
aws_neptune_cluster_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1506 |
CKV2_AWS_37 |
resource |
aws_neptune_event_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1507 |
CKV2_AWS_37 |
resource |
aws_neptune_global_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1508 |
CKV2_AWS_37 |
resource |
aws_neptune_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1509 |
CKV2_AWS_37 |
resource |
aws_neptune_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1510 |
CKV2_AWS_37 |
resource |
aws_network_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1511 |
CKV2_AWS_37 |
resource |
aws_network_acl_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1512 |
CKV2_AWS_37 |
resource |
aws_network_acl_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1513 |
CKV2_AWS_37 |
resource |
aws_network_interface |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1514 |
CKV2_AWS_37 |
resource |
aws_network_interface_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1515 |
CKV2_AWS_37 |
resource |
aws_network_interface_sg_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1516 |
CKV2_AWS_37 |
resource |
aws_networkfirewall_firewall |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1517 |
CKV2_AWS_37 |
resource |
aws_networkfirewall_firewall_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1518 |
CKV2_AWS_37 |
resource |
aws_networkfirewall_logging_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1519 |
CKV2_AWS_37 |
resource |
aws_networkfirewall_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1520 |
CKV2_AWS_37 |
resource |
aws_networkfirewall_rule_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1521 |
CKV2_AWS_37 |
resource |
aws_networkfirewall_tls_inspection_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1522 |
CKV2_AWS_37 |
resource |
aws_networkmanager_attachment_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1523 |
CKV2_AWS_37 |
resource |
aws_networkmanager_connect_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1524 |
CKV2_AWS_37 |
resource |
aws_networkmanager_connect_peer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1525 |
CKV2_AWS_37 |
resource |
aws_networkmanager_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1526 |
CKV2_AWS_37 |
resource |
aws_networkmanager_core_network |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1527 |
CKV2_AWS_37 |
resource |
aws_networkmanager_core_network_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1528 |
CKV2_AWS_37 |
resource |
aws_networkmanager_customer_gateway_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1529 |
CKV2_AWS_37 |
resource |
aws_networkmanager_device |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1530 |
CKV2_AWS_37 |
resource |
aws_networkmanager_dx_gateway_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1531 |
CKV2_AWS_37 |
resource |
aws_networkmanager_global_network |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1532 |
CKV2_AWS_37 |
resource |
aws_networkmanager_link |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1533 |
CKV2_AWS_37 |
resource |
aws_networkmanager_link_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1534 |
CKV2_AWS_37 |
resource |
aws_networkmanager_site |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1535 |
CKV2_AWS_37 |
resource |
aws_networkmanager_site_to_site_vpn_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1536 |
CKV2_AWS_37 |
resource |
aws_networkmanager_transit_gateway_connect_peer_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1537 |
CKV2_AWS_37 |
resource |
aws_networkmanager_transit_gateway_peering |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1538 |
CKV2_AWS_37 |
resource |
aws_networkmanager_transit_gateway_registration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1539 |
CKV2_AWS_37 |
resource |
aws_networkmanager_transit_gateway_route_table_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1540 |
CKV2_AWS_37 |
resource |
aws_networkmanager_vpc_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1541 |
CKV2_AWS_37 |
resource |
aws_networkmonitor_monitor |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1542 |
CKV2_AWS_37 |
resource |
aws_networkmonitor_probe |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1543 |
CKV2_AWS_37 |
resource |
aws_oam_link |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1544 |
CKV2_AWS_37 |
resource |
aws_oam_sink |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1545 |
CKV2_AWS_37 |
resource |
aws_oam_sink_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1546 |
CKV2_AWS_37 |
resource |
aws_opensearch_authorize_vpc_endpoint_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1547 |
CKV2_AWS_37 |
resource |
aws_opensearch_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1548 |
CKV2_AWS_37 |
resource |
aws_opensearch_domain_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1549 |
CKV2_AWS_37 |
resource |
aws_opensearch_domain_saml_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1550 |
CKV2_AWS_37 |
resource |
aws_opensearch_inbound_connection_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1551 |
CKV2_AWS_37 |
resource |
aws_opensearch_outbound_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1552 |
CKV2_AWS_37 |
resource |
aws_opensearch_package |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1553 |
CKV2_AWS_37 |
resource |
aws_opensearch_package_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1554 |
CKV2_AWS_37 |
resource |
aws_opensearch_vpc_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1555 |
CKV2_AWS_37 |
resource |
aws_opensearchserverless_access_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1556 |
CKV2_AWS_37 |
resource |
aws_opensearchserverless_collection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1557 |
CKV2_AWS_37 |
resource |
aws_opensearchserverless_lifecycle_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1558 |
CKV2_AWS_37 |
resource |
aws_opensearchserverless_security_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1559 |
CKV2_AWS_37 |
resource |
aws_opensearchserverless_security_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1560 |
CKV2_AWS_37 |
resource |
aws_opensearchserverless_vpc_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1561 |
CKV2_AWS_37 |
resource |
aws_opsworks_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1562 |
CKV2_AWS_37 |
resource |
aws_opsworks_custom_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1563 |
CKV2_AWS_37 |
resource |
aws_opsworks_ecs_cluster_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1564 |
CKV2_AWS_37 |
resource |
aws_opsworks_ganglia_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1565 |
CKV2_AWS_37 |
resource |
aws_opsworks_haproxy_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1566 |
CKV2_AWS_37 |
resource |
aws_opsworks_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1567 |
CKV2_AWS_37 |
resource |
aws_opsworks_java_app_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1568 |
CKV2_AWS_37 |
resource |
aws_opsworks_memcached_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1569 |
CKV2_AWS_37 |
resource |
aws_opsworks_mysql_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1570 |
CKV2_AWS_37 |
resource |
aws_opsworks_nodejs_app_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1571 |
CKV2_AWS_37 |
resource |
aws_opsworks_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1572 |
CKV2_AWS_37 |
resource |
aws_opsworks_php_app_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1573 |
CKV2_AWS_37 |
resource |
aws_opsworks_rails_app_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1574 |
CKV2_AWS_37 |
resource |
aws_opsworks_rds_db_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1575 |
CKV2_AWS_37 |
resource |
aws_opsworks_stack |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1576 |
CKV2_AWS_37 |
resource |
aws_opsworks_static_web_layer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1577 |
CKV2_AWS_37 |
resource |
aws_opsworks_user_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1578 |
CKV2_AWS_37 |
resource |
aws_organizations_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1579 |
CKV2_AWS_37 |
resource |
aws_organizations_delegated_administrator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1580 |
CKV2_AWS_37 |
resource |
aws_organizations_organization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1581 |
CKV2_AWS_37 |
resource |
aws_organizations_organizational_unit |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1582 |
CKV2_AWS_37 |
resource |
aws_organizations_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1583 |
CKV2_AWS_37 |
resource |
aws_organizations_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1584 |
CKV2_AWS_37 |
resource |
aws_organizations_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1585 |
CKV2_AWS_37 |
resource |
aws_osis_pipeline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1586 |
CKV2_AWS_37 |
resource |
aws_paymentcryptography_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1587 |
CKV2_AWS_37 |
resource |
aws_paymentcryptography_key_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1588 |
CKV2_AWS_37 |
resource |
aws_pinpoint_adm_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1589 |
CKV2_AWS_37 |
resource |
aws_pinpoint_apns_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1590 |
CKV2_AWS_37 |
resource |
aws_pinpoint_apns_sandbox_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1591 |
CKV2_AWS_37 |
resource |
aws_pinpoint_apns_voip_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1592 |
CKV2_AWS_37 |
resource |
aws_pinpoint_apns_voip_sandbox_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1593 |
CKV2_AWS_37 |
resource |
aws_pinpoint_app |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1594 |
CKV2_AWS_37 |
resource |
aws_pinpoint_baidu_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1595 |
CKV2_AWS_37 |
resource |
aws_pinpoint_email_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1596 |
CKV2_AWS_37 |
resource |
aws_pinpoint_email_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1597 |
CKV2_AWS_37 |
resource |
aws_pinpoint_event_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1598 |
CKV2_AWS_37 |
resource |
aws_pinpoint_gcm_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1599 |
CKV2_AWS_37 |
resource |
aws_pinpoint_sms_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1600 |
CKV2_AWS_37 |
resource |
aws_pinpointsmsvoicev2_configuration_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1601 |
CKV2_AWS_37 |
resource |
aws_pinpointsmsvoicev2_opt_out_list |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1602 |
CKV2_AWS_37 |
resource |
aws_pinpointsmsvoicev2_phone_number |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1603 |
CKV2_AWS_37 |
resource |
aws_pipes_pipe |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1604 |
CKV2_AWS_37 |
resource |
aws_placement_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1605 |
CKV2_AWS_37 |
resource |
aws_prometheus_alert_manager_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1606 |
CKV2_AWS_37 |
resource |
aws_prometheus_rule_group_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1607 |
CKV2_AWS_37 |
resource |
aws_prometheus_scraper |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1608 |
CKV2_AWS_37 |
resource |
aws_prometheus_workspace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1609 |
CKV2_AWS_37 |
resource |
aws_proxy_protocol_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1610 |
CKV2_AWS_37 |
resource |
aws_qldb_ledger |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1611 |
CKV2_AWS_37 |
resource |
aws_qldb_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1612 |
CKV2_AWS_37 |
resource |
aws_quicksight_account_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1613 |
CKV2_AWS_37 |
resource |
aws_quicksight_analysis |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1614 |
CKV2_AWS_37 |
resource |
aws_quicksight_dashboard |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1615 |
CKV2_AWS_37 |
resource |
aws_quicksight_data_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1616 |
CKV2_AWS_37 |
resource |
aws_quicksight_data_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1617 |
CKV2_AWS_37 |
resource |
aws_quicksight_folder |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1618 |
CKV2_AWS_37 |
resource |
aws_quicksight_folder_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1619 |
CKV2_AWS_37 |
resource |
aws_quicksight_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1620 |
CKV2_AWS_37 |
resource |
aws_quicksight_group_membership |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1621 |
CKV2_AWS_37 |
resource |
aws_quicksight_iam_policy_assignment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1622 |
CKV2_AWS_37 |
resource |
aws_quicksight_ingestion |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1623 |
CKV2_AWS_37 |
resource |
aws_quicksight_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1624 |
CKV2_AWS_37 |
resource |
aws_quicksight_refresh_schedule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1625 |
CKV2_AWS_37 |
resource |
aws_quicksight_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1626 |
CKV2_AWS_37 |
resource |
aws_quicksight_template_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1627 |
CKV2_AWS_37 |
resource |
aws_quicksight_theme |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1628 |
CKV2_AWS_37 |
resource |
aws_quicksight_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1629 |
CKV2_AWS_37 |
resource |
aws_quicksight_vpc_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1630 |
CKV2_AWS_37 |
resource |
aws_ram_principal_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1631 |
CKV2_AWS_37 |
resource |
aws_ram_resource_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1632 |
CKV2_AWS_37 |
resource |
aws_ram_resource_share |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1633 |
CKV2_AWS_37 |
resource |
aws_ram_resource_share_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1634 |
CKV2_AWS_37 |
resource |
aws_ram_sharing_with_organization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1635 |
CKV2_AWS_37 |
resource |
aws_rbin_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1636 |
CKV2_AWS_37 |
resource |
aws_rds_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1637 |
CKV2_AWS_37 |
resource |
aws_rds_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1638 |
CKV2_AWS_37 |
resource |
aws_rds_cluster_activity_stream |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1639 |
CKV2_AWS_37 |
resource |
aws_rds_cluster_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1640 |
CKV2_AWS_37 |
resource |
aws_rds_cluster_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1641 |
CKV2_AWS_37 |
resource |
aws_rds_cluster_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1642 |
CKV2_AWS_37 |
resource |
aws_rds_cluster_role_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1643 |
CKV2_AWS_37 |
resource |
aws_rds_cluster_snapshot_copy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1644 |
CKV2_AWS_37 |
resource |
aws_rds_custom_db_engine_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1645 |
CKV2_AWS_37 |
resource |
aws_rds_export_task |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1646 |
CKV2_AWS_37 |
resource |
aws_rds_global_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1647 |
CKV2_AWS_37 |
resource |
aws_rds_instance_state |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1648 |
CKV2_AWS_37 |
resource |
aws_rds_integration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1649 |
CKV2_AWS_37 |
resource |
aws_rds_reserved_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1650 |
CKV2_AWS_37 |
resource |
aws_redshift_authentication_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1651 |
CKV2_AWS_37 |
resource |
aws_redshift_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1652 |
CKV2_AWS_37 |
resource |
aws_redshift_cluster_iam_roles |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1653 |
CKV2_AWS_37 |
resource |
aws_redshift_cluster_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1654 |
CKV2_AWS_37 |
resource |
aws_redshift_data_share_authorization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1655 |
CKV2_AWS_37 |
resource |
aws_redshift_data_share_consumer_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1656 |
CKV2_AWS_37 |
resource |
aws_redshift_endpoint_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1657 |
CKV2_AWS_37 |
resource |
aws_redshift_endpoint_authorization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1658 |
CKV2_AWS_37 |
resource |
aws_redshift_event_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1659 |
CKV2_AWS_37 |
resource |
aws_redshift_hsm_client_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1660 |
CKV2_AWS_37 |
resource |
aws_redshift_hsm_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1661 |
CKV2_AWS_37 |
resource |
aws_redshift_logging |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1662 |
CKV2_AWS_37 |
resource |
aws_redshift_parameter_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1663 |
CKV2_AWS_37 |
resource |
aws_redshift_partner |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1664 |
CKV2_AWS_37 |
resource |
aws_redshift_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1665 |
CKV2_AWS_37 |
resource |
aws_redshift_scheduled_action |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1666 |
CKV2_AWS_37 |
resource |
aws_redshift_security_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1667 |
CKV2_AWS_37 |
resource |
aws_redshift_snapshot_copy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1668 |
CKV2_AWS_37 |
resource |
aws_redshift_snapshot_copy_grant |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1669 |
CKV2_AWS_37 |
resource |
aws_redshift_snapshot_schedule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1670 |
CKV2_AWS_37 |
resource |
aws_redshift_snapshot_schedule_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1671 |
CKV2_AWS_37 |
resource |
aws_redshift_subnet_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1672 |
CKV2_AWS_37 |
resource |
aws_redshift_usage_limit |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1673 |
CKV2_AWS_37 |
resource |
aws_redshiftdata_statement |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1674 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_custom_domain_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1675 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_endpoint_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1676 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1677 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1678 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_snapshot |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1679 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_usage_limit |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1680 |
CKV2_AWS_37 |
resource |
aws_redshiftserverless_workgroup |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1681 |
CKV2_AWS_37 |
resource |
aws_region_info |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1682 |
CKV2_AWS_37 |
resource |
aws_rekognition_collection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1683 |
CKV2_AWS_37 |
resource |
aws_rekognition_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1684 |
CKV2_AWS_37 |
resource |
aws_rekognition_stream_processor |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1685 |
CKV2_AWS_37 |
resource |
aws_resiliencehub_resiliency_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1686 |
CKV2_AWS_37 |
resource |
aws_resourceexplorer2_index |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1687 |
CKV2_AWS_37 |
resource |
aws_resourceexplorer2_view |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1688 |
CKV2_AWS_37 |
resource |
aws_resourcegroups_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1689 |
CKV2_AWS_37 |
resource |
aws_resourcegroups_resource |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1690 |
CKV2_AWS_37 |
resource |
aws_rolesanywhere_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1691 |
CKV2_AWS_37 |
resource |
aws_rolesanywhere_trust_anchor |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1692 |
CKV2_AWS_37 |
resource |
aws_root |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1693 |
CKV2_AWS_37 |
resource |
aws_root_access_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1694 |
CKV2_AWS_37 |
resource |
aws_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1695 |
CKV2_AWS_37 |
resource |
aws_route53_cidr_collection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1696 |
CKV2_AWS_37 |
resource |
aws_route53_cidr_location |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1697 |
CKV2_AWS_37 |
resource |
aws_route53_delegation_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1698 |
CKV2_AWS_37 |
resource |
aws_route53_health_check |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1699 |
CKV2_AWS_37 |
resource |
aws_route53_hosted_zone_dnssec |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1700 |
CKV2_AWS_37 |
resource |
aws_route53_key_signing_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1701 |
CKV2_AWS_37 |
resource |
aws_route53_query_log |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1702 |
CKV2_AWS_37 |
resource |
aws_route53_record |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1703 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1704 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_dnssec_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1705 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1706 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_firewall_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1707 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_firewall_domain_list |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1708 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_firewall_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1709 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_firewall_rule_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1710 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_firewall_rule_group_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1711 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_query_log_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1712 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_query_log_config_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1713 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1714 |
CKV2_AWS_37 |
resource |
aws_route53_resolver_rule_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1715 |
CKV2_AWS_37 |
resource |
aws_route53_traffic_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1716 |
CKV2_AWS_37 |
resource |
aws_route53_traffic_policy_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1717 |
CKV2_AWS_37 |
resource |
aws_route53_vpc_association_authorization |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1718 |
CKV2_AWS_37 |
resource |
aws_route53_zone |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1719 |
CKV2_AWS_37 |
resource |
aws_route53_zone_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1720 |
CKV2_AWS_37 |
resource |
aws_route53domains_delegation_signer_record |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1721 |
CKV2_AWS_37 |
resource |
aws_route53domains_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1722 |
CKV2_AWS_37 |
resource |
aws_route53domains_registered_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1723 |
CKV2_AWS_37 |
resource |
aws_route53profiles_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1724 |
CKV2_AWS_37 |
resource |
aws_route53profiles_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1725 |
CKV2_AWS_37 |
resource |
aws_route53profiles_resource_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1726 |
CKV2_AWS_37 |
resource |
aws_route53recoverycontrolconfig_cluster |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1727 |
CKV2_AWS_37 |
resource |
aws_route53recoverycontrolconfig_control_panel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1728 |
CKV2_AWS_37 |
resource |
aws_route53recoverycontrolconfig_routing_control |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1729 |
CKV2_AWS_37 |
resource |
aws_route53recoverycontrolconfig_safety_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1730 |
CKV2_AWS_37 |
resource |
aws_route53recoveryreadiness_cell |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1731 |
CKV2_AWS_37 |
resource |
aws_route53recoveryreadiness_readiness_check |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1732 |
CKV2_AWS_37 |
resource |
aws_route53recoveryreadiness_recovery_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1733 |
CKV2_AWS_37 |
resource |
aws_route53recoveryreadiness_resource_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1734 |
CKV2_AWS_37 |
resource |
aws_route_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1735 |
CKV2_AWS_37 |
resource |
aws_route_table_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1736 |
CKV2_AWS_37 |
resource |
aws_rum_app_monitor |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1737 |
CKV2_AWS_37 |
resource |
aws_rum_metrics_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1738 |
CKV2_AWS_37 |
resource |
aws_s3_access_point |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1739 |
CKV2_AWS_37 |
resource |
aws_s3_account_public_access_block |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1740 |
CKV2_AWS_37 |
resource |
aws_s3_bucket |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1741 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_accelerate_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1742 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1743 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_analytics_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1744 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_cors_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1745 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_intelligent_tiering_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1746 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_inventory |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1747 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_lifecycle_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1748 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_logging |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1749 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_metric |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1750 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_notification |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1751 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_object |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1752 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_object_lock_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1753 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_ownership_controls |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1754 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1755 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_public_access_block |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1756 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_replication_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1757 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_request_payment_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1758 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_server_side_encryption_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1759 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_versioning |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1760 |
CKV2_AWS_37 |
resource |
aws_s3_bucket_website_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1761 |
CKV2_AWS_37 |
resource |
aws_s3_directory_bucket |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1762 |
CKV2_AWS_37 |
resource |
aws_s3_object |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1763 |
CKV2_AWS_37 |
resource |
aws_s3_object_copy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1764 |
CKV2_AWS_37 |
resource |
aws_s3control_access_grant |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1765 |
CKV2_AWS_37 |
resource |
aws_s3control_access_grants_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1766 |
CKV2_AWS_37 |
resource |
aws_s3control_access_grants_instance_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1767 |
CKV2_AWS_37 |
resource |
aws_s3control_access_grants_location |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1768 |
CKV2_AWS_37 |
resource |
aws_s3control_access_point_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1769 |
CKV2_AWS_37 |
resource |
aws_s3control_bucket |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1770 |
CKV2_AWS_37 |
resource |
aws_s3control_bucket_lifecycle_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1771 |
CKV2_AWS_37 |
resource |
aws_s3control_bucket_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1772 |
CKV2_AWS_37 |
resource |
aws_s3control_multi_region_access_point |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1773 |
CKV2_AWS_37 |
resource |
aws_s3control_multi_region_access_point_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1774 |
CKV2_AWS_37 |
resource |
aws_s3control_object_lambda_access_point |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1775 |
CKV2_AWS_37 |
resource |
aws_s3control_object_lambda_access_point_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1776 |
CKV2_AWS_37 |
resource |
aws_s3control_storage_lens_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1777 |
CKV2_AWS_37 |
resource |
aws_s3outposts_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1778 |
CKV2_AWS_37 |
resource |
aws_s3tables_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1779 |
CKV2_AWS_37 |
resource |
aws_s3tables_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1780 |
CKV2_AWS_37 |
resource |
aws_s3tables_table_bucket |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1781 |
CKV2_AWS_37 |
resource |
aws_s3tables_table_bucket_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1782 |
CKV2_AWS_37 |
resource |
aws_s3tables_table_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1783 |
CKV2_AWS_37 |
resource |
aws_sagemaker_app |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1784 |
CKV2_AWS_37 |
resource |
aws_sagemaker_app_image_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1785 |
CKV2_AWS_37 |
resource |
aws_sagemaker_code_repository |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1786 |
CKV2_AWS_37 |
resource |
aws_sagemaker_data_quality_job_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1787 |
CKV2_AWS_37 |
resource |
aws_sagemaker_device |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1788 |
CKV2_AWS_37 |
resource |
aws_sagemaker_device_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1789 |
CKV2_AWS_37 |
resource |
aws_sagemaker_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1790 |
CKV2_AWS_37 |
resource |
aws_sagemaker_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1791 |
CKV2_AWS_37 |
resource |
aws_sagemaker_endpoint_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1792 |
CKV2_AWS_37 |
resource |
aws_sagemaker_feature_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1793 |
CKV2_AWS_37 |
resource |
aws_sagemaker_flow_definition |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1794 |
CKV2_AWS_37 |
resource |
aws_sagemaker_hub |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1795 |
CKV2_AWS_37 |
resource |
aws_sagemaker_human_task_ui |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1796 |
CKV2_AWS_37 |
resource |
aws_sagemaker_image |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1797 |
CKV2_AWS_37 |
resource |
aws_sagemaker_image_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1798 |
CKV2_AWS_37 |
resource |
aws_sagemaker_mlflow_tracking_server |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1799 |
CKV2_AWS_37 |
resource |
aws_sagemaker_model |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1800 |
CKV2_AWS_37 |
resource |
aws_sagemaker_model_package_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1801 |
CKV2_AWS_37 |
resource |
aws_sagemaker_model_package_group_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1802 |
CKV2_AWS_37 |
resource |
aws_sagemaker_monitoring_schedule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1803 |
CKV2_AWS_37 |
resource |
aws_sagemaker_notebook_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1804 |
CKV2_AWS_37 |
resource |
aws_sagemaker_notebook_instance_lifecycle_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1805 |
CKV2_AWS_37 |
resource |
aws_sagemaker_pipeline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1806 |
CKV2_AWS_37 |
resource |
aws_sagemaker_project |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1807 |
CKV2_AWS_37 |
resource |
aws_sagemaker_servicecatalog_portfolio_status |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1808 |
CKV2_AWS_37 |
resource |
aws_sagemaker_space |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1809 |
CKV2_AWS_37 |
resource |
aws_sagemaker_studio_lifecycle_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1810 |
CKV2_AWS_37 |
resource |
aws_sagemaker_user_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1811 |
CKV2_AWS_37 |
resource |
aws_sagemaker_workforce |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1812 |
CKV2_AWS_37 |
resource |
aws_sagemaker_workteam |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1813 |
CKV2_AWS_37 |
resource |
aws_scheduler_schedule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1814 |
CKV2_AWS_37 |
resource |
aws_scheduler_schedule_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1815 |
CKV2_AWS_37 |
resource |
aws_schemas_discoverer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1816 |
CKV2_AWS_37 |
resource |
aws_schemas_registry |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1817 |
CKV2_AWS_37 |
resource |
aws_schemas_registry_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1818 |
CKV2_AWS_37 |
resource |
aws_schemas_schema |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1819 |
CKV2_AWS_37 |
resource |
aws_secretsmanager_secret |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1820 |
CKV2_AWS_37 |
resource |
aws_secretsmanager_secret_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1821 |
CKV2_AWS_37 |
resource |
aws_secretsmanager_secret_rotation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1822 |
CKV2_AWS_37 |
resource |
aws_secretsmanager_secret_version |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1823 |
CKV2_AWS_37 |
resource |
aws_security_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1824 |
CKV2_AWS_37 |
resource |
aws_security_group_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1825 |
CKV2_AWS_37 |
resource |
aws_securityhub_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1826 |
CKV2_AWS_37 |
resource |
aws_securityhub_action_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1827 |
CKV2_AWS_37 |
resource |
aws_securityhub_automation_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1828 |
CKV2_AWS_37 |
resource |
aws_securityhub_configuration_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1829 |
CKV2_AWS_37 |
resource |
aws_securityhub_configuration_policy_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1830 |
CKV2_AWS_37 |
resource |
aws_securityhub_finding_aggregator |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1831 |
CKV2_AWS_37 |
resource |
aws_securityhub_insight |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1832 |
CKV2_AWS_37 |
resource |
aws_securityhub_invite_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1833 |
CKV2_AWS_37 |
resource |
aws_securityhub_member |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1834 |
CKV2_AWS_37 |
resource |
aws_securityhub_organization_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1835 |
CKV2_AWS_37 |
resource |
aws_securityhub_organization_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1836 |
CKV2_AWS_37 |
resource |
aws_securityhub_product_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1837 |
CKV2_AWS_37 |
resource |
aws_securityhub_standards_control |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1838 |
CKV2_AWS_37 |
resource |
aws_securityhub_standards_control_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1839 |
CKV2_AWS_37 |
resource |
aws_securityhub_standards_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1840 |
CKV2_AWS_37 |
resource |
aws_securitylake_aws_log_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1841 |
CKV2_AWS_37 |
resource |
aws_securitylake_custom_log_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1842 |
CKV2_AWS_37 |
resource |
aws_securitylake_data_lake |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1843 |
CKV2_AWS_37 |
resource |
aws_securitylake_subscriber |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1844 |
CKV2_AWS_37 |
resource |
aws_securitylake_subscriber_notification |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1845 |
CKV2_AWS_37 |
resource |
aws_serverlessapplicationrepository_cloudformation_stack |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1846 |
CKV2_AWS_37 |
resource |
aws_service_discovery_http_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1847 |
CKV2_AWS_37 |
resource |
aws_service_discovery_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1848 |
CKV2_AWS_37 |
resource |
aws_service_discovery_private_dns_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1849 |
CKV2_AWS_37 |
resource |
aws_service_discovery_public_dns_namespace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1850 |
CKV2_AWS_37 |
resource |
aws_service_discovery_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1851 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_budget_resource_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1852 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_constraint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1853 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_organizations_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1854 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_portfolio |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1855 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_portfolio_share |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1856 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_principal_portfolio_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1857 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_product |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1858 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_product_portfolio_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1859 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_provisioned_product |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1860 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_provisioning_artifact |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1861 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_service_action |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1862 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_tag_option |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1863 |
CKV2_AWS_37 |
resource |
aws_servicecatalog_tag_option_resource_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1864 |
CKV2_AWS_37 |
resource |
aws_servicecatalogappregistry_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1865 |
CKV2_AWS_37 |
resource |
aws_servicecatalogappregistry_attribute_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1866 |
CKV2_AWS_37 |
resource |
aws_servicecatalogappregistry_attribute_group_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1867 |
CKV2_AWS_37 |
resource |
aws_servicequotas_service_quota |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1868 |
CKV2_AWS_37 |
resource |
aws_servicequotas_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1869 |
CKV2_AWS_37 |
resource |
aws_servicequotas_template_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1870 |
CKV2_AWS_37 |
resource |
aws_ses_active_receipt_rule_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1871 |
CKV2_AWS_37 |
resource |
aws_ses_configuration_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1872 |
CKV2_AWS_37 |
resource |
aws_ses_domain_dkim |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1873 |
CKV2_AWS_37 |
resource |
aws_ses_domain_identity |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1874 |
CKV2_AWS_37 |
resource |
aws_ses_domain_identity_verification |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1875 |
CKV2_AWS_37 |
resource |
aws_ses_domain_mail_from |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1876 |
CKV2_AWS_37 |
resource |
aws_ses_email_identity |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1877 |
CKV2_AWS_37 |
resource |
aws_ses_event_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1878 |
CKV2_AWS_37 |
resource |
aws_ses_identity_notification_topic |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1879 |
CKV2_AWS_37 |
resource |
aws_ses_identity_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1880 |
CKV2_AWS_37 |
resource |
aws_ses_receipt_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1881 |
CKV2_AWS_37 |
resource |
aws_ses_receipt_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1882 |
CKV2_AWS_37 |
resource |
aws_ses_receipt_rule_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1883 |
CKV2_AWS_37 |
resource |
aws_ses_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1884 |
CKV2_AWS_37 |
resource |
aws_sesv2_account_suppression_attributes |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1885 |
CKV2_AWS_37 |
resource |
aws_sesv2_account_vdm_attributes |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1886 |
CKV2_AWS_37 |
resource |
aws_sesv2_configuration_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1887 |
CKV2_AWS_37 |
resource |
aws_sesv2_configuration_set_event_destination |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1888 |
CKV2_AWS_37 |
resource |
aws_sesv2_contact_list |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1889 |
CKV2_AWS_37 |
resource |
aws_sesv2_dedicated_ip_assignment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1890 |
CKV2_AWS_37 |
resource |
aws_sesv2_dedicated_ip_pool |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1891 |
CKV2_AWS_37 |
resource |
aws_sesv2_email_identity |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1892 |
CKV2_AWS_37 |
resource |
aws_sesv2_email_identity_feedback_attributes |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1893 |
CKV2_AWS_37 |
resource |
aws_sesv2_email_identity_mail_from_attributes |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1894 |
CKV2_AWS_37 |
resource |
aws_sesv2_email_identity_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1895 |
CKV2_AWS_37 |
resource |
aws_sfn_activity |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1896 |
CKV2_AWS_37 |
resource |
aws_sfn_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1897 |
CKV2_AWS_37 |
resource |
aws_sfn_state_machine |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1898 |
CKV2_AWS_37 |
resource |
aws_shield_application_layer_automatic_response |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1899 |
CKV2_AWS_37 |
resource |
aws_shield_drt_access_log_bucket_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1900 |
CKV2_AWS_37 |
resource |
aws_shield_drt_access_role_arn_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1901 |
CKV2_AWS_37 |
resource |
aws_shield_proactive_engagement |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1902 |
CKV2_AWS_37 |
resource |
aws_shield_protection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1903 |
CKV2_AWS_37 |
resource |
aws_shield_protection_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1904 |
CKV2_AWS_37 |
resource |
aws_shield_protection_health_check_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1905 |
CKV2_AWS_37 |
resource |
aws_shield_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1906 |
CKV2_AWS_37 |
resource |
aws_signer_signing_job |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1907 |
CKV2_AWS_37 |
resource |
aws_signer_signing_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1908 |
CKV2_AWS_37 |
resource |
aws_signer_signing_profile_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1909 |
CKV2_AWS_37 |
resource |
aws_simpledb_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1910 |
CKV2_AWS_37 |
resource |
aws_snapshot_create_volume_permission |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1911 |
CKV2_AWS_37 |
resource |
aws_sns_platform_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1912 |
CKV2_AWS_37 |
resource |
aws_sns_sms_preferences |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1913 |
CKV2_AWS_37 |
resource |
aws_sns_topic |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1914 |
CKV2_AWS_37 |
resource |
aws_sns_topic_data_protection_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1915 |
CKV2_AWS_37 |
resource |
aws_sns_topic_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1916 |
CKV2_AWS_37 |
resource |
aws_sns_topic_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1917 |
CKV2_AWS_37 |
resource |
aws_spot_datafeed_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1918 |
CKV2_AWS_37 |
resource |
aws_spot_fleet_request |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1919 |
CKV2_AWS_37 |
resource |
aws_spot_instance_request |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1920 |
CKV2_AWS_37 |
resource |
aws_sqs_queue |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1921 |
CKV2_AWS_37 |
resource |
aws_sqs_queue_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1922 |
CKV2_AWS_37 |
resource |
aws_sqs_queue_redrive_allow_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1923 |
CKV2_AWS_37 |
resource |
aws_sqs_queue_redrive_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1924 |
CKV2_AWS_37 |
resource |
aws_ssm_activation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1925 |
CKV2_AWS_37 |
resource |
aws_ssm_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1926 |
CKV2_AWS_37 |
resource |
aws_ssm_default_patch_baseline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1927 |
CKV2_AWS_37 |
resource |
aws_ssm_document |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1928 |
CKV2_AWS_37 |
resource |
aws_ssm_maintenance_window |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1929 |
CKV2_AWS_37 |
resource |
aws_ssm_maintenance_window_target |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1930 |
CKV2_AWS_37 |
resource |
aws_ssm_maintenance_window_task |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1931 |
CKV2_AWS_37 |
resource |
aws_ssm_parameter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1932 |
CKV2_AWS_37 |
resource |
aws_ssm_patch_baseline |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1933 |
CKV2_AWS_37 |
resource |
aws_ssm_patch_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1934 |
CKV2_AWS_37 |
resource |
aws_ssm_resource_data_sync |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1935 |
CKV2_AWS_37 |
resource |
aws_ssm_service_setting |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1936 |
CKV2_AWS_37 |
resource |
aws_ssmcontacts_contact |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1937 |
CKV2_AWS_37 |
resource |
aws_ssmcontacts_contact_channel |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1938 |
CKV2_AWS_37 |
resource |
aws_ssmcontacts_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1939 |
CKV2_AWS_37 |
resource |
aws_ssmcontacts_rotation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1940 |
CKV2_AWS_37 |
resource |
aws_ssmincidents_replication_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1941 |
CKV2_AWS_37 |
resource |
aws_ssmincidents_response_plan |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1942 |
CKV2_AWS_37 |
resource |
aws_ssmquicksetup_configuration_manager |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1943 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_account_assignment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1944 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_application |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1945 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_application_access_scope |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1946 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_application_assignment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1947 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_application_assignment_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1948 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_customer_managed_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1949 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_instance_access_control_attributes |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1950 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_managed_policy_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1951 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_permission_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1952 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1953 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_permissions_boundary_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1954 |
CKV2_AWS_37 |
resource |
aws_ssoadmin_trusted_token_issuer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1955 |
CKV2_AWS_37 |
resource |
aws_storagegateway_cache |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1956 |
CKV2_AWS_37 |
resource |
aws_storagegateway_cached_iscsi_volume |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1957 |
CKV2_AWS_37 |
resource |
aws_storagegateway_file_system_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1958 |
CKV2_AWS_37 |
resource |
aws_storagegateway_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1959 |
CKV2_AWS_37 |
resource |
aws_storagegateway_nfs_file_share |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1960 |
CKV2_AWS_37 |
resource |
aws_storagegateway_smb_file_share |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1961 |
CKV2_AWS_37 |
resource |
aws_storagegateway_stored_iscsi_volume |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1962 |
CKV2_AWS_37 |
resource |
aws_storagegateway_tape_pool |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1963 |
CKV2_AWS_37 |
resource |
aws_storagegateway_upload_buffer |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1964 |
CKV2_AWS_37 |
resource |
aws_storagegateway_working_storage |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1965 |
CKV2_AWS_37 |
resource |
aws_subnet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1966 |
CKV2_AWS_37 |
resource |
aws_swf_domain |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1967 |
CKV2_AWS_37 |
resource |
aws_synthetics_canary |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1968 |
CKV2_AWS_37 |
resource |
aws_synthetics_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1969 |
CKV2_AWS_37 |
resource |
aws_synthetics_group_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1970 |
CKV2_AWS_37 |
resource |
aws_timestreaminfluxdb_db_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1971 |
CKV2_AWS_37 |
resource |
aws_timestreamquery_scheduled_query |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1972 |
CKV2_AWS_37 |
resource |
aws_timestreamwrite_database |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1973 |
CKV2_AWS_37 |
resource |
aws_timestreamwrite_table |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1974 |
CKV2_AWS_37 |
resource |
aws_transcribe_language_model |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1975 |
CKV2_AWS_37 |
resource |
aws_transcribe_medical_vocabulary |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1976 |
CKV2_AWS_37 |
resource |
aws_transcribe_vocabulary |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1977 |
CKV2_AWS_37 |
resource |
aws_transcribe_vocabulary_filter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1978 |
CKV2_AWS_37 |
resource |
aws_transfer_access |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1979 |
CKV2_AWS_37 |
resource |
aws_transfer_agreement |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1980 |
CKV2_AWS_37 |
resource |
aws_transfer_certificate |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1981 |
CKV2_AWS_37 |
resource |
aws_transfer_connector |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1982 |
CKV2_AWS_37 |
resource |
aws_transfer_profile |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1983 |
CKV2_AWS_37 |
resource |
aws_transfer_server |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1984 |
CKV2_AWS_37 |
resource |
aws_transfer_ssh_key |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1985 |
CKV2_AWS_37 |
resource |
aws_transfer_tag |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1986 |
CKV2_AWS_37 |
resource |
aws_transfer_user |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1987 |
CKV2_AWS_37 |
resource |
aws_transfer_workflow |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1988 |
CKV2_AWS_37 |
resource |
aws_verifiedaccess_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1989 |
CKV2_AWS_37 |
resource |
aws_verifiedaccess_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1990 |
CKV2_AWS_37 |
resource |
aws_verifiedaccess_instance |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1991 |
CKV2_AWS_37 |
resource |
aws_verifiedaccess_instance_logging_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1992 |
CKV2_AWS_37 |
resource |
aws_verifiedaccess_instance_trust_provider_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1993 |
CKV2_AWS_37 |
resource |
aws_verifiedaccess_trust_provider |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1994 |
CKV2_AWS_37 |
resource |
aws_verifiedpermissions_identity_source |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1995 |
CKV2_AWS_37 |
resource |
aws_verifiedpermissions_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1996 |
CKV2_AWS_37 |
resource |
aws_verifiedpermissions_policy_store |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1997 |
CKV2_AWS_37 |
resource |
aws_verifiedpermissions_policy_template |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1998 |
CKV2_AWS_37 |
resource |
aws_verifiedpermissions_schema |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 1999 |
CKV2_AWS_37 |
resource |
aws_volume_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2000 |
CKV2_AWS_37 |
resource |
aws_vpc |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2001 |
CKV2_AWS_37 |
resource |
aws_vpc_block_public_access_exclusion |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2002 |
CKV2_AWS_37 |
resource |
aws_vpc_block_public_access_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2003 |
CKV2_AWS_37 |
resource |
aws_vpc_dhcp_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2004 |
CKV2_AWS_37 |
resource |
aws_vpc_dhcp_options_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2005 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2006 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_connection_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2007 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_connection_notification |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2008 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2009 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_private_dns |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2010 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_route_table_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2011 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_security_group_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2012 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2013 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_service_allowed_principal |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2014 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_service_private_dns_verification |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2015 |
CKV2_AWS_37 |
resource |
aws_vpc_endpoint_subnet_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2016 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2017 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_organization_admin_account |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2018 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_pool |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2019 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_pool_cidr |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2020 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_pool_cidr_allocation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2021 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_preview_next_cidr |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2022 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_resource_discovery |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2023 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_resource_discovery_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2024 |
CKV2_AWS_37 |
resource |
aws_vpc_ipam_scope |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2025 |
CKV2_AWS_37 |
resource |
aws_vpc_ipv4_cidr_block_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2026 |
CKV2_AWS_37 |
resource |
aws_vpc_ipv6_cidr_block_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2027 |
CKV2_AWS_37 |
resource |
aws_vpc_network_performance_metric_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2028 |
CKV2_AWS_37 |
resource |
aws_vpc_peering_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2029 |
CKV2_AWS_37 |
resource |
aws_vpc_peering_connection_accepter |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2030 |
CKV2_AWS_37 |
resource |
aws_vpc_peering_connection_options |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2031 |
CKV2_AWS_37 |
resource |
aws_vpc_security_group_egress_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2032 |
CKV2_AWS_37 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2033 |
CKV2_AWS_37 |
resource |
aws_vpc_security_group_vpc_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2034 |
CKV2_AWS_37 |
resource |
aws_vpclattice_access_log_subscription |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2035 |
CKV2_AWS_37 |
resource |
aws_vpclattice_auth_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2036 |
CKV2_AWS_37 |
resource |
aws_vpclattice_listener |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2037 |
CKV2_AWS_37 |
resource |
aws_vpclattice_listener_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2038 |
CKV2_AWS_37 |
resource |
aws_vpclattice_resource_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2039 |
CKV2_AWS_37 |
resource |
aws_vpclattice_resource_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2040 |
CKV2_AWS_37 |
resource |
aws_vpclattice_resource_policy |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2041 |
CKV2_AWS_37 |
resource |
aws_vpclattice_service |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2042 |
CKV2_AWS_37 |
resource |
aws_vpclattice_service_network |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2043 |
CKV2_AWS_37 |
resource |
aws_vpclattice_service_network_resource_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2044 |
CKV2_AWS_37 |
resource |
aws_vpclattice_service_network_service_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2045 |
CKV2_AWS_37 |
resource |
aws_vpclattice_service_network_vpc_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2046 |
CKV2_AWS_37 |
resource |
aws_vpclattice_target_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2047 |
CKV2_AWS_37 |
resource |
aws_vpclattice_target_group_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2048 |
CKV2_AWS_37 |
resource |
aws_vpn_connection |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2049 |
CKV2_AWS_37 |
resource |
aws_vpn_connection_route |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2050 |
CKV2_AWS_37 |
resource |
aws_vpn_gateway |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2051 |
CKV2_AWS_37 |
resource |
aws_vpn_gateway_attachment |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2052 |
CKV2_AWS_37 |
resource |
aws_vpn_gateway_route_propagation |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2053 |
CKV2_AWS_37 |
resource |
aws_waf_byte_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2054 |
CKV2_AWS_37 |
resource |
aws_waf_geo_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2055 |
CKV2_AWS_37 |
resource |
aws_waf_ipset |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2056 |
CKV2_AWS_37 |
resource |
aws_waf_rate_based_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2057 |
CKV2_AWS_37 |
resource |
aws_waf_regex_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2058 |
CKV2_AWS_37 |
resource |
aws_waf_regex_pattern_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2059 |
CKV2_AWS_37 |
resource |
aws_waf_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2060 |
CKV2_AWS_37 |
resource |
aws_waf_rule_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2061 |
CKV2_AWS_37 |
resource |
aws_waf_size_constraint_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2062 |
CKV2_AWS_37 |
resource |
aws_waf_sql_injection_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2063 |
CKV2_AWS_37 |
resource |
aws_waf_web_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2064 |
CKV2_AWS_37 |
resource |
aws_waf_xss_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2065 |
CKV2_AWS_37 |
resource |
aws_wafregional_byte_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2066 |
CKV2_AWS_37 |
resource |
aws_wafregional_geo_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2067 |
CKV2_AWS_37 |
resource |
aws_wafregional_ipset |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2068 |
CKV2_AWS_37 |
resource |
aws_wafregional_rate_based_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2069 |
CKV2_AWS_37 |
resource |
aws_wafregional_regex_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2070 |
CKV2_AWS_37 |
resource |
aws_wafregional_regex_pattern_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2071 |
CKV2_AWS_37 |
resource |
aws_wafregional_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2072 |
CKV2_AWS_37 |
resource |
aws_wafregional_rule_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2073 |
CKV2_AWS_37 |
resource |
aws_wafregional_size_constraint_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2074 |
CKV2_AWS_37 |
resource |
aws_wafregional_sql_injection_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2075 |
CKV2_AWS_37 |
resource |
aws_wafregional_web_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2076 |
CKV2_AWS_37 |
resource |
aws_wafregional_web_acl_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2077 |
CKV2_AWS_37 |
resource |
aws_wafregional_xss_match_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2078 |
CKV2_AWS_37 |
resource |
aws_wafv2_ip_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2079 |
CKV2_AWS_37 |
resource |
aws_wafv2_regex_pattern_set |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2080 |
CKV2_AWS_37 |
resource |
aws_wafv2_rule_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2081 |
CKV2_AWS_37 |
resource |
aws_wafv2_web_acl |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2082 |
CKV2_AWS_37 |
resource |
aws_wafv2_web_acl_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2083 |
CKV2_AWS_37 |
resource |
aws_wafv2_web_acl_logging_configuration |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2084 |
CKV2_AWS_37 |
resource |
aws_worklink_fleet |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2085 |
CKV2_AWS_37 |
resource |
aws_worklink_website_certificate_authority_association |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2086 |
CKV2_AWS_37 |
resource |
aws_workspaces_connection_alias |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2087 |
CKV2_AWS_37 |
resource |
aws_workspaces_directory |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2088 |
CKV2_AWS_37 |
resource |
aws_workspaces_ip_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2089 |
CKV2_AWS_37 |
resource |
aws_workspaces_workspace |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2090 |
CKV2_AWS_37 |
resource |
aws_xray_encryption_config |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2091 |
CKV2_AWS_37 |
resource |
aws_xray_group |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2092 |
CKV2_AWS_37 |
resource |
aws_xray_sampling_rule |
Ensure CodeCommit associates an approval rule |
Terraform |
CodecommitApprovalRulesAttached.yaml |
| 2093 |
CKV2_AWS_38 |
resource |
aws_route53_zone |
Ensure Domain Name System Security Extensions (DNSSEC) signing is enabled for Amazon Route 53 public hosted zones |
Terraform |
Route53ZoneEnableDNSSECSigning.yaml |
| 2094 |
CKV2_AWS_39 |
resource |
aws_route53_zone |
Ensure Domain Name System (DNS) query logging is enabled for Amazon Route 53 hosted zones |
Terraform |
Route53ZoneHasMatchingQueryLog.yaml |
| 2095 |
CKV2_AWS_40 |
resource |
aws_iam_group_policy |
Ensure AWS IAM policy does not allow full IAM privileges |
Terraform |
IAMPolicyNotAllowFullIAMAccess.yaml |
| 2096 |
CKV2_AWS_40 |
resource |
aws_iam_policy |
Ensure AWS IAM policy does not allow full IAM privileges |
Terraform |
IAMPolicyNotAllowFullIAMAccess.yaml |
| 2097 |
CKV2_AWS_40 |
resource |
aws_iam_role_policy |
Ensure AWS IAM policy does not allow full IAM privileges |
Terraform |
IAMPolicyNotAllowFullIAMAccess.yaml |
| 2098 |
CKV2_AWS_40 |
resource |
aws_iam_user_policy |
Ensure AWS IAM policy does not allow full IAM privileges |
Terraform |
IAMPolicyNotAllowFullIAMAccess.yaml |
| 2099 |
CKV2_AWS_40 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure AWS IAM policy does not allow full IAM privileges |
Terraform |
IAMPolicyNotAllowFullIAMAccess.yaml |
| 2100 |
CKV2_AWS_40 |
resource |
data.aws_iam_policy_document |
Ensure AWS IAM policy does not allow full IAM privileges |
Terraform |
IAMPolicyNotAllowFullIAMAccess.yaml |
| 2101 |
CKV2_AWS_41 |
resource |
aws_instance |
Ensure an IAM role is attached to EC2 instance |
Terraform |
EC2InstanceHasIAMRoleAttached.yaml |
| 2102 |
CKV2_AWS_42 |
resource |
aws_cloudfront_distribution |
Ensure AWS CloudFront distribution uses custom SSL certificate |
Terraform |
CloudFrontHasCustomSSLCertificate.yaml |
| 2103 |
CKV2_AWS_43 |
resource |
aws_s3_bucket_acl |
Ensure S3 Bucket does not allow access to all Authenticated users |
Terraform |
S3NotAllowAccessToAllAuthenticatedUsers.yaml |
| 2104 |
CKV2_AWS_44 |
resource |
aws_route |
Ensure AWS route table with VPC peering does not contain routes overly permissive to all traffic |
Terraform |
VPCPeeringRouteTableOverlyPermissive.yaml |
| 2105 |
CKV2_AWS_44 |
resource |
aws_route_table |
Ensure AWS route table with VPC peering does not contain routes overly permissive to all traffic |
Terraform |
VPCPeeringRouteTableOverlyPermissive.yaml |
| 2106 |
CKV2_AWS_45 |
resource |
aws_config_configuration_recorder |
Ensure AWS Config recorder is enabled to record all supported resources |
Terraform |
AWSConfigRecorderEnabled.yaml |
| 2107 |
CKV2_AWS_45 |
resource |
aws_config_configuration_recorder_status |
Ensure AWS Config recorder is enabled to record all supported resources |
Terraform |
AWSConfigRecorderEnabled.yaml |
| 2108 |
CKV2_AWS_46 |
resource |
aws_cloudfront_distribution |
Ensure AWS CloudFront Distribution with S3 have Origin Access set to enabled |
Terraform |
CLoudFrontS3OriginConfigWithOAI.yaml |
| 2109 |
CKV2_AWS_47 |
resource |
aws_cloudfront_distribution |
Ensure AWS CloudFront attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
CloudFrontWebACLConfiguredWIthLog4jVulnerability.yaml |
| 2110 |
CKV2_AWS_47 |
resource |
aws_wafv2_web_acl |
Ensure AWS CloudFront attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
CloudFrontWebACLConfiguredWIthLog4jVulnerability.yaml |
| 2111 |
CKV2_AWS_48 |
resource |
aws_config_configuration_recorder |
Ensure AWS Config must record all possible resources |
Terraform |
ConfigRecorderRecordsAllGlobalResources.yaml |
| 2112 |
CKV2_AWS_49 |
resource |
aws_dms_endpoint |
Ensure AWS Database Migration Service endpoints have SSL configured |
Terraform |
DMSEndpointHaveSSLConfigured.yaml |
| 2113 |
CKV2_AWS_50 |
resource |
aws_elasticache_replication_group |
Ensure AWS ElastiCache Redis cluster with Multi-AZ Automatic Failover feature set to enabled |
Terraform |
ElastiCacheRedisConfiguredAutomaticFailOver.yaml |
| 2114 |
CKV2_AWS_51 |
resource |
aws_api_gateway_stage |
Ensure AWS API Gateway endpoints uses client certificate authentication |
Terraform |
APIGatewayEndpointsUsesCertificateForAuthentication.yaml |
| 2115 |
CKV2_AWS_51 |
resource |
aws_apigatewayv2_api |
Ensure AWS API Gateway endpoints uses client certificate authentication |
Terraform |
APIGatewayEndpointsUsesCertificateForAuthentication.yaml |
| 2116 |
CKV2_AWS_51 |
resource |
aws_apigatewayv2_stage |
Ensure AWS API Gateway endpoints uses client certificate authentication |
Terraform |
APIGatewayEndpointsUsesCertificateForAuthentication.yaml |
| 2117 |
CKV2_AWS_52 |
resource |
aws_elasticsearch_domain |
Ensure AWS ElasticSearch/OpenSearch Fine-grained access control is enabled |
Terraform |
OpenSearchDomainHasFineGrainedControl.yaml |
| 2118 |
CKV2_AWS_52 |
resource |
aws_opensearch_domain |
Ensure AWS ElasticSearch/OpenSearch Fine-grained access control is enabled |
Terraform |
OpenSearchDomainHasFineGrainedControl.yaml |
| 2119 |
CKV2_AWS_53 |
resource |
aws_api_gateway_method |
Ensure AWS API gateway request is validated |
Terraform |
APIGatewayRequestParameterValidationEnabled.yaml |
| 2120 |
CKV2_AWS_54 |
resource |
aws_cloudfront_distribution |
Ensure AWS CloudFront distribution is using secure SSL protocols for HTTPS communication |
Terraform |
CloudFrontUsesSecureProtocolsForHTTPS.yaml |
| 2121 |
CKV2_AWS_55 |
resource |
aws_emr_cluster |
Ensure AWS EMR cluster is configured with security configuration |
Terraform |
EMRClusterHasSecurityConfiguration.yaml |
| 2122 |
CKV2_AWS_56 |
resource |
aws_iam_group_policy_attachment |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2123 |
CKV2_AWS_56 |
resource |
aws_iam_policy_attachment |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2124 |
CKV2_AWS_56 |
resource |
aws_iam_role |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2125 |
CKV2_AWS_56 |
resource |
aws_iam_role_policy_attachment |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2126 |
CKV2_AWS_56 |
resource |
aws_iam_user_policy_attachment |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2127 |
CKV2_AWS_56 |
resource |
aws_ssoadmin_managed_policy_attachment |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2128 |
CKV2_AWS_56 |
resource |
data.aws_iam_policy |
Ensure AWS Managed IAMFullAccess IAM policy is not used. |
Terraform |
IAMManagedIAMFullAccessPolicy.yaml |
| 2129 |
CKV2_AWS_57 |
resource |
aws_secretsmanager_secret |
Ensure Secrets Manager secrets should have automatic rotation enabled |
Terraform |
SecretsAreRotated.yaml |
| 2130 |
CKV2_AWS_58 |
resource |
aws_neptune_cluster |
Ensure AWS Neptune cluster deletion protection is enabled |
Terraform |
NeptuneDeletionProtectionEnabled.yaml |
| 2131 |
CKV2_AWS_59 |
resource |
aws_elasticsearch_domain |
Ensure ElasticSearch/OpenSearch has dedicated master node enabled |
Terraform |
ElasticSearchDedicatedMasterEnabled.yaml |
| 2132 |
CKV2_AWS_59 |
resource |
aws_opensearch_domain |
Ensure ElasticSearch/OpenSearch has dedicated master node enabled |
Terraform |
ElasticSearchDedicatedMasterEnabled.yaml |
| 2133 |
CKV2_AWS_60 |
resource |
aws_db_instance |
Ensure RDS instance with copy tags to snapshots is enabled |
Terraform |
RDSEnableCopyTagsToSnapshot.yaml |
| 2134 |
CKV2_AWS_61 |
resource |
aws_s3_bucket |
Ensure that an S3 bucket has a lifecycle configuration |
Terraform |
S3BucketLifecycle.yaml |
| 2135 |
CKV2_AWS_62 |
resource |
aws_s3_bucket |
Ensure S3 buckets should have event notifications enabled |
Terraform |
S3BucketEventNotifications.yaml |
| 2136 |
CKV2_AWS_63 |
resource |
aws_networkfirewall_firewall |
Ensure Network firewall has logging configuration defined |
Terraform |
NetworkFirewallHasLogging.yaml |
| 2137 |
CKV2_AWS_64 |
resource |
aws_kms_key |
Ensure KMS key Policy is defined |
Terraform |
KmsKeyPolicyIsDefined.yaml |
| 2138 |
CKV2_AWS_65 |
resource |
aws_s3_bucket_ownership_controls |
Ensure access control lists for S3 buckets are disabled |
Terraform |
AWSdisableS3ACL.yaml |
| 2139 |
CKV2_AWS_66 |
resource |
aws_mwaa_environment |
Ensure MWAA environment is not publicly accessible |
Terraform |
AWS_private_MWAA_environment.yaml |
| 2140 |
CKV2_AWS_68 |
resource |
aws_iam_role |
Ensure SageMaker notebook instance IAM policy is not overly permissive |
Terraform |
SageMakerIAMPolicyOverlyPermissiveToAllTraffic.yaml |
| 2141 |
CKV2_AWS_68 |
resource |
aws_sagemaker_notebook_instance |
Ensure SageMaker notebook instance IAM policy is not overly permissive |
Terraform |
SageMakerIAMPolicyOverlyPermissiveToAllTraffic.yaml |
| 2142 |
CKV2_AWS_69 |
resource |
aws_db_instance |
Ensure AWS RDS database instance configured with encryption in transit |
Terraform |
RDSEncryptionInTransit.yaml |
| 2143 |
CKV2_AWS_69 |
resource |
aws_db_parameter_group |
Ensure AWS RDS database instance configured with encryption in transit |
Terraform |
RDSEncryptionInTransit.yaml |
| 2144 |
CKV2_AWS_70 |
resource |
aws_api_gateway_method |
Ensure API gateway method has authorization or API key set |
Terraform |
APIGatewayMethodWOAuth.py |
| 2145 |
CKV2_AWS_71 |
resource |
aws_acm_certificate |
Ensure AWS ACM Certificate domain name does not include wildcards |
Terraform |
ACMWildcardDomainName.yaml |
| 2146 |
CKV2_AWS_72 |
resource |
aws_cloudfront_distribution |
Ensure AWS CloudFront origin protocol policy enforces HTTPS-only |
Terraform |
CloudfrontOriginNotHTTPSOnly.yaml |
| 2147 |
CKV2_AWS_73 |
resource |
aws_sqs_queue |
Ensure AWS SQS uses CMK not AWS default keys for encryption |
Terraform |
SQSEncryptionCMK.yaml |
| 2148 |
CKV2_AWS_74 |
resource |
aws_alb_listener |
Ensure AWS Load Balancers use strong ciphers |
Terraform |
LBWeakCiphers.yaml |
| 2149 |
CKV2_AWS_74 |
resource |
aws_lb_listener |
Ensure AWS Load Balancers use strong ciphers |
Terraform |
LBWeakCiphers.yaml |
| 2150 |
CKV2_AWS_75 |
resource |
aws |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2151 |
CKV2_AWS_75 |
resource |
aws_accessanalyzer_analyzer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2152 |
CKV2_AWS_75 |
resource |
aws_accessanalyzer_archive_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2153 |
CKV2_AWS_75 |
resource |
aws_account_alternate_contact |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2154 |
CKV2_AWS_75 |
resource |
aws_account_primary_contact |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2155 |
CKV2_AWS_75 |
resource |
aws_account_region |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2156 |
CKV2_AWS_75 |
resource |
aws_acm_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2157 |
CKV2_AWS_75 |
resource |
aws_acm_certificate_validation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2158 |
CKV2_AWS_75 |
resource |
aws_acmpca_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2159 |
CKV2_AWS_75 |
resource |
aws_acmpca_certificate_authority |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2160 |
CKV2_AWS_75 |
resource |
aws_acmpca_certificate_authority_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2161 |
CKV2_AWS_75 |
resource |
aws_acmpca_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2162 |
CKV2_AWS_75 |
resource |
aws_acmpca_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2163 |
CKV2_AWS_75 |
resource |
aws_alb |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2164 |
CKV2_AWS_75 |
resource |
aws_alb_listener |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2165 |
CKV2_AWS_75 |
resource |
aws_alb_listener_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2166 |
CKV2_AWS_75 |
resource |
aws_alb_listener_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2167 |
CKV2_AWS_75 |
resource |
aws_alb_target_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2168 |
CKV2_AWS_75 |
resource |
aws_alb_target_group_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2169 |
CKV2_AWS_75 |
resource |
aws_ami |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2170 |
CKV2_AWS_75 |
resource |
aws_ami_copy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2171 |
CKV2_AWS_75 |
resource |
aws_ami_from_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2172 |
CKV2_AWS_75 |
resource |
aws_ami_launch_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2173 |
CKV2_AWS_75 |
resource |
aws_amplify_app |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2174 |
CKV2_AWS_75 |
resource |
aws_amplify_backend_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2175 |
CKV2_AWS_75 |
resource |
aws_amplify_branch |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2176 |
CKV2_AWS_75 |
resource |
aws_amplify_domain_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2177 |
CKV2_AWS_75 |
resource |
aws_amplify_webhook |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2178 |
CKV2_AWS_75 |
resource |
aws_api_gateway_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2179 |
CKV2_AWS_75 |
resource |
aws_api_gateway_api_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2180 |
CKV2_AWS_75 |
resource |
aws_api_gateway_authorizer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2181 |
CKV2_AWS_75 |
resource |
aws_api_gateway_base_path_mapping |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2182 |
CKV2_AWS_75 |
resource |
aws_api_gateway_client_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2183 |
CKV2_AWS_75 |
resource |
aws_api_gateway_deployment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2184 |
CKV2_AWS_75 |
resource |
aws_api_gateway_documentation_part |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2185 |
CKV2_AWS_75 |
resource |
aws_api_gateway_documentation_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2186 |
CKV2_AWS_75 |
resource |
aws_api_gateway_domain_name |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2187 |
CKV2_AWS_75 |
resource |
aws_api_gateway_domain_name_access_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2188 |
CKV2_AWS_75 |
resource |
aws_api_gateway_gateway_response |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2189 |
CKV2_AWS_75 |
resource |
aws_api_gateway_integration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2190 |
CKV2_AWS_75 |
resource |
aws_api_gateway_integration_response |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2191 |
CKV2_AWS_75 |
resource |
aws_api_gateway_method |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2192 |
CKV2_AWS_75 |
resource |
aws_api_gateway_method_response |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2193 |
CKV2_AWS_75 |
resource |
aws_api_gateway_method_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2194 |
CKV2_AWS_75 |
resource |
aws_api_gateway_model |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2195 |
CKV2_AWS_75 |
resource |
aws_api_gateway_request_validator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2196 |
CKV2_AWS_75 |
resource |
aws_api_gateway_resource |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2197 |
CKV2_AWS_75 |
resource |
aws_api_gateway_rest_api |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2198 |
CKV2_AWS_75 |
resource |
aws_api_gateway_rest_api_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2199 |
CKV2_AWS_75 |
resource |
aws_api_gateway_stage |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2200 |
CKV2_AWS_75 |
resource |
aws_api_gateway_usage_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2201 |
CKV2_AWS_75 |
resource |
aws_api_gateway_usage_plan_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2202 |
CKV2_AWS_75 |
resource |
aws_api_gateway_vpc_link |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2203 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_api |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2204 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_api_mapping |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2205 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_authorizer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2206 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_deployment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2207 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_domain_name |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2208 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_integration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2209 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_integration_response |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2210 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_model |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2211 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2212 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_route_response |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2213 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_stage |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2214 |
CKV2_AWS_75 |
resource |
aws_apigatewayv2_vpc_link |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2215 |
CKV2_AWS_75 |
resource |
aws_app_cookie_stickiness_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2216 |
CKV2_AWS_75 |
resource |
aws_appautoscaling_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2217 |
CKV2_AWS_75 |
resource |
aws_appautoscaling_scheduled_action |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2218 |
CKV2_AWS_75 |
resource |
aws_appautoscaling_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2219 |
CKV2_AWS_75 |
resource |
aws_appconfig_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2220 |
CKV2_AWS_75 |
resource |
aws_appconfig_configuration_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2221 |
CKV2_AWS_75 |
resource |
aws_appconfig_deployment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2222 |
CKV2_AWS_75 |
resource |
aws_appconfig_deployment_strategy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2223 |
CKV2_AWS_75 |
resource |
aws_appconfig_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2224 |
CKV2_AWS_75 |
resource |
aws_appconfig_extension |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2225 |
CKV2_AWS_75 |
resource |
aws_appconfig_extension_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2226 |
CKV2_AWS_75 |
resource |
aws_appconfig_hosted_configuration_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2227 |
CKV2_AWS_75 |
resource |
aws_appfabric_app_authorization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2228 |
CKV2_AWS_75 |
resource |
aws_appfabric_app_authorization_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2229 |
CKV2_AWS_75 |
resource |
aws_appfabric_app_bundle |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2230 |
CKV2_AWS_75 |
resource |
aws_appfabric_ingestion |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2231 |
CKV2_AWS_75 |
resource |
aws_appfabric_ingestion_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2232 |
CKV2_AWS_75 |
resource |
aws_appflow_connector_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2233 |
CKV2_AWS_75 |
resource |
aws_appflow_flow |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2234 |
CKV2_AWS_75 |
resource |
aws_appintegrations_data_integration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2235 |
CKV2_AWS_75 |
resource |
aws_appintegrations_event_integration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2236 |
CKV2_AWS_75 |
resource |
aws_applicationinsights_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2237 |
CKV2_AWS_75 |
resource |
aws_appmesh_gateway_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2238 |
CKV2_AWS_75 |
resource |
aws_appmesh_mesh |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2239 |
CKV2_AWS_75 |
resource |
aws_appmesh_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2240 |
CKV2_AWS_75 |
resource |
aws_appmesh_virtual_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2241 |
CKV2_AWS_75 |
resource |
aws_appmesh_virtual_node |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2242 |
CKV2_AWS_75 |
resource |
aws_appmesh_virtual_router |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2243 |
CKV2_AWS_75 |
resource |
aws_appmesh_virtual_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2244 |
CKV2_AWS_75 |
resource |
aws_apprunner_auto_scaling_configuration_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2245 |
CKV2_AWS_75 |
resource |
aws_apprunner_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2246 |
CKV2_AWS_75 |
resource |
aws_apprunner_custom_domain_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2247 |
CKV2_AWS_75 |
resource |
aws_apprunner_default_auto_scaling_configuration_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2248 |
CKV2_AWS_75 |
resource |
aws_apprunner_deployment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2249 |
CKV2_AWS_75 |
resource |
aws_apprunner_observability_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2250 |
CKV2_AWS_75 |
resource |
aws_apprunner_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2251 |
CKV2_AWS_75 |
resource |
aws_apprunner_vpc_connector |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2252 |
CKV2_AWS_75 |
resource |
aws_apprunner_vpc_ingress_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2253 |
CKV2_AWS_75 |
resource |
aws_appstream_directory_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2254 |
CKV2_AWS_75 |
resource |
aws_appstream_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2255 |
CKV2_AWS_75 |
resource |
aws_appstream_fleet_stack_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2256 |
CKV2_AWS_75 |
resource |
aws_appstream_image_builder |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2257 |
CKV2_AWS_75 |
resource |
aws_appstream_stack |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2258 |
CKV2_AWS_75 |
resource |
aws_appstream_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2259 |
CKV2_AWS_75 |
resource |
aws_appstream_user_stack_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2260 |
CKV2_AWS_75 |
resource |
aws_appsync_api_cache |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2261 |
CKV2_AWS_75 |
resource |
aws_appsync_api_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2262 |
CKV2_AWS_75 |
resource |
aws_appsync_datasource |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2263 |
CKV2_AWS_75 |
resource |
aws_appsync_domain_name |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2264 |
CKV2_AWS_75 |
resource |
aws_appsync_domain_name_api_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2265 |
CKV2_AWS_75 |
resource |
aws_appsync_function |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2266 |
CKV2_AWS_75 |
resource |
aws_appsync_graphql_api |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2267 |
CKV2_AWS_75 |
resource |
aws_appsync_resolver |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2268 |
CKV2_AWS_75 |
resource |
aws_appsync_source_api_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2269 |
CKV2_AWS_75 |
resource |
aws_appsync_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2270 |
CKV2_AWS_75 |
resource |
aws_athena_data_catalog |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2271 |
CKV2_AWS_75 |
resource |
aws_athena_database |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2272 |
CKV2_AWS_75 |
resource |
aws_athena_named_query |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2273 |
CKV2_AWS_75 |
resource |
aws_athena_prepared_statement |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2274 |
CKV2_AWS_75 |
resource |
aws_athena_workgroup |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2275 |
CKV2_AWS_75 |
resource |
aws_auditmanager_account_registration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2276 |
CKV2_AWS_75 |
resource |
aws_auditmanager_assessment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2277 |
CKV2_AWS_75 |
resource |
aws_auditmanager_assessment_delegation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2278 |
CKV2_AWS_75 |
resource |
aws_auditmanager_assessment_report |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2279 |
CKV2_AWS_75 |
resource |
aws_auditmanager_control |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2280 |
CKV2_AWS_75 |
resource |
aws_auditmanager_framework |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2281 |
CKV2_AWS_75 |
resource |
aws_auditmanager_framework_share |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2282 |
CKV2_AWS_75 |
resource |
aws_auditmanager_organization_admin_account_registration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2283 |
CKV2_AWS_75 |
resource |
aws_autoscaling_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2284 |
CKV2_AWS_75 |
resource |
aws_autoscaling_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2285 |
CKV2_AWS_75 |
resource |
aws_autoscaling_group_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2286 |
CKV2_AWS_75 |
resource |
aws_autoscaling_lifecycle_hook |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2287 |
CKV2_AWS_75 |
resource |
aws_autoscaling_notification |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2288 |
CKV2_AWS_75 |
resource |
aws_autoscaling_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2289 |
CKV2_AWS_75 |
resource |
aws_autoscaling_schedule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2290 |
CKV2_AWS_75 |
resource |
aws_autoscaling_traffic_source_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2291 |
CKV2_AWS_75 |
resource |
aws_autoscalingplans_scaling_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2292 |
CKV2_AWS_75 |
resource |
aws_az_info |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2293 |
CKV2_AWS_75 |
resource |
aws_backup_framework |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2294 |
CKV2_AWS_75 |
resource |
aws_backup_global_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2295 |
CKV2_AWS_75 |
resource |
aws_backup_logically_air_gapped_vault |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2296 |
CKV2_AWS_75 |
resource |
aws_backup_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2297 |
CKV2_AWS_75 |
resource |
aws_backup_region_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2298 |
CKV2_AWS_75 |
resource |
aws_backup_report_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2299 |
CKV2_AWS_75 |
resource |
aws_backup_restore_testing_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2300 |
CKV2_AWS_75 |
resource |
aws_backup_restore_testing_selection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2301 |
CKV2_AWS_75 |
resource |
aws_backup_selection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2302 |
CKV2_AWS_75 |
resource |
aws_backup_vault |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2303 |
CKV2_AWS_75 |
resource |
aws_backup_vault_lock_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2304 |
CKV2_AWS_75 |
resource |
aws_backup_vault_notifications |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2305 |
CKV2_AWS_75 |
resource |
aws_backup_vault_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2306 |
CKV2_AWS_75 |
resource |
aws_batch_compute_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2307 |
CKV2_AWS_75 |
resource |
aws_batch_job_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2308 |
CKV2_AWS_75 |
resource |
aws_batch_job_queue |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2309 |
CKV2_AWS_75 |
resource |
aws_batch_scheduling_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2310 |
CKV2_AWS_75 |
resource |
aws_bcmdataexports_export |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2311 |
CKV2_AWS_75 |
resource |
aws_bedrock_custom_model |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2312 |
CKV2_AWS_75 |
resource |
aws_bedrock_guardrail |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2313 |
CKV2_AWS_75 |
resource |
aws_bedrock_guardrail_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2314 |
CKV2_AWS_75 |
resource |
aws_bedrock_inference_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2315 |
CKV2_AWS_75 |
resource |
aws_bedrock_model_invocation_logging_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2316 |
CKV2_AWS_75 |
resource |
aws_bedrock_provisioned_model_throughput |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2317 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_agent |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2318 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_agent_action_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2319 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_agent_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2320 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_agent_collaborator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2321 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_agent_knowledge_base_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2322 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_data_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2323 |
CKV2_AWS_75 |
resource |
aws_bedrockagent_knowledge_base |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2324 |
CKV2_AWS_75 |
resource |
aws_budgets_budget |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2325 |
CKV2_AWS_75 |
resource |
aws_budgets_budget_action |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2326 |
CKV2_AWS_75 |
resource |
aws_caller_info |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2327 |
CKV2_AWS_75 |
resource |
aws_ce_anomaly_monitor |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2328 |
CKV2_AWS_75 |
resource |
aws_ce_anomaly_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2329 |
CKV2_AWS_75 |
resource |
aws_ce_cost_allocation_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2330 |
CKV2_AWS_75 |
resource |
aws_ce_cost_category |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2331 |
CKV2_AWS_75 |
resource |
aws_chatbot_slack_channel_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2332 |
CKV2_AWS_75 |
resource |
aws_chatbot_teams_channel_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2333 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2334 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2335 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector_logging |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2336 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector_origination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2337 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector_streaming |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2338 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector_termination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2339 |
CKV2_AWS_75 |
resource |
aws_chime_voice_connector_termination_credentials |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2340 |
CKV2_AWS_75 |
resource |
aws_chimesdkmediapipelines_media_insights_pipeline_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2341 |
CKV2_AWS_75 |
resource |
aws_chimesdkvoice_global_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2342 |
CKV2_AWS_75 |
resource |
aws_chimesdkvoice_sip_media_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2343 |
CKV2_AWS_75 |
resource |
aws_chimesdkvoice_sip_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2344 |
CKV2_AWS_75 |
resource |
aws_chimesdkvoice_voice_profile_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2345 |
CKV2_AWS_75 |
resource |
aws_cleanrooms_collaboration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2346 |
CKV2_AWS_75 |
resource |
aws_cleanrooms_configured_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2347 |
CKV2_AWS_75 |
resource |
aws_cleanrooms_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2348 |
CKV2_AWS_75 |
resource |
aws_cloud9_environment_ec2 |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2349 |
CKV2_AWS_75 |
resource |
aws_cloud9_environment_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2350 |
CKV2_AWS_75 |
resource |
aws_cloudcontrolapi_resource |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2351 |
CKV2_AWS_75 |
resource |
aws_cloudformation_stack |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2352 |
CKV2_AWS_75 |
resource |
aws_cloudformation_stack_instances |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2353 |
CKV2_AWS_75 |
resource |
aws_cloudformation_stack_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2354 |
CKV2_AWS_75 |
resource |
aws_cloudformation_stack_set_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2355 |
CKV2_AWS_75 |
resource |
aws_cloudformation_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2356 |
CKV2_AWS_75 |
resource |
aws_cloudfront_cache_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2357 |
CKV2_AWS_75 |
resource |
aws_cloudfront_continuous_deployment_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2358 |
CKV2_AWS_75 |
resource |
aws_cloudfront_distribution |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2359 |
CKV2_AWS_75 |
resource |
aws_cloudfront_field_level_encryption_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2360 |
CKV2_AWS_75 |
resource |
aws_cloudfront_field_level_encryption_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2361 |
CKV2_AWS_75 |
resource |
aws_cloudfront_function |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2362 |
CKV2_AWS_75 |
resource |
aws_cloudfront_key_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2363 |
CKV2_AWS_75 |
resource |
aws_cloudfront_key_value_store |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2364 |
CKV2_AWS_75 |
resource |
aws_cloudfront_monitoring_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2365 |
CKV2_AWS_75 |
resource |
aws_cloudfront_origin_access_control |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2366 |
CKV2_AWS_75 |
resource |
aws_cloudfront_origin_access_identity |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2367 |
CKV2_AWS_75 |
resource |
aws_cloudfront_origin_request_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2368 |
CKV2_AWS_75 |
resource |
aws_cloudfront_public_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2369 |
CKV2_AWS_75 |
resource |
aws_cloudfront_realtime_log_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2370 |
CKV2_AWS_75 |
resource |
aws_cloudfront_response_headers_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2371 |
CKV2_AWS_75 |
resource |
aws_cloudfront_vpc_origin |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2372 |
CKV2_AWS_75 |
resource |
aws_cloudfrontkeyvaluestore_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2373 |
CKV2_AWS_75 |
resource |
aws_cloudhsm_v2_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2374 |
CKV2_AWS_75 |
resource |
aws_cloudhsm_v2_hsm |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2375 |
CKV2_AWS_75 |
resource |
aws_cloudsearch_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2376 |
CKV2_AWS_75 |
resource |
aws_cloudsearch_domain_service_access_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2377 |
CKV2_AWS_75 |
resource |
aws_cloudtrail |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2378 |
CKV2_AWS_75 |
resource |
aws_cloudtrail_event_data_store |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2379 |
CKV2_AWS_75 |
resource |
aws_cloudtrail_organization_delegated_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2380 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_composite_alarm |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2381 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_dashboard |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2382 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_api_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2383 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_archive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2384 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_bus |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2385 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_bus_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2386 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2387 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2388 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2389 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2390 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_event_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2391 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_account_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2392 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_anomaly_detector |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2393 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_data_protection_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2394 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_delivery |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2395 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_delivery_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2396 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_delivery_destination_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2397 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_delivery_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2398 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2399 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_destination_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2400 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2401 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_index_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2402 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_metric_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2403 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2404 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2405 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_log_subscription_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2406 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_metric_alarm |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2407 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_metric_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2408 |
CKV2_AWS_75 |
resource |
aws_cloudwatch_query_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2409 |
CKV2_AWS_75 |
resource |
aws_codeartifact_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2410 |
CKV2_AWS_75 |
resource |
aws_codeartifact_domain_permissions_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2411 |
CKV2_AWS_75 |
resource |
aws_codeartifact_repository |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2412 |
CKV2_AWS_75 |
resource |
aws_codeartifact_repository_permissions_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2413 |
CKV2_AWS_75 |
resource |
aws_codebuild_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2414 |
CKV2_AWS_75 |
resource |
aws_codebuild_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2415 |
CKV2_AWS_75 |
resource |
aws_codebuild_report_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2416 |
CKV2_AWS_75 |
resource |
aws_codebuild_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2417 |
CKV2_AWS_75 |
resource |
aws_codebuild_source_credential |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2418 |
CKV2_AWS_75 |
resource |
aws_codebuild_webhook |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2419 |
CKV2_AWS_75 |
resource |
aws_codecatalyst_dev_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2420 |
CKV2_AWS_75 |
resource |
aws_codecatalyst_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2421 |
CKV2_AWS_75 |
resource |
aws_codecatalyst_source_repository |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2422 |
CKV2_AWS_75 |
resource |
aws_codecommit_approval_rule_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2423 |
CKV2_AWS_75 |
resource |
aws_codecommit_approval_rule_template_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2424 |
CKV2_AWS_75 |
resource |
aws_codecommit_repository |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2425 |
CKV2_AWS_75 |
resource |
aws_codecommit_trigger |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2426 |
CKV2_AWS_75 |
resource |
aws_codeconnections_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2427 |
CKV2_AWS_75 |
resource |
aws_codeconnections_host |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2428 |
CKV2_AWS_75 |
resource |
aws_codedeploy_app |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2429 |
CKV2_AWS_75 |
resource |
aws_codedeploy_deployment_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2430 |
CKV2_AWS_75 |
resource |
aws_codedeploy_deployment_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2431 |
CKV2_AWS_75 |
resource |
aws_codeguruprofiler_profiling_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2432 |
CKV2_AWS_75 |
resource |
aws_codegurureviewer_repository_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2433 |
CKV2_AWS_75 |
resource |
aws_codepipeline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2434 |
CKV2_AWS_75 |
resource |
aws_codepipeline_custom_action_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2435 |
CKV2_AWS_75 |
resource |
aws_codepipeline_webhook |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2436 |
CKV2_AWS_75 |
resource |
aws_codestarconnections_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2437 |
CKV2_AWS_75 |
resource |
aws_codestarconnections_host |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2438 |
CKV2_AWS_75 |
resource |
aws_codestarnotifications_notification_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2439 |
CKV2_AWS_75 |
resource |
aws_cognito_identity_pool |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2440 |
CKV2_AWS_75 |
resource |
aws_cognito_identity_pool_provider_principal_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2441 |
CKV2_AWS_75 |
resource |
aws_cognito_identity_pool_roles_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2442 |
CKV2_AWS_75 |
resource |
aws_cognito_identity_provider |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2443 |
CKV2_AWS_75 |
resource |
aws_cognito_managed_user_pool_client |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2444 |
CKV2_AWS_75 |
resource |
aws_cognito_resource_server |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2445 |
CKV2_AWS_75 |
resource |
aws_cognito_risk_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2446 |
CKV2_AWS_75 |
resource |
aws_cognito_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2447 |
CKV2_AWS_75 |
resource |
aws_cognito_user_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2448 |
CKV2_AWS_75 |
resource |
aws_cognito_user_in_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2449 |
CKV2_AWS_75 |
resource |
aws_cognito_user_pool |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2450 |
CKV2_AWS_75 |
resource |
aws_cognito_user_pool_client |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2451 |
CKV2_AWS_75 |
resource |
aws_cognito_user_pool_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2452 |
CKV2_AWS_75 |
resource |
aws_cognito_user_pool_ui_customization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2453 |
CKV2_AWS_75 |
resource |
aws_comprehend_document_classifier |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2454 |
CKV2_AWS_75 |
resource |
aws_comprehend_entity_recognizer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2455 |
CKV2_AWS_75 |
resource |
aws_computeoptimizer_enrollment_status |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2456 |
CKV2_AWS_75 |
resource |
aws_computeoptimizer_recommendation_preferences |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2457 |
CKV2_AWS_75 |
resource |
aws_config_aggregate_authorization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2458 |
CKV2_AWS_75 |
resource |
aws_config_config_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2459 |
CKV2_AWS_75 |
resource |
aws_config_configuration_aggregator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2460 |
CKV2_AWS_75 |
resource |
aws_config_configuration_recorder |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2461 |
CKV2_AWS_75 |
resource |
aws_config_configuration_recorder_status |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2462 |
CKV2_AWS_75 |
resource |
aws_config_conformance_pack |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2463 |
CKV2_AWS_75 |
resource |
aws_config_delivery_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2464 |
CKV2_AWS_75 |
resource |
aws_config_organization_conformance_pack |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2465 |
CKV2_AWS_75 |
resource |
aws_config_organization_custom_policy_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2466 |
CKV2_AWS_75 |
resource |
aws_config_organization_custom_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2467 |
CKV2_AWS_75 |
resource |
aws_config_organization_managed_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2468 |
CKV2_AWS_75 |
resource |
aws_config_remediation_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2469 |
CKV2_AWS_75 |
resource |
aws_config_retention_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2470 |
CKV2_AWS_75 |
resource |
aws_connect_bot_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2471 |
CKV2_AWS_75 |
resource |
aws_connect_contact_flow |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2472 |
CKV2_AWS_75 |
resource |
aws_connect_contact_flow_module |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2473 |
CKV2_AWS_75 |
resource |
aws_connect_hours_of_operation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2474 |
CKV2_AWS_75 |
resource |
aws_connect_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2475 |
CKV2_AWS_75 |
resource |
aws_connect_instance_storage_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2476 |
CKV2_AWS_75 |
resource |
aws_connect_lambda_function_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2477 |
CKV2_AWS_75 |
resource |
aws_connect_phone_number |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2478 |
CKV2_AWS_75 |
resource |
aws_connect_queue |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2479 |
CKV2_AWS_75 |
resource |
aws_connect_quick_connect |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2480 |
CKV2_AWS_75 |
resource |
aws_connect_routing_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2481 |
CKV2_AWS_75 |
resource |
aws_connect_security_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2482 |
CKV2_AWS_75 |
resource |
aws_connect_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2483 |
CKV2_AWS_75 |
resource |
aws_connect_user_hierarchy_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2484 |
CKV2_AWS_75 |
resource |
aws_connect_user_hierarchy_structure |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2485 |
CKV2_AWS_75 |
resource |
aws_connect_vocabulary |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2486 |
CKV2_AWS_75 |
resource |
aws_controltower_control |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2487 |
CKV2_AWS_75 |
resource |
aws_controltower_landing_zone |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2488 |
CKV2_AWS_75 |
resource |
aws_costoptimizationhub_enrollment_status |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2489 |
CKV2_AWS_75 |
resource |
aws_costoptimizationhub_preferences |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2490 |
CKV2_AWS_75 |
resource |
aws_cur_report_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2491 |
CKV2_AWS_75 |
resource |
aws_customer_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2492 |
CKV2_AWS_75 |
resource |
aws_customerprofiles_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2493 |
CKV2_AWS_75 |
resource |
aws_customerprofiles_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2494 |
CKV2_AWS_75 |
resource |
aws_dataexchange_data_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2495 |
CKV2_AWS_75 |
resource |
aws_dataexchange_revision |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2496 |
CKV2_AWS_75 |
resource |
aws_datapipeline_pipeline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2497 |
CKV2_AWS_75 |
resource |
aws_datapipeline_pipeline_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2498 |
CKV2_AWS_75 |
resource |
aws_datasync_agent |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2499 |
CKV2_AWS_75 |
resource |
aws_datasync_location_azure_blob |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2500 |
CKV2_AWS_75 |
resource |
aws_datasync_location_efs |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2501 |
CKV2_AWS_75 |
resource |
aws_datasync_location_fsx_lustre_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2502 |
CKV2_AWS_75 |
resource |
aws_datasync_location_fsx_ontap_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2503 |
CKV2_AWS_75 |
resource |
aws_datasync_location_fsx_openzfs_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2504 |
CKV2_AWS_75 |
resource |
aws_datasync_location_fsx_windows_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2505 |
CKV2_AWS_75 |
resource |
aws_datasync_location_hdfs |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2506 |
CKV2_AWS_75 |
resource |
aws_datasync_location_nfs |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2507 |
CKV2_AWS_75 |
resource |
aws_datasync_location_object_storage |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2508 |
CKV2_AWS_75 |
resource |
aws_datasync_location_s3 |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2509 |
CKV2_AWS_75 |
resource |
aws_datasync_location_smb |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2510 |
CKV2_AWS_75 |
resource |
aws_datasync_task |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2511 |
CKV2_AWS_75 |
resource |
aws_datazone_asset_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2512 |
CKV2_AWS_75 |
resource |
aws_datazone_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2513 |
CKV2_AWS_75 |
resource |
aws_datazone_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2514 |
CKV2_AWS_75 |
resource |
aws_datazone_environment_blueprint_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2515 |
CKV2_AWS_75 |
resource |
aws_datazone_environment_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2516 |
CKV2_AWS_75 |
resource |
aws_datazone_form_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2517 |
CKV2_AWS_75 |
resource |
aws_datazone_glossary |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2518 |
CKV2_AWS_75 |
resource |
aws_datazone_glossary_term |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2519 |
CKV2_AWS_75 |
resource |
aws_datazone_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2520 |
CKV2_AWS_75 |
resource |
aws_datazone_user_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2521 |
CKV2_AWS_75 |
resource |
aws_dax_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2522 |
CKV2_AWS_75 |
resource |
aws_dax_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2523 |
CKV2_AWS_75 |
resource |
aws_dax_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2524 |
CKV2_AWS_75 |
resource |
aws_db_cluster_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2525 |
CKV2_AWS_75 |
resource |
aws_db_event_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2526 |
CKV2_AWS_75 |
resource |
aws_db_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2527 |
CKV2_AWS_75 |
resource |
aws_db_instance_automated_backups_replication |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2528 |
CKV2_AWS_75 |
resource |
aws_db_instance_role_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2529 |
CKV2_AWS_75 |
resource |
aws_db_option_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2530 |
CKV2_AWS_75 |
resource |
aws_db_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2531 |
CKV2_AWS_75 |
resource |
aws_db_proxy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2532 |
CKV2_AWS_75 |
resource |
aws_db_proxy_default_target_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2533 |
CKV2_AWS_75 |
resource |
aws_db_proxy_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2534 |
CKV2_AWS_75 |
resource |
aws_db_proxy_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2535 |
CKV2_AWS_75 |
resource |
aws_db_security_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2536 |
CKV2_AWS_75 |
resource |
aws_db_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2537 |
CKV2_AWS_75 |
resource |
aws_db_snapshot_copy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2538 |
CKV2_AWS_75 |
resource |
aws_db_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2539 |
CKV2_AWS_75 |
resource |
aws_default_network_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2540 |
CKV2_AWS_75 |
resource |
aws_default_route_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2541 |
CKV2_AWS_75 |
resource |
aws_default_security_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2542 |
CKV2_AWS_75 |
resource |
aws_default_subnet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2543 |
CKV2_AWS_75 |
resource |
aws_default_vpc |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2544 |
CKV2_AWS_75 |
resource |
aws_default_vpc_dhcp_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2545 |
CKV2_AWS_75 |
resource |
aws_detective_graph |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2546 |
CKV2_AWS_75 |
resource |
aws_detective_invitation_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2547 |
CKV2_AWS_75 |
resource |
aws_detective_member |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2548 |
CKV2_AWS_75 |
resource |
aws_detective_organization_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2549 |
CKV2_AWS_75 |
resource |
aws_detective_organization_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2550 |
CKV2_AWS_75 |
resource |
aws_devicefarm_device_pool |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2551 |
CKV2_AWS_75 |
resource |
aws_devicefarm_instance_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2552 |
CKV2_AWS_75 |
resource |
aws_devicefarm_network_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2553 |
CKV2_AWS_75 |
resource |
aws_devicefarm_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2554 |
CKV2_AWS_75 |
resource |
aws_devicefarm_test_grid_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2555 |
CKV2_AWS_75 |
resource |
aws_devicefarm_upload |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2556 |
CKV2_AWS_75 |
resource |
aws_devopsguru_event_sources_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2557 |
CKV2_AWS_75 |
resource |
aws_devopsguru_notification_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2558 |
CKV2_AWS_75 |
resource |
aws_devopsguru_resource_collection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2559 |
CKV2_AWS_75 |
resource |
aws_devopsguru_service_integration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2560 |
CKV2_AWS_75 |
resource |
aws_directory_service_conditional_forwarder |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2561 |
CKV2_AWS_75 |
resource |
aws_directory_service_directory |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2562 |
CKV2_AWS_75 |
resource |
aws_directory_service_log_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2563 |
CKV2_AWS_75 |
resource |
aws_directory_service_radius_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2564 |
CKV2_AWS_75 |
resource |
aws_directory_service_region |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2565 |
CKV2_AWS_75 |
resource |
aws_directory_service_shared_directory |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2566 |
CKV2_AWS_75 |
resource |
aws_directory_service_shared_directory_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2567 |
CKV2_AWS_75 |
resource |
aws_directory_service_trust |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2568 |
CKV2_AWS_75 |
resource |
aws_dlm_lifecycle_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2569 |
CKV2_AWS_75 |
resource |
aws_dms_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2570 |
CKV2_AWS_75 |
resource |
aws_dms_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2571 |
CKV2_AWS_75 |
resource |
aws_dms_event_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2572 |
CKV2_AWS_75 |
resource |
aws_dms_replication_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2573 |
CKV2_AWS_75 |
resource |
aws_dms_replication_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2574 |
CKV2_AWS_75 |
resource |
aws_dms_replication_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2575 |
CKV2_AWS_75 |
resource |
aws_dms_replication_task |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2576 |
CKV2_AWS_75 |
resource |
aws_dms_s3_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2577 |
CKV2_AWS_75 |
resource |
aws_docdb_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2578 |
CKV2_AWS_75 |
resource |
aws_docdb_cluster_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2579 |
CKV2_AWS_75 |
resource |
aws_docdb_cluster_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2580 |
CKV2_AWS_75 |
resource |
aws_docdb_cluster_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2581 |
CKV2_AWS_75 |
resource |
aws_docdb_event_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2582 |
CKV2_AWS_75 |
resource |
aws_docdb_global_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2583 |
CKV2_AWS_75 |
resource |
aws_docdb_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2584 |
CKV2_AWS_75 |
resource |
aws_docdbelastic_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2585 |
CKV2_AWS_75 |
resource |
aws_drs_replication_configuration_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2586 |
CKV2_AWS_75 |
resource |
aws_dx_bgp_peer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2587 |
CKV2_AWS_75 |
resource |
aws_dx_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2588 |
CKV2_AWS_75 |
resource |
aws_dx_connection_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2589 |
CKV2_AWS_75 |
resource |
aws_dx_connection_confirmation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2590 |
CKV2_AWS_75 |
resource |
aws_dx_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2591 |
CKV2_AWS_75 |
resource |
aws_dx_gateway_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2592 |
CKV2_AWS_75 |
resource |
aws_dx_gateway_association_proposal |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2593 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2594 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_private_virtual_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2595 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_private_virtual_interface_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2596 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_public_virtual_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2597 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_public_virtual_interface_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2598 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_transit_virtual_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2599 |
CKV2_AWS_75 |
resource |
aws_dx_hosted_transit_virtual_interface_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2600 |
CKV2_AWS_75 |
resource |
aws_dx_lag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2601 |
CKV2_AWS_75 |
resource |
aws_dx_macsec_key_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2602 |
CKV2_AWS_75 |
resource |
aws_dx_private_virtual_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2603 |
CKV2_AWS_75 |
resource |
aws_dx_public_virtual_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2604 |
CKV2_AWS_75 |
resource |
aws_dx_transit_virtual_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2605 |
CKV2_AWS_75 |
resource |
aws_dynamodb_contributor_insights |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2606 |
CKV2_AWS_75 |
resource |
aws_dynamodb_global_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2607 |
CKV2_AWS_75 |
resource |
aws_dynamodb_kinesis_streaming_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2608 |
CKV2_AWS_75 |
resource |
aws_dynamodb_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2609 |
CKV2_AWS_75 |
resource |
aws_dynamodb_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2610 |
CKV2_AWS_75 |
resource |
aws_dynamodb_table_export |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2611 |
CKV2_AWS_75 |
resource |
aws_dynamodb_table_item |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2612 |
CKV2_AWS_75 |
resource |
aws_dynamodb_table_replica |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2613 |
CKV2_AWS_75 |
resource |
aws_dynamodb_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2614 |
CKV2_AWS_75 |
resource |
aws_ebs_default_kms_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2615 |
CKV2_AWS_75 |
resource |
aws_ebs_encryption_by_default |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2616 |
CKV2_AWS_75 |
resource |
aws_ebs_fast_snapshot_restore |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2617 |
CKV2_AWS_75 |
resource |
aws_ebs_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2618 |
CKV2_AWS_75 |
resource |
aws_ebs_snapshot_block_public_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2619 |
CKV2_AWS_75 |
resource |
aws_ebs_snapshot_copy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2620 |
CKV2_AWS_75 |
resource |
aws_ebs_snapshot_import |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2621 |
CKV2_AWS_75 |
resource |
aws_ebs_volume |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2622 |
CKV2_AWS_75 |
resource |
aws_ec2_availability_zone_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2623 |
CKV2_AWS_75 |
resource |
aws_ec2_capacity_block_reservation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2624 |
CKV2_AWS_75 |
resource |
aws_ec2_capacity_reservation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2625 |
CKV2_AWS_75 |
resource |
aws_ec2_carrier_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2626 |
CKV2_AWS_75 |
resource |
aws_ec2_client_vpn_authorization_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2627 |
CKV2_AWS_75 |
resource |
aws_ec2_client_vpn_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2628 |
CKV2_AWS_75 |
resource |
aws_ec2_client_vpn_network_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2629 |
CKV2_AWS_75 |
resource |
aws_ec2_client_vpn_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2630 |
CKV2_AWS_75 |
resource |
aws_ec2_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2631 |
CKV2_AWS_75 |
resource |
aws_ec2_host |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2632 |
CKV2_AWS_75 |
resource |
aws_ec2_image_block_public_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2633 |
CKV2_AWS_75 |
resource |
aws_ec2_instance_connect_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2634 |
CKV2_AWS_75 |
resource |
aws_ec2_instance_metadata_defaults |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2635 |
CKV2_AWS_75 |
resource |
aws_ec2_instance_state |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2636 |
CKV2_AWS_75 |
resource |
aws_ec2_local_gateway_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2637 |
CKV2_AWS_75 |
resource |
aws_ec2_local_gateway_route_table_vpc_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2638 |
CKV2_AWS_75 |
resource |
aws_ec2_managed_prefix_list |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2639 |
CKV2_AWS_75 |
resource |
aws_ec2_managed_prefix_list_entry |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2640 |
CKV2_AWS_75 |
resource |
aws_ec2_network_insights_analysis |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2641 |
CKV2_AWS_75 |
resource |
aws_ec2_network_insights_path |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2642 |
CKV2_AWS_75 |
resource |
aws_ec2_serial_console_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2643 |
CKV2_AWS_75 |
resource |
aws_ec2_subnet_cidr_reservation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2644 |
CKV2_AWS_75 |
resource |
aws_ec2_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2645 |
CKV2_AWS_75 |
resource |
aws_ec2_traffic_mirror_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2646 |
CKV2_AWS_75 |
resource |
aws_ec2_traffic_mirror_filter_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2647 |
CKV2_AWS_75 |
resource |
aws_ec2_traffic_mirror_session |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2648 |
CKV2_AWS_75 |
resource |
aws_ec2_traffic_mirror_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2649 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2650 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_connect |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2651 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_connect_peer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2652 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_default_route_table_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2653 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_default_route_table_propagation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2654 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_multicast_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2655 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_multicast_domain_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2656 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_multicast_group_member |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2657 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_multicast_group_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2658 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_peering_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2659 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_peering_attachment_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2660 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_policy_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2661 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_policy_table_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2662 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_prefix_list_reference |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2663 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2664 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_route_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2665 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_route_table_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2666 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_route_table_propagation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2667 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_vpc_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2668 |
CKV2_AWS_75 |
resource |
aws_ec2_transit_gateway_vpc_attachment_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2669 |
CKV2_AWS_75 |
resource |
aws_ecr_account_setting |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2670 |
CKV2_AWS_75 |
resource |
aws_ecr_lifecycle_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2671 |
CKV2_AWS_75 |
resource |
aws_ecr_pull_through_cache_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2672 |
CKV2_AWS_75 |
resource |
aws_ecr_registry_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2673 |
CKV2_AWS_75 |
resource |
aws_ecr_registry_scanning_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2674 |
CKV2_AWS_75 |
resource |
aws_ecr_replication_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2675 |
CKV2_AWS_75 |
resource |
aws_ecr_repository |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2676 |
CKV2_AWS_75 |
resource |
aws_ecr_repository_creation_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2677 |
CKV2_AWS_75 |
resource |
aws_ecr_repository_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2678 |
CKV2_AWS_75 |
resource |
aws_ecrpublic_repository |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2679 |
CKV2_AWS_75 |
resource |
aws_ecrpublic_repository_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2680 |
CKV2_AWS_75 |
resource |
aws_ecs_account_setting_default |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2681 |
CKV2_AWS_75 |
resource |
aws_ecs_capacity_provider |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2682 |
CKV2_AWS_75 |
resource |
aws_ecs_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2683 |
CKV2_AWS_75 |
resource |
aws_ecs_cluster_capacity_providers |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2684 |
CKV2_AWS_75 |
resource |
aws_ecs_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2685 |
CKV2_AWS_75 |
resource |
aws_ecs_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2686 |
CKV2_AWS_75 |
resource |
aws_ecs_task_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2687 |
CKV2_AWS_75 |
resource |
aws_ecs_task_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2688 |
CKV2_AWS_75 |
resource |
aws_efs_access_point |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2689 |
CKV2_AWS_75 |
resource |
aws_efs_backup_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2690 |
CKV2_AWS_75 |
resource |
aws_efs_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2691 |
CKV2_AWS_75 |
resource |
aws_efs_file_system_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2692 |
CKV2_AWS_75 |
resource |
aws_efs_mount_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2693 |
CKV2_AWS_75 |
resource |
aws_efs_replication_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2694 |
CKV2_AWS_75 |
resource |
aws_egress_only_internet_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2695 |
CKV2_AWS_75 |
resource |
aws_eip |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2696 |
CKV2_AWS_75 |
resource |
aws_eip_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2697 |
CKV2_AWS_75 |
resource |
aws_eip_domain_name |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2698 |
CKV2_AWS_75 |
resource |
aws_eks_access_entry |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2699 |
CKV2_AWS_75 |
resource |
aws_eks_access_policy_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2700 |
CKV2_AWS_75 |
resource |
aws_eks_addon |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2701 |
CKV2_AWS_75 |
resource |
aws_eks_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2702 |
CKV2_AWS_75 |
resource |
aws_eks_fargate_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2703 |
CKV2_AWS_75 |
resource |
aws_eks_identity_provider_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2704 |
CKV2_AWS_75 |
resource |
aws_eks_node_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2705 |
CKV2_AWS_75 |
resource |
aws_eks_pod_identity_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2706 |
CKV2_AWS_75 |
resource |
aws_elastic_beanstalk_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2707 |
CKV2_AWS_75 |
resource |
aws_elastic_beanstalk_application_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2708 |
CKV2_AWS_75 |
resource |
aws_elastic_beanstalk_configuration_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2709 |
CKV2_AWS_75 |
resource |
aws_elastic_beanstalk_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2710 |
CKV2_AWS_75 |
resource |
aws_elasticache_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2711 |
CKV2_AWS_75 |
resource |
aws_elasticache_global_replication_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2712 |
CKV2_AWS_75 |
resource |
aws_elasticache_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2713 |
CKV2_AWS_75 |
resource |
aws_elasticache_replication_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2714 |
CKV2_AWS_75 |
resource |
aws_elasticache_reserved_cache_node |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2715 |
CKV2_AWS_75 |
resource |
aws_elasticache_security_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2716 |
CKV2_AWS_75 |
resource |
aws_elasticache_serverless_cache |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2717 |
CKV2_AWS_75 |
resource |
aws_elasticache_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2718 |
CKV2_AWS_75 |
resource |
aws_elasticache_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2719 |
CKV2_AWS_75 |
resource |
aws_elasticache_user_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2720 |
CKV2_AWS_75 |
resource |
aws_elasticache_user_group_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2721 |
CKV2_AWS_75 |
resource |
aws_elasticsearch_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2722 |
CKV2_AWS_75 |
resource |
aws_elasticsearch_domain_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2723 |
CKV2_AWS_75 |
resource |
aws_elasticsearch_domain_saml_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2724 |
CKV2_AWS_75 |
resource |
aws_elasticsearch_vpc_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2725 |
CKV2_AWS_75 |
resource |
aws_elastictranscoder_pipeline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2726 |
CKV2_AWS_75 |
resource |
aws_elastictranscoder_preset |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2727 |
CKV2_AWS_75 |
resource |
aws_elb |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2728 |
CKV2_AWS_75 |
resource |
aws_elb_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2729 |
CKV2_AWS_75 |
resource |
aws_emr_block_public_access_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2730 |
CKV2_AWS_75 |
resource |
aws_emr_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2731 |
CKV2_AWS_75 |
resource |
aws_emr_instance_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2732 |
CKV2_AWS_75 |
resource |
aws_emr_instance_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2733 |
CKV2_AWS_75 |
resource |
aws_emr_managed_scaling_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2734 |
CKV2_AWS_75 |
resource |
aws_emr_security_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2735 |
CKV2_AWS_75 |
resource |
aws_emr_studio |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2736 |
CKV2_AWS_75 |
resource |
aws_emr_studio_session_mapping |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2737 |
CKV2_AWS_75 |
resource |
aws_emrcontainers_job_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2738 |
CKV2_AWS_75 |
resource |
aws_emrcontainers_virtual_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2739 |
CKV2_AWS_75 |
resource |
aws_emrserverless_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2740 |
CKV2_AWS_75 |
resource |
aws_evidently_feature |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2741 |
CKV2_AWS_75 |
resource |
aws_evidently_launch |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2742 |
CKV2_AWS_75 |
resource |
aws_evidently_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2743 |
CKV2_AWS_75 |
resource |
aws_evidently_segment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2744 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2745 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_database |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2746 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_dataview |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2747 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2748 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_scaling_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2749 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2750 |
CKV2_AWS_75 |
resource |
aws_finspace_kx_volume |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2751 |
CKV2_AWS_75 |
resource |
aws_fis_experiment_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2752 |
CKV2_AWS_75 |
resource |
aws_flow_log |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2753 |
CKV2_AWS_75 |
resource |
aws_fms_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2754 |
CKV2_AWS_75 |
resource |
aws_fms_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2755 |
CKV2_AWS_75 |
resource |
aws_fms_resource_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2756 |
CKV2_AWS_75 |
resource |
aws_fsx_backup |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2757 |
CKV2_AWS_75 |
resource |
aws_fsx_data_repository_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2758 |
CKV2_AWS_75 |
resource |
aws_fsx_file_cache |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2759 |
CKV2_AWS_75 |
resource |
aws_fsx_lustre_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2760 |
CKV2_AWS_75 |
resource |
aws_fsx_ontap_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2761 |
CKV2_AWS_75 |
resource |
aws_fsx_ontap_storage_virtual_machine |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2762 |
CKV2_AWS_75 |
resource |
aws_fsx_ontap_volume |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2763 |
CKV2_AWS_75 |
resource |
aws_fsx_openzfs_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2764 |
CKV2_AWS_75 |
resource |
aws_fsx_openzfs_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2765 |
CKV2_AWS_75 |
resource |
aws_fsx_openzfs_volume |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2766 |
CKV2_AWS_75 |
resource |
aws_fsx_windows_file_system |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2767 |
CKV2_AWS_75 |
resource |
aws_gamelift_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2768 |
CKV2_AWS_75 |
resource |
aws_gamelift_build |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2769 |
CKV2_AWS_75 |
resource |
aws_gamelift_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2770 |
CKV2_AWS_75 |
resource |
aws_gamelift_game_server_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2771 |
CKV2_AWS_75 |
resource |
aws_gamelift_game_session_queue |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2772 |
CKV2_AWS_75 |
resource |
aws_gamelift_script |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2773 |
CKV2_AWS_75 |
resource |
aws_glacier_vault |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2774 |
CKV2_AWS_75 |
resource |
aws_glacier_vault_lock |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2775 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_accelerator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2776 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_cross_account_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2777 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_custom_routing_accelerator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2778 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_custom_routing_endpoint_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2779 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_custom_routing_listener |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2780 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_endpoint_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2781 |
CKV2_AWS_75 |
resource |
aws_globalaccelerator_listener |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2782 |
CKV2_AWS_75 |
resource |
aws_glue_catalog_database |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2783 |
CKV2_AWS_75 |
resource |
aws_glue_catalog_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2784 |
CKV2_AWS_75 |
resource |
aws_glue_catalog_table_optimizer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2785 |
CKV2_AWS_75 |
resource |
aws_glue_classifier |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2786 |
CKV2_AWS_75 |
resource |
aws_glue_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2787 |
CKV2_AWS_75 |
resource |
aws_glue_crawler |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2788 |
CKV2_AWS_75 |
resource |
aws_glue_data_catalog_encryption_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2789 |
CKV2_AWS_75 |
resource |
aws_glue_data_quality_ruleset |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2790 |
CKV2_AWS_75 |
resource |
aws_glue_dev_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2791 |
CKV2_AWS_75 |
resource |
aws_glue_job |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2792 |
CKV2_AWS_75 |
resource |
aws_glue_ml_transform |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2793 |
CKV2_AWS_75 |
resource |
aws_glue_partition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2794 |
CKV2_AWS_75 |
resource |
aws_glue_partition_index |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2795 |
CKV2_AWS_75 |
resource |
aws_glue_registry |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2796 |
CKV2_AWS_75 |
resource |
aws_glue_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2797 |
CKV2_AWS_75 |
resource |
aws_glue_schema |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2798 |
CKV2_AWS_75 |
resource |
aws_glue_security_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2799 |
CKV2_AWS_75 |
resource |
aws_glue_trigger |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2800 |
CKV2_AWS_75 |
resource |
aws_glue_user_defined_function |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2801 |
CKV2_AWS_75 |
resource |
aws_glue_workflow |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2802 |
CKV2_AWS_75 |
resource |
aws_grafana_license_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2803 |
CKV2_AWS_75 |
resource |
aws_grafana_role_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2804 |
CKV2_AWS_75 |
resource |
aws_grafana_workspace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2805 |
CKV2_AWS_75 |
resource |
aws_grafana_workspace_api_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2806 |
CKV2_AWS_75 |
resource |
aws_grafana_workspace_saml_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2807 |
CKV2_AWS_75 |
resource |
aws_grafana_workspace_service_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2808 |
CKV2_AWS_75 |
resource |
aws_grafana_workspace_service_account_token |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2809 |
CKV2_AWS_75 |
resource |
aws_guardduty_detector |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2810 |
CKV2_AWS_75 |
resource |
aws_guardduty_detector_feature |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2811 |
CKV2_AWS_75 |
resource |
aws_guardduty_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2812 |
CKV2_AWS_75 |
resource |
aws_guardduty_invite_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2813 |
CKV2_AWS_75 |
resource |
aws_guardduty_ipset |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2814 |
CKV2_AWS_75 |
resource |
aws_guardduty_malware_protection_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2815 |
CKV2_AWS_75 |
resource |
aws_guardduty_member |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2816 |
CKV2_AWS_75 |
resource |
aws_guardduty_member_detector_feature |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2817 |
CKV2_AWS_75 |
resource |
aws_guardduty_organization_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2818 |
CKV2_AWS_75 |
resource |
aws_guardduty_organization_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2819 |
CKV2_AWS_75 |
resource |
aws_guardduty_organization_configuration_feature |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2820 |
CKV2_AWS_75 |
resource |
aws_guardduty_publishing_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2821 |
CKV2_AWS_75 |
resource |
aws_guardduty_threatintelset |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2822 |
CKV2_AWS_75 |
resource |
aws_iam_access_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2823 |
CKV2_AWS_75 |
resource |
aws_iam_account_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2824 |
CKV2_AWS_75 |
resource |
aws_iam_account_password_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2825 |
CKV2_AWS_75 |
resource |
aws_iam_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2826 |
CKV2_AWS_75 |
resource |
aws_iam_group_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2827 |
CKV2_AWS_75 |
resource |
aws_iam_group_policies_exclusive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2828 |
CKV2_AWS_75 |
resource |
aws_iam_group_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2829 |
CKV2_AWS_75 |
resource |
aws_iam_group_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2830 |
CKV2_AWS_75 |
resource |
aws_iam_group_policy_attachments_exclusive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2831 |
CKV2_AWS_75 |
resource |
aws_iam_instance_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2832 |
CKV2_AWS_75 |
resource |
aws_iam_openid_connect_provider |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2833 |
CKV2_AWS_75 |
resource |
aws_iam_organizations_features |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2834 |
CKV2_AWS_75 |
resource |
aws_iam_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2835 |
CKV2_AWS_75 |
resource |
aws_iam_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2836 |
CKV2_AWS_75 |
resource |
aws_iam_policy_document |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2837 |
CKV2_AWS_75 |
resource |
aws_iam_role |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2838 |
CKV2_AWS_75 |
resource |
aws_iam_role_policies_exclusive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2839 |
CKV2_AWS_75 |
resource |
aws_iam_role_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2840 |
CKV2_AWS_75 |
resource |
aws_iam_role_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2841 |
CKV2_AWS_75 |
resource |
aws_iam_role_policy_attachments_exclusive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2842 |
CKV2_AWS_75 |
resource |
aws_iam_saml_provider |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2843 |
CKV2_AWS_75 |
resource |
aws_iam_security_token_service_preferences |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2844 |
CKV2_AWS_75 |
resource |
aws_iam_server_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2845 |
CKV2_AWS_75 |
resource |
aws_iam_service_linked_role |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2846 |
CKV2_AWS_75 |
resource |
aws_iam_service_specific_credential |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2847 |
CKV2_AWS_75 |
resource |
aws_iam_signing_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2848 |
CKV2_AWS_75 |
resource |
aws_iam_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2849 |
CKV2_AWS_75 |
resource |
aws_iam_user_group_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2850 |
CKV2_AWS_75 |
resource |
aws_iam_user_login_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2851 |
CKV2_AWS_75 |
resource |
aws_iam_user_policies_exclusive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2852 |
CKV2_AWS_75 |
resource |
aws_iam_user_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2853 |
CKV2_AWS_75 |
resource |
aws_iam_user_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2854 |
CKV2_AWS_75 |
resource |
aws_iam_user_policy_attachments_exclusive |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2855 |
CKV2_AWS_75 |
resource |
aws_iam_user_ssh_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2856 |
CKV2_AWS_75 |
resource |
aws_iam_virtual_mfa_device |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2857 |
CKV2_AWS_75 |
resource |
aws_identitystore_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2858 |
CKV2_AWS_75 |
resource |
aws_identitystore_group_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2859 |
CKV2_AWS_75 |
resource |
aws_identitystore_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2860 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_component |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2861 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_container_recipe |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2862 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_distribution_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2863 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_image |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2864 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_image_pipeline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2865 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_image_recipe |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2866 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_infrastructure_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2867 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_lifecycle_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2868 |
CKV2_AWS_75 |
resource |
aws_imagebuilder_workflow |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2869 |
CKV2_AWS_75 |
resource |
aws_inspector2_delegated_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2870 |
CKV2_AWS_75 |
resource |
aws_inspector2_enabler |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2871 |
CKV2_AWS_75 |
resource |
aws_inspector2_member_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2872 |
CKV2_AWS_75 |
resource |
aws_inspector2_organization_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2873 |
CKV2_AWS_75 |
resource |
aws_inspector_assessment_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2874 |
CKV2_AWS_75 |
resource |
aws_inspector_assessment_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2875 |
CKV2_AWS_75 |
resource |
aws_inspector_resource_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2876 |
CKV2_AWS_75 |
resource |
aws_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2877 |
CKV2_AWS_75 |
resource |
aws_internet_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2878 |
CKV2_AWS_75 |
resource |
aws_internet_gateway_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2879 |
CKV2_AWS_75 |
resource |
aws_internetmonitor_monitor |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2880 |
CKV2_AWS_75 |
resource |
aws_iot_authorizer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2881 |
CKV2_AWS_75 |
resource |
aws_iot_billing_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2882 |
CKV2_AWS_75 |
resource |
aws_iot_ca_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2883 |
CKV2_AWS_75 |
resource |
aws_iot_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2884 |
CKV2_AWS_75 |
resource |
aws_iot_domain_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2885 |
CKV2_AWS_75 |
resource |
aws_iot_event_configurations |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2886 |
CKV2_AWS_75 |
resource |
aws_iot_indexing_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2887 |
CKV2_AWS_75 |
resource |
aws_iot_logging_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2888 |
CKV2_AWS_75 |
resource |
aws_iot_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2889 |
CKV2_AWS_75 |
resource |
aws_iot_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2890 |
CKV2_AWS_75 |
resource |
aws_iot_provisioning_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2891 |
CKV2_AWS_75 |
resource |
aws_iot_role_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2892 |
CKV2_AWS_75 |
resource |
aws_iot_thing |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2893 |
CKV2_AWS_75 |
resource |
aws_iot_thing_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2894 |
CKV2_AWS_75 |
resource |
aws_iot_thing_group_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2895 |
CKV2_AWS_75 |
resource |
aws_iot_thing_principal_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2896 |
CKV2_AWS_75 |
resource |
aws_iot_thing_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2897 |
CKV2_AWS_75 |
resource |
aws_iot_topic_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2898 |
CKV2_AWS_75 |
resource |
aws_iot_topic_rule_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2899 |
CKV2_AWS_75 |
resource |
aws_ivs_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2900 |
CKV2_AWS_75 |
resource |
aws_ivs_playback_key_pair |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2901 |
CKV2_AWS_75 |
resource |
aws_ivs_recording_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2902 |
CKV2_AWS_75 |
resource |
aws_ivschat_logging_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2903 |
CKV2_AWS_75 |
resource |
aws_ivschat_room |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2904 |
CKV2_AWS_75 |
resource |
aws_kendra_data_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2905 |
CKV2_AWS_75 |
resource |
aws_kendra_experience |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2906 |
CKV2_AWS_75 |
resource |
aws_kendra_faq |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2907 |
CKV2_AWS_75 |
resource |
aws_kendra_index |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2908 |
CKV2_AWS_75 |
resource |
aws_kendra_query_suggestions_block_list |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2909 |
CKV2_AWS_75 |
resource |
aws_kendra_thesaurus |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2910 |
CKV2_AWS_75 |
resource |
aws_key_pair |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2911 |
CKV2_AWS_75 |
resource |
aws_keyspaces_keyspace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2912 |
CKV2_AWS_75 |
resource |
aws_keyspaces_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2913 |
CKV2_AWS_75 |
resource |
aws_kinesis_analytics_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2914 |
CKV2_AWS_75 |
resource |
aws_kinesis_firehose_delivery_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2915 |
CKV2_AWS_75 |
resource |
aws_kinesis_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2916 |
CKV2_AWS_75 |
resource |
aws_kinesis_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2917 |
CKV2_AWS_75 |
resource |
aws_kinesis_stream_consumer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2918 |
CKV2_AWS_75 |
resource |
aws_kinesis_video_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2919 |
CKV2_AWS_75 |
resource |
aws_kinesisanalyticsv2_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2920 |
CKV2_AWS_75 |
resource |
aws_kinesisanalyticsv2_application_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2921 |
CKV2_AWS_75 |
resource |
aws_kms_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2922 |
CKV2_AWS_75 |
resource |
aws_kms_ciphertext |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2923 |
CKV2_AWS_75 |
resource |
aws_kms_custom_key_store |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2924 |
CKV2_AWS_75 |
resource |
aws_kms_external_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2925 |
CKV2_AWS_75 |
resource |
aws_kms_grant |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2926 |
CKV2_AWS_75 |
resource |
aws_kms_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2927 |
CKV2_AWS_75 |
resource |
aws_kms_key_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2928 |
CKV2_AWS_75 |
resource |
aws_kms_replica_external_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2929 |
CKV2_AWS_75 |
resource |
aws_kms_replica_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2930 |
CKV2_AWS_75 |
resource |
aws_lakeformation_data_cells_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2931 |
CKV2_AWS_75 |
resource |
aws_lakeformation_data_lake_settings |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2932 |
CKV2_AWS_75 |
resource |
aws_lakeformation_lf_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2933 |
CKV2_AWS_75 |
resource |
aws_lakeformation_permissions |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2934 |
CKV2_AWS_75 |
resource |
aws_lakeformation_resource |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2935 |
CKV2_AWS_75 |
resource |
aws_lakeformation_resource_lf_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2936 |
CKV2_AWS_75 |
resource |
aws_lakeformation_resource_lf_tags |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2937 |
CKV2_AWS_75 |
resource |
aws_lambda_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2938 |
CKV2_AWS_75 |
resource |
aws_lambda_code_signing_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2939 |
CKV2_AWS_75 |
resource |
aws_lambda_event_source_mapping |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2940 |
CKV2_AWS_75 |
resource |
aws_lambda_function |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2941 |
CKV2_AWS_75 |
resource |
aws_lambda_function_event_invoke_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2942 |
CKV2_AWS_75 |
resource |
aws_lambda_function_recursion_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2943 |
CKV2_AWS_75 |
resource |
aws_lambda_function_url |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2944 |
CKV2_AWS_75 |
resource |
aws_lambda_invocation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2945 |
CKV2_AWS_75 |
resource |
aws_lambda_layer_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2946 |
CKV2_AWS_75 |
resource |
aws_lambda_layer_version_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2947 |
CKV2_AWS_75 |
resource |
aws_lambda_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2948 |
CKV2_AWS_75 |
resource |
aws_lambda_provisioned_concurrency_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2949 |
CKV2_AWS_75 |
resource |
aws_lambda_runtime_management_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2950 |
CKV2_AWS_75 |
resource |
aws_launch_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2951 |
CKV2_AWS_75 |
resource |
aws_launch_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2952 |
CKV2_AWS_75 |
resource |
aws_lb |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2953 |
CKV2_AWS_75 |
resource |
aws_lb_cookie_stickiness_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2954 |
CKV2_AWS_75 |
resource |
aws_lb_listener |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2955 |
CKV2_AWS_75 |
resource |
aws_lb_listener_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2956 |
CKV2_AWS_75 |
resource |
aws_lb_listener_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2957 |
CKV2_AWS_75 |
resource |
aws_lb_ssl_negotiation_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2958 |
CKV2_AWS_75 |
resource |
aws_lb_target_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2959 |
CKV2_AWS_75 |
resource |
aws_lb_target_group_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2960 |
CKV2_AWS_75 |
resource |
aws_lb_trust_store |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2961 |
CKV2_AWS_75 |
resource |
aws_lb_trust_store_revocation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2962 |
CKV2_AWS_75 |
resource |
aws_lex_bot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2963 |
CKV2_AWS_75 |
resource |
aws_lex_bot_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2964 |
CKV2_AWS_75 |
resource |
aws_lex_intent |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2965 |
CKV2_AWS_75 |
resource |
aws_lex_slot_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2966 |
CKV2_AWS_75 |
resource |
aws_lexv2models_bot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2967 |
CKV2_AWS_75 |
resource |
aws_lexv2models_bot_locale |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2968 |
CKV2_AWS_75 |
resource |
aws_lexv2models_bot_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2969 |
CKV2_AWS_75 |
resource |
aws_lexv2models_intent |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2970 |
CKV2_AWS_75 |
resource |
aws_lexv2models_slot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2971 |
CKV2_AWS_75 |
resource |
aws_lexv2models_slot_type |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2972 |
CKV2_AWS_75 |
resource |
aws_licensemanager_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2973 |
CKV2_AWS_75 |
resource |
aws_licensemanager_grant |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2974 |
CKV2_AWS_75 |
resource |
aws_licensemanager_grant_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2975 |
CKV2_AWS_75 |
resource |
aws_licensemanager_license_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2976 |
CKV2_AWS_75 |
resource |
aws_lightsail_bucket |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2977 |
CKV2_AWS_75 |
resource |
aws_lightsail_bucket_access_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2978 |
CKV2_AWS_75 |
resource |
aws_lightsail_bucket_resource_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2979 |
CKV2_AWS_75 |
resource |
aws_lightsail_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2980 |
CKV2_AWS_75 |
resource |
aws_lightsail_container_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2981 |
CKV2_AWS_75 |
resource |
aws_lightsail_container_service_deployment_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2982 |
CKV2_AWS_75 |
resource |
aws_lightsail_database |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2983 |
CKV2_AWS_75 |
resource |
aws_lightsail_disk |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2984 |
CKV2_AWS_75 |
resource |
aws_lightsail_disk_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2985 |
CKV2_AWS_75 |
resource |
aws_lightsail_distribution |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2986 |
CKV2_AWS_75 |
resource |
aws_lightsail_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2987 |
CKV2_AWS_75 |
resource |
aws_lightsail_domain_entry |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2988 |
CKV2_AWS_75 |
resource |
aws_lightsail_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2989 |
CKV2_AWS_75 |
resource |
aws_lightsail_instance_public_ports |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2990 |
CKV2_AWS_75 |
resource |
aws_lightsail_key_pair |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2991 |
CKV2_AWS_75 |
resource |
aws_lightsail_lb |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2992 |
CKV2_AWS_75 |
resource |
aws_lightsail_lb_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2993 |
CKV2_AWS_75 |
resource |
aws_lightsail_lb_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2994 |
CKV2_AWS_75 |
resource |
aws_lightsail_lb_certificate_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2995 |
CKV2_AWS_75 |
resource |
aws_lightsail_lb_https_redirection_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2996 |
CKV2_AWS_75 |
resource |
aws_lightsail_lb_stickiness_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2997 |
CKV2_AWS_75 |
resource |
aws_lightsail_static_ip |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2998 |
CKV2_AWS_75 |
resource |
aws_lightsail_static_ip_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 2999 |
CKV2_AWS_75 |
resource |
aws_load_balancer_backend_server_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3000 |
CKV2_AWS_75 |
resource |
aws_load_balancer_listener_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3001 |
CKV2_AWS_75 |
resource |
aws_load_balancer_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3002 |
CKV2_AWS_75 |
resource |
aws_location_geofence_collection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3003 |
CKV2_AWS_75 |
resource |
aws_location_map |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3004 |
CKV2_AWS_75 |
resource |
aws_location_place_index |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3005 |
CKV2_AWS_75 |
resource |
aws_location_route_calculator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3006 |
CKV2_AWS_75 |
resource |
aws_location_tracker |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3007 |
CKV2_AWS_75 |
resource |
aws_location_tracker_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3008 |
CKV2_AWS_75 |
resource |
aws_m2_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3009 |
CKV2_AWS_75 |
resource |
aws_m2_deployment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3010 |
CKV2_AWS_75 |
resource |
aws_m2_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3011 |
CKV2_AWS_75 |
resource |
aws_macie2_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3012 |
CKV2_AWS_75 |
resource |
aws_macie2_classification_export_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3013 |
CKV2_AWS_75 |
resource |
aws_macie2_classification_job |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3014 |
CKV2_AWS_75 |
resource |
aws_macie2_custom_data_identifier |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3015 |
CKV2_AWS_75 |
resource |
aws_macie2_findings_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3016 |
CKV2_AWS_75 |
resource |
aws_macie2_invitation_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3017 |
CKV2_AWS_75 |
resource |
aws_macie2_member |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3018 |
CKV2_AWS_75 |
resource |
aws_macie2_organization_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3019 |
CKV2_AWS_75 |
resource |
aws_macie_member_account_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3020 |
CKV2_AWS_75 |
resource |
aws_macie_s3_bucket_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3021 |
CKV2_AWS_75 |
resource |
aws_main_route_table_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3022 |
CKV2_AWS_75 |
resource |
aws_media_convert_queue |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3023 |
CKV2_AWS_75 |
resource |
aws_media_package_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3024 |
CKV2_AWS_75 |
resource |
aws_media_packagev2_channel_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3025 |
CKV2_AWS_75 |
resource |
aws_media_store_container |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3026 |
CKV2_AWS_75 |
resource |
aws_media_store_container_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3027 |
CKV2_AWS_75 |
resource |
aws_medialive_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3028 |
CKV2_AWS_75 |
resource |
aws_medialive_input |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3029 |
CKV2_AWS_75 |
resource |
aws_medialive_input_security_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3030 |
CKV2_AWS_75 |
resource |
aws_medialive_multiplex |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3031 |
CKV2_AWS_75 |
resource |
aws_medialive_multiplex_program |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3032 |
CKV2_AWS_75 |
resource |
aws_memorydb_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3033 |
CKV2_AWS_75 |
resource |
aws_memorydb_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3034 |
CKV2_AWS_75 |
resource |
aws_memorydb_multi_region_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3035 |
CKV2_AWS_75 |
resource |
aws_memorydb_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3036 |
CKV2_AWS_75 |
resource |
aws_memorydb_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3037 |
CKV2_AWS_75 |
resource |
aws_memorydb_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3038 |
CKV2_AWS_75 |
resource |
aws_memorydb_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3039 |
CKV2_AWS_75 |
resource |
aws_mq_broker |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3040 |
CKV2_AWS_75 |
resource |
aws_mq_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3041 |
CKV2_AWS_75 |
resource |
aws_msk_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3042 |
CKV2_AWS_75 |
resource |
aws_msk_cluster_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3043 |
CKV2_AWS_75 |
resource |
aws_msk_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3044 |
CKV2_AWS_75 |
resource |
aws_msk_replicator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3045 |
CKV2_AWS_75 |
resource |
aws_msk_scram_secret_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3046 |
CKV2_AWS_75 |
resource |
aws_msk_serverless_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3047 |
CKV2_AWS_75 |
resource |
aws_msk_single_scram_secret_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3048 |
CKV2_AWS_75 |
resource |
aws_msk_vpc_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3049 |
CKV2_AWS_75 |
resource |
aws_mskconnect_connector |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3050 |
CKV2_AWS_75 |
resource |
aws_mskconnect_custom_plugin |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3051 |
CKV2_AWS_75 |
resource |
aws_mskconnect_worker_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3052 |
CKV2_AWS_75 |
resource |
aws_mwaa_environment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3053 |
CKV2_AWS_75 |
resource |
aws_nat_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3054 |
CKV2_AWS_75 |
resource |
aws_neptune_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3055 |
CKV2_AWS_75 |
resource |
aws_neptune_cluster_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3056 |
CKV2_AWS_75 |
resource |
aws_neptune_cluster_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3057 |
CKV2_AWS_75 |
resource |
aws_neptune_cluster_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3058 |
CKV2_AWS_75 |
resource |
aws_neptune_cluster_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3059 |
CKV2_AWS_75 |
resource |
aws_neptune_event_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3060 |
CKV2_AWS_75 |
resource |
aws_neptune_global_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3061 |
CKV2_AWS_75 |
resource |
aws_neptune_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3062 |
CKV2_AWS_75 |
resource |
aws_neptune_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3063 |
CKV2_AWS_75 |
resource |
aws_network_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3064 |
CKV2_AWS_75 |
resource |
aws_network_acl_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3065 |
CKV2_AWS_75 |
resource |
aws_network_acl_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3066 |
CKV2_AWS_75 |
resource |
aws_network_interface |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3067 |
CKV2_AWS_75 |
resource |
aws_network_interface_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3068 |
CKV2_AWS_75 |
resource |
aws_network_interface_sg_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3069 |
CKV2_AWS_75 |
resource |
aws_networkfirewall_firewall |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3070 |
CKV2_AWS_75 |
resource |
aws_networkfirewall_firewall_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3071 |
CKV2_AWS_75 |
resource |
aws_networkfirewall_logging_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3072 |
CKV2_AWS_75 |
resource |
aws_networkfirewall_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3073 |
CKV2_AWS_75 |
resource |
aws_networkfirewall_rule_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3074 |
CKV2_AWS_75 |
resource |
aws_networkfirewall_tls_inspection_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3075 |
CKV2_AWS_75 |
resource |
aws_networkmanager_attachment_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3076 |
CKV2_AWS_75 |
resource |
aws_networkmanager_connect_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3077 |
CKV2_AWS_75 |
resource |
aws_networkmanager_connect_peer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3078 |
CKV2_AWS_75 |
resource |
aws_networkmanager_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3079 |
CKV2_AWS_75 |
resource |
aws_networkmanager_core_network |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3080 |
CKV2_AWS_75 |
resource |
aws_networkmanager_core_network_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3081 |
CKV2_AWS_75 |
resource |
aws_networkmanager_customer_gateway_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3082 |
CKV2_AWS_75 |
resource |
aws_networkmanager_device |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3083 |
CKV2_AWS_75 |
resource |
aws_networkmanager_dx_gateway_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3084 |
CKV2_AWS_75 |
resource |
aws_networkmanager_global_network |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3085 |
CKV2_AWS_75 |
resource |
aws_networkmanager_link |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3086 |
CKV2_AWS_75 |
resource |
aws_networkmanager_link_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3087 |
CKV2_AWS_75 |
resource |
aws_networkmanager_site |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3088 |
CKV2_AWS_75 |
resource |
aws_networkmanager_site_to_site_vpn_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3089 |
CKV2_AWS_75 |
resource |
aws_networkmanager_transit_gateway_connect_peer_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3090 |
CKV2_AWS_75 |
resource |
aws_networkmanager_transit_gateway_peering |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3091 |
CKV2_AWS_75 |
resource |
aws_networkmanager_transit_gateway_registration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3092 |
CKV2_AWS_75 |
resource |
aws_networkmanager_transit_gateway_route_table_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3093 |
CKV2_AWS_75 |
resource |
aws_networkmanager_vpc_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3094 |
CKV2_AWS_75 |
resource |
aws_networkmonitor_monitor |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3095 |
CKV2_AWS_75 |
resource |
aws_networkmonitor_probe |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3096 |
CKV2_AWS_75 |
resource |
aws_oam_link |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3097 |
CKV2_AWS_75 |
resource |
aws_oam_sink |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3098 |
CKV2_AWS_75 |
resource |
aws_oam_sink_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3099 |
CKV2_AWS_75 |
resource |
aws_opensearch_authorize_vpc_endpoint_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3100 |
CKV2_AWS_75 |
resource |
aws_opensearch_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3101 |
CKV2_AWS_75 |
resource |
aws_opensearch_domain_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3102 |
CKV2_AWS_75 |
resource |
aws_opensearch_domain_saml_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3103 |
CKV2_AWS_75 |
resource |
aws_opensearch_inbound_connection_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3104 |
CKV2_AWS_75 |
resource |
aws_opensearch_outbound_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3105 |
CKV2_AWS_75 |
resource |
aws_opensearch_package |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3106 |
CKV2_AWS_75 |
resource |
aws_opensearch_package_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3107 |
CKV2_AWS_75 |
resource |
aws_opensearch_vpc_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3108 |
CKV2_AWS_75 |
resource |
aws_opensearchserverless_access_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3109 |
CKV2_AWS_75 |
resource |
aws_opensearchserverless_collection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3110 |
CKV2_AWS_75 |
resource |
aws_opensearchserverless_lifecycle_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3111 |
CKV2_AWS_75 |
resource |
aws_opensearchserverless_security_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3112 |
CKV2_AWS_75 |
resource |
aws_opensearchserverless_security_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3113 |
CKV2_AWS_75 |
resource |
aws_opensearchserverless_vpc_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3114 |
CKV2_AWS_75 |
resource |
aws_opsworks_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3115 |
CKV2_AWS_75 |
resource |
aws_opsworks_custom_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3116 |
CKV2_AWS_75 |
resource |
aws_opsworks_ecs_cluster_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3117 |
CKV2_AWS_75 |
resource |
aws_opsworks_ganglia_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3118 |
CKV2_AWS_75 |
resource |
aws_opsworks_haproxy_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3119 |
CKV2_AWS_75 |
resource |
aws_opsworks_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3120 |
CKV2_AWS_75 |
resource |
aws_opsworks_java_app_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3121 |
CKV2_AWS_75 |
resource |
aws_opsworks_memcached_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3122 |
CKV2_AWS_75 |
resource |
aws_opsworks_mysql_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3123 |
CKV2_AWS_75 |
resource |
aws_opsworks_nodejs_app_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3124 |
CKV2_AWS_75 |
resource |
aws_opsworks_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3125 |
CKV2_AWS_75 |
resource |
aws_opsworks_php_app_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3126 |
CKV2_AWS_75 |
resource |
aws_opsworks_rails_app_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3127 |
CKV2_AWS_75 |
resource |
aws_opsworks_rds_db_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3128 |
CKV2_AWS_75 |
resource |
aws_opsworks_stack |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3129 |
CKV2_AWS_75 |
resource |
aws_opsworks_static_web_layer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3130 |
CKV2_AWS_75 |
resource |
aws_opsworks_user_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3131 |
CKV2_AWS_75 |
resource |
aws_organizations_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3132 |
CKV2_AWS_75 |
resource |
aws_organizations_delegated_administrator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3133 |
CKV2_AWS_75 |
resource |
aws_organizations_organization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3134 |
CKV2_AWS_75 |
resource |
aws_organizations_organizational_unit |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3135 |
CKV2_AWS_75 |
resource |
aws_organizations_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3136 |
CKV2_AWS_75 |
resource |
aws_organizations_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3137 |
CKV2_AWS_75 |
resource |
aws_organizations_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3138 |
CKV2_AWS_75 |
resource |
aws_osis_pipeline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3139 |
CKV2_AWS_75 |
resource |
aws_paymentcryptography_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3140 |
CKV2_AWS_75 |
resource |
aws_paymentcryptography_key_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3141 |
CKV2_AWS_75 |
resource |
aws_pinpoint_adm_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3142 |
CKV2_AWS_75 |
resource |
aws_pinpoint_apns_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3143 |
CKV2_AWS_75 |
resource |
aws_pinpoint_apns_sandbox_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3144 |
CKV2_AWS_75 |
resource |
aws_pinpoint_apns_voip_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3145 |
CKV2_AWS_75 |
resource |
aws_pinpoint_apns_voip_sandbox_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3146 |
CKV2_AWS_75 |
resource |
aws_pinpoint_app |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3147 |
CKV2_AWS_75 |
resource |
aws_pinpoint_baidu_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3148 |
CKV2_AWS_75 |
resource |
aws_pinpoint_email_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3149 |
CKV2_AWS_75 |
resource |
aws_pinpoint_email_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3150 |
CKV2_AWS_75 |
resource |
aws_pinpoint_event_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3151 |
CKV2_AWS_75 |
resource |
aws_pinpoint_gcm_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3152 |
CKV2_AWS_75 |
resource |
aws_pinpoint_sms_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3153 |
CKV2_AWS_75 |
resource |
aws_pinpointsmsvoicev2_configuration_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3154 |
CKV2_AWS_75 |
resource |
aws_pinpointsmsvoicev2_opt_out_list |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3155 |
CKV2_AWS_75 |
resource |
aws_pinpointsmsvoicev2_phone_number |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3156 |
CKV2_AWS_75 |
resource |
aws_pipes_pipe |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3157 |
CKV2_AWS_75 |
resource |
aws_placement_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3158 |
CKV2_AWS_75 |
resource |
aws_prometheus_alert_manager_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3159 |
CKV2_AWS_75 |
resource |
aws_prometheus_rule_group_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3160 |
CKV2_AWS_75 |
resource |
aws_prometheus_scraper |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3161 |
CKV2_AWS_75 |
resource |
aws_prometheus_workspace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3162 |
CKV2_AWS_75 |
resource |
aws_proxy_protocol_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3163 |
CKV2_AWS_75 |
resource |
aws_qldb_ledger |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3164 |
CKV2_AWS_75 |
resource |
aws_qldb_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3165 |
CKV2_AWS_75 |
resource |
aws_quicksight_account_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3166 |
CKV2_AWS_75 |
resource |
aws_quicksight_analysis |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3167 |
CKV2_AWS_75 |
resource |
aws_quicksight_dashboard |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3168 |
CKV2_AWS_75 |
resource |
aws_quicksight_data_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3169 |
CKV2_AWS_75 |
resource |
aws_quicksight_data_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3170 |
CKV2_AWS_75 |
resource |
aws_quicksight_folder |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3171 |
CKV2_AWS_75 |
resource |
aws_quicksight_folder_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3172 |
CKV2_AWS_75 |
resource |
aws_quicksight_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3173 |
CKV2_AWS_75 |
resource |
aws_quicksight_group_membership |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3174 |
CKV2_AWS_75 |
resource |
aws_quicksight_iam_policy_assignment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3175 |
CKV2_AWS_75 |
resource |
aws_quicksight_ingestion |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3176 |
CKV2_AWS_75 |
resource |
aws_quicksight_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3177 |
CKV2_AWS_75 |
resource |
aws_quicksight_refresh_schedule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3178 |
CKV2_AWS_75 |
resource |
aws_quicksight_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3179 |
CKV2_AWS_75 |
resource |
aws_quicksight_template_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3180 |
CKV2_AWS_75 |
resource |
aws_quicksight_theme |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3181 |
CKV2_AWS_75 |
resource |
aws_quicksight_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3182 |
CKV2_AWS_75 |
resource |
aws_quicksight_vpc_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3183 |
CKV2_AWS_75 |
resource |
aws_ram_principal_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3184 |
CKV2_AWS_75 |
resource |
aws_ram_resource_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3185 |
CKV2_AWS_75 |
resource |
aws_ram_resource_share |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3186 |
CKV2_AWS_75 |
resource |
aws_ram_resource_share_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3187 |
CKV2_AWS_75 |
resource |
aws_ram_sharing_with_organization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3188 |
CKV2_AWS_75 |
resource |
aws_rbin_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3189 |
CKV2_AWS_75 |
resource |
aws_rds_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3190 |
CKV2_AWS_75 |
resource |
aws_rds_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3191 |
CKV2_AWS_75 |
resource |
aws_rds_cluster_activity_stream |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3192 |
CKV2_AWS_75 |
resource |
aws_rds_cluster_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3193 |
CKV2_AWS_75 |
resource |
aws_rds_cluster_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3194 |
CKV2_AWS_75 |
resource |
aws_rds_cluster_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3195 |
CKV2_AWS_75 |
resource |
aws_rds_cluster_role_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3196 |
CKV2_AWS_75 |
resource |
aws_rds_cluster_snapshot_copy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3197 |
CKV2_AWS_75 |
resource |
aws_rds_custom_db_engine_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3198 |
CKV2_AWS_75 |
resource |
aws_rds_export_task |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3199 |
CKV2_AWS_75 |
resource |
aws_rds_global_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3200 |
CKV2_AWS_75 |
resource |
aws_rds_instance_state |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3201 |
CKV2_AWS_75 |
resource |
aws_rds_integration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3202 |
CKV2_AWS_75 |
resource |
aws_rds_reserved_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3203 |
CKV2_AWS_75 |
resource |
aws_redshift_authentication_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3204 |
CKV2_AWS_75 |
resource |
aws_redshift_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3205 |
CKV2_AWS_75 |
resource |
aws_redshift_cluster_iam_roles |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3206 |
CKV2_AWS_75 |
resource |
aws_redshift_cluster_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3207 |
CKV2_AWS_75 |
resource |
aws_redshift_data_share_authorization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3208 |
CKV2_AWS_75 |
resource |
aws_redshift_data_share_consumer_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3209 |
CKV2_AWS_75 |
resource |
aws_redshift_endpoint_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3210 |
CKV2_AWS_75 |
resource |
aws_redshift_endpoint_authorization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3211 |
CKV2_AWS_75 |
resource |
aws_redshift_event_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3212 |
CKV2_AWS_75 |
resource |
aws_redshift_hsm_client_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3213 |
CKV2_AWS_75 |
resource |
aws_redshift_hsm_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3214 |
CKV2_AWS_75 |
resource |
aws_redshift_logging |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3215 |
CKV2_AWS_75 |
resource |
aws_redshift_parameter_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3216 |
CKV2_AWS_75 |
resource |
aws_redshift_partner |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3217 |
CKV2_AWS_75 |
resource |
aws_redshift_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3218 |
CKV2_AWS_75 |
resource |
aws_redshift_scheduled_action |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3219 |
CKV2_AWS_75 |
resource |
aws_redshift_security_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3220 |
CKV2_AWS_75 |
resource |
aws_redshift_snapshot_copy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3221 |
CKV2_AWS_75 |
resource |
aws_redshift_snapshot_copy_grant |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3222 |
CKV2_AWS_75 |
resource |
aws_redshift_snapshot_schedule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3223 |
CKV2_AWS_75 |
resource |
aws_redshift_snapshot_schedule_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3224 |
CKV2_AWS_75 |
resource |
aws_redshift_subnet_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3225 |
CKV2_AWS_75 |
resource |
aws_redshift_usage_limit |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3226 |
CKV2_AWS_75 |
resource |
aws_redshiftdata_statement |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3227 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_custom_domain_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3228 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_endpoint_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3229 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3230 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3231 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_snapshot |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3232 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_usage_limit |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3233 |
CKV2_AWS_75 |
resource |
aws_redshiftserverless_workgroup |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3234 |
CKV2_AWS_75 |
resource |
aws_region_info |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3235 |
CKV2_AWS_75 |
resource |
aws_rekognition_collection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3236 |
CKV2_AWS_75 |
resource |
aws_rekognition_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3237 |
CKV2_AWS_75 |
resource |
aws_rekognition_stream_processor |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3238 |
CKV2_AWS_75 |
resource |
aws_resiliencehub_resiliency_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3239 |
CKV2_AWS_75 |
resource |
aws_resourceexplorer2_index |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3240 |
CKV2_AWS_75 |
resource |
aws_resourceexplorer2_view |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3241 |
CKV2_AWS_75 |
resource |
aws_resourcegroups_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3242 |
CKV2_AWS_75 |
resource |
aws_resourcegroups_resource |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3243 |
CKV2_AWS_75 |
resource |
aws_rolesanywhere_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3244 |
CKV2_AWS_75 |
resource |
aws_rolesanywhere_trust_anchor |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3245 |
CKV2_AWS_75 |
resource |
aws_root |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3246 |
CKV2_AWS_75 |
resource |
aws_root_access_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3247 |
CKV2_AWS_75 |
resource |
aws_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3248 |
CKV2_AWS_75 |
resource |
aws_route53_cidr_collection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3249 |
CKV2_AWS_75 |
resource |
aws_route53_cidr_location |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3250 |
CKV2_AWS_75 |
resource |
aws_route53_delegation_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3251 |
CKV2_AWS_75 |
resource |
aws_route53_health_check |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3252 |
CKV2_AWS_75 |
resource |
aws_route53_hosted_zone_dnssec |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3253 |
CKV2_AWS_75 |
resource |
aws_route53_key_signing_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3254 |
CKV2_AWS_75 |
resource |
aws_route53_query_log |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3255 |
CKV2_AWS_75 |
resource |
aws_route53_record |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3256 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3257 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_dnssec_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3258 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3259 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_firewall_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3260 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_firewall_domain_list |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3261 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_firewall_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3262 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_firewall_rule_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3263 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_firewall_rule_group_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3264 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_query_log_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3265 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_query_log_config_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3266 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3267 |
CKV2_AWS_75 |
resource |
aws_route53_resolver_rule_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3268 |
CKV2_AWS_75 |
resource |
aws_route53_traffic_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3269 |
CKV2_AWS_75 |
resource |
aws_route53_traffic_policy_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3270 |
CKV2_AWS_75 |
resource |
aws_route53_vpc_association_authorization |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3271 |
CKV2_AWS_75 |
resource |
aws_route53_zone |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3272 |
CKV2_AWS_75 |
resource |
aws_route53_zone_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3273 |
CKV2_AWS_75 |
resource |
aws_route53domains_delegation_signer_record |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3274 |
CKV2_AWS_75 |
resource |
aws_route53domains_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3275 |
CKV2_AWS_75 |
resource |
aws_route53domains_registered_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3276 |
CKV2_AWS_75 |
resource |
aws_route53profiles_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3277 |
CKV2_AWS_75 |
resource |
aws_route53profiles_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3278 |
CKV2_AWS_75 |
resource |
aws_route53profiles_resource_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3279 |
CKV2_AWS_75 |
resource |
aws_route53recoverycontrolconfig_cluster |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3280 |
CKV2_AWS_75 |
resource |
aws_route53recoverycontrolconfig_control_panel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3281 |
CKV2_AWS_75 |
resource |
aws_route53recoverycontrolconfig_routing_control |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3282 |
CKV2_AWS_75 |
resource |
aws_route53recoverycontrolconfig_safety_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3283 |
CKV2_AWS_75 |
resource |
aws_route53recoveryreadiness_cell |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3284 |
CKV2_AWS_75 |
resource |
aws_route53recoveryreadiness_readiness_check |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3285 |
CKV2_AWS_75 |
resource |
aws_route53recoveryreadiness_recovery_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3286 |
CKV2_AWS_75 |
resource |
aws_route53recoveryreadiness_resource_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3287 |
CKV2_AWS_75 |
resource |
aws_route_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3288 |
CKV2_AWS_75 |
resource |
aws_route_table_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3289 |
CKV2_AWS_75 |
resource |
aws_rum_app_monitor |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3290 |
CKV2_AWS_75 |
resource |
aws_rum_metrics_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3291 |
CKV2_AWS_75 |
resource |
aws_s3_access_point |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3292 |
CKV2_AWS_75 |
resource |
aws_s3_account_public_access_block |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3293 |
CKV2_AWS_75 |
resource |
aws_s3_bucket |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3294 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_accelerate_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3295 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3296 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_analytics_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3297 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_cors_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3298 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_intelligent_tiering_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3299 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_inventory |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3300 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_lifecycle_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3301 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_logging |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3302 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_metric |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3303 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_notification |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3304 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_object |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3305 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_object_lock_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3306 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_ownership_controls |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3307 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3308 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_public_access_block |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3309 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_replication_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3310 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_request_payment_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3311 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_server_side_encryption_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3312 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_versioning |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3313 |
CKV2_AWS_75 |
resource |
aws_s3_bucket_website_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3314 |
CKV2_AWS_75 |
resource |
aws_s3_directory_bucket |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3315 |
CKV2_AWS_75 |
resource |
aws_s3_object |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3316 |
CKV2_AWS_75 |
resource |
aws_s3_object_copy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3317 |
CKV2_AWS_75 |
resource |
aws_s3control_access_grant |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3318 |
CKV2_AWS_75 |
resource |
aws_s3control_access_grants_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3319 |
CKV2_AWS_75 |
resource |
aws_s3control_access_grants_instance_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3320 |
CKV2_AWS_75 |
resource |
aws_s3control_access_grants_location |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3321 |
CKV2_AWS_75 |
resource |
aws_s3control_access_point_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3322 |
CKV2_AWS_75 |
resource |
aws_s3control_bucket |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3323 |
CKV2_AWS_75 |
resource |
aws_s3control_bucket_lifecycle_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3324 |
CKV2_AWS_75 |
resource |
aws_s3control_bucket_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3325 |
CKV2_AWS_75 |
resource |
aws_s3control_multi_region_access_point |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3326 |
CKV2_AWS_75 |
resource |
aws_s3control_multi_region_access_point_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3327 |
CKV2_AWS_75 |
resource |
aws_s3control_object_lambda_access_point |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3328 |
CKV2_AWS_75 |
resource |
aws_s3control_object_lambda_access_point_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3329 |
CKV2_AWS_75 |
resource |
aws_s3control_storage_lens_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3330 |
CKV2_AWS_75 |
resource |
aws_s3outposts_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3331 |
CKV2_AWS_75 |
resource |
aws_s3tables_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3332 |
CKV2_AWS_75 |
resource |
aws_s3tables_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3333 |
CKV2_AWS_75 |
resource |
aws_s3tables_table_bucket |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3334 |
CKV2_AWS_75 |
resource |
aws_s3tables_table_bucket_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3335 |
CKV2_AWS_75 |
resource |
aws_s3tables_table_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3336 |
CKV2_AWS_75 |
resource |
aws_sagemaker_app |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3337 |
CKV2_AWS_75 |
resource |
aws_sagemaker_app_image_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3338 |
CKV2_AWS_75 |
resource |
aws_sagemaker_code_repository |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3339 |
CKV2_AWS_75 |
resource |
aws_sagemaker_data_quality_job_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3340 |
CKV2_AWS_75 |
resource |
aws_sagemaker_device |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3341 |
CKV2_AWS_75 |
resource |
aws_sagemaker_device_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3342 |
CKV2_AWS_75 |
resource |
aws_sagemaker_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3343 |
CKV2_AWS_75 |
resource |
aws_sagemaker_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3344 |
CKV2_AWS_75 |
resource |
aws_sagemaker_endpoint_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3345 |
CKV2_AWS_75 |
resource |
aws_sagemaker_feature_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3346 |
CKV2_AWS_75 |
resource |
aws_sagemaker_flow_definition |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3347 |
CKV2_AWS_75 |
resource |
aws_sagemaker_hub |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3348 |
CKV2_AWS_75 |
resource |
aws_sagemaker_human_task_ui |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3349 |
CKV2_AWS_75 |
resource |
aws_sagemaker_image |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3350 |
CKV2_AWS_75 |
resource |
aws_sagemaker_image_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3351 |
CKV2_AWS_75 |
resource |
aws_sagemaker_mlflow_tracking_server |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3352 |
CKV2_AWS_75 |
resource |
aws_sagemaker_model |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3353 |
CKV2_AWS_75 |
resource |
aws_sagemaker_model_package_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3354 |
CKV2_AWS_75 |
resource |
aws_sagemaker_model_package_group_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3355 |
CKV2_AWS_75 |
resource |
aws_sagemaker_monitoring_schedule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3356 |
CKV2_AWS_75 |
resource |
aws_sagemaker_notebook_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3357 |
CKV2_AWS_75 |
resource |
aws_sagemaker_notebook_instance_lifecycle_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3358 |
CKV2_AWS_75 |
resource |
aws_sagemaker_pipeline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3359 |
CKV2_AWS_75 |
resource |
aws_sagemaker_project |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3360 |
CKV2_AWS_75 |
resource |
aws_sagemaker_servicecatalog_portfolio_status |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3361 |
CKV2_AWS_75 |
resource |
aws_sagemaker_space |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3362 |
CKV2_AWS_75 |
resource |
aws_sagemaker_studio_lifecycle_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3363 |
CKV2_AWS_75 |
resource |
aws_sagemaker_user_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3364 |
CKV2_AWS_75 |
resource |
aws_sagemaker_workforce |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3365 |
CKV2_AWS_75 |
resource |
aws_sagemaker_workteam |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3366 |
CKV2_AWS_75 |
resource |
aws_scheduler_schedule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3367 |
CKV2_AWS_75 |
resource |
aws_scheduler_schedule_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3368 |
CKV2_AWS_75 |
resource |
aws_schemas_discoverer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3369 |
CKV2_AWS_75 |
resource |
aws_schemas_registry |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3370 |
CKV2_AWS_75 |
resource |
aws_schemas_registry_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3371 |
CKV2_AWS_75 |
resource |
aws_schemas_schema |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3372 |
CKV2_AWS_75 |
resource |
aws_secretsmanager_secret |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3373 |
CKV2_AWS_75 |
resource |
aws_secretsmanager_secret_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3374 |
CKV2_AWS_75 |
resource |
aws_secretsmanager_secret_rotation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3375 |
CKV2_AWS_75 |
resource |
aws_secretsmanager_secret_version |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3376 |
CKV2_AWS_75 |
resource |
aws_security_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3377 |
CKV2_AWS_75 |
resource |
aws_security_group_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3378 |
CKV2_AWS_75 |
resource |
aws_securityhub_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3379 |
CKV2_AWS_75 |
resource |
aws_securityhub_action_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3380 |
CKV2_AWS_75 |
resource |
aws_securityhub_automation_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3381 |
CKV2_AWS_75 |
resource |
aws_securityhub_configuration_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3382 |
CKV2_AWS_75 |
resource |
aws_securityhub_configuration_policy_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3383 |
CKV2_AWS_75 |
resource |
aws_securityhub_finding_aggregator |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3384 |
CKV2_AWS_75 |
resource |
aws_securityhub_insight |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3385 |
CKV2_AWS_75 |
resource |
aws_securityhub_invite_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3386 |
CKV2_AWS_75 |
resource |
aws_securityhub_member |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3387 |
CKV2_AWS_75 |
resource |
aws_securityhub_organization_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3388 |
CKV2_AWS_75 |
resource |
aws_securityhub_organization_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3389 |
CKV2_AWS_75 |
resource |
aws_securityhub_product_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3390 |
CKV2_AWS_75 |
resource |
aws_securityhub_standards_control |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3391 |
CKV2_AWS_75 |
resource |
aws_securityhub_standards_control_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3392 |
CKV2_AWS_75 |
resource |
aws_securityhub_standards_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3393 |
CKV2_AWS_75 |
resource |
aws_securitylake_aws_log_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3394 |
CKV2_AWS_75 |
resource |
aws_securitylake_custom_log_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3395 |
CKV2_AWS_75 |
resource |
aws_securitylake_data_lake |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3396 |
CKV2_AWS_75 |
resource |
aws_securitylake_subscriber |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3397 |
CKV2_AWS_75 |
resource |
aws_securitylake_subscriber_notification |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3398 |
CKV2_AWS_75 |
resource |
aws_serverlessapplicationrepository_cloudformation_stack |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3399 |
CKV2_AWS_75 |
resource |
aws_service_discovery_http_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3400 |
CKV2_AWS_75 |
resource |
aws_service_discovery_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3401 |
CKV2_AWS_75 |
resource |
aws_service_discovery_private_dns_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3402 |
CKV2_AWS_75 |
resource |
aws_service_discovery_public_dns_namespace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3403 |
CKV2_AWS_75 |
resource |
aws_service_discovery_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3404 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_budget_resource_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3405 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_constraint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3406 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_organizations_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3407 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_portfolio |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3408 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_portfolio_share |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3409 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_principal_portfolio_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3410 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_product |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3411 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_product_portfolio_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3412 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_provisioned_product |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3413 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_provisioning_artifact |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3414 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_service_action |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3415 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_tag_option |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3416 |
CKV2_AWS_75 |
resource |
aws_servicecatalog_tag_option_resource_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3417 |
CKV2_AWS_75 |
resource |
aws_servicecatalogappregistry_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3418 |
CKV2_AWS_75 |
resource |
aws_servicecatalogappregistry_attribute_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3419 |
CKV2_AWS_75 |
resource |
aws_servicecatalogappregistry_attribute_group_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3420 |
CKV2_AWS_75 |
resource |
aws_servicequotas_service_quota |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3421 |
CKV2_AWS_75 |
resource |
aws_servicequotas_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3422 |
CKV2_AWS_75 |
resource |
aws_servicequotas_template_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3423 |
CKV2_AWS_75 |
resource |
aws_ses_active_receipt_rule_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3424 |
CKV2_AWS_75 |
resource |
aws_ses_configuration_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3425 |
CKV2_AWS_75 |
resource |
aws_ses_domain_dkim |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3426 |
CKV2_AWS_75 |
resource |
aws_ses_domain_identity |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3427 |
CKV2_AWS_75 |
resource |
aws_ses_domain_identity_verification |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3428 |
CKV2_AWS_75 |
resource |
aws_ses_domain_mail_from |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3429 |
CKV2_AWS_75 |
resource |
aws_ses_email_identity |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3430 |
CKV2_AWS_75 |
resource |
aws_ses_event_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3431 |
CKV2_AWS_75 |
resource |
aws_ses_identity_notification_topic |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3432 |
CKV2_AWS_75 |
resource |
aws_ses_identity_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3433 |
CKV2_AWS_75 |
resource |
aws_ses_receipt_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3434 |
CKV2_AWS_75 |
resource |
aws_ses_receipt_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3435 |
CKV2_AWS_75 |
resource |
aws_ses_receipt_rule_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3436 |
CKV2_AWS_75 |
resource |
aws_ses_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3437 |
CKV2_AWS_75 |
resource |
aws_sesv2_account_suppression_attributes |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3438 |
CKV2_AWS_75 |
resource |
aws_sesv2_account_vdm_attributes |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3439 |
CKV2_AWS_75 |
resource |
aws_sesv2_configuration_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3440 |
CKV2_AWS_75 |
resource |
aws_sesv2_configuration_set_event_destination |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3441 |
CKV2_AWS_75 |
resource |
aws_sesv2_contact_list |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3442 |
CKV2_AWS_75 |
resource |
aws_sesv2_dedicated_ip_assignment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3443 |
CKV2_AWS_75 |
resource |
aws_sesv2_dedicated_ip_pool |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3444 |
CKV2_AWS_75 |
resource |
aws_sesv2_email_identity |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3445 |
CKV2_AWS_75 |
resource |
aws_sesv2_email_identity_feedback_attributes |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3446 |
CKV2_AWS_75 |
resource |
aws_sesv2_email_identity_mail_from_attributes |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3447 |
CKV2_AWS_75 |
resource |
aws_sesv2_email_identity_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3448 |
CKV2_AWS_75 |
resource |
aws_sfn_activity |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3449 |
CKV2_AWS_75 |
resource |
aws_sfn_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3450 |
CKV2_AWS_75 |
resource |
aws_sfn_state_machine |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3451 |
CKV2_AWS_75 |
resource |
aws_shield_application_layer_automatic_response |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3452 |
CKV2_AWS_75 |
resource |
aws_shield_drt_access_log_bucket_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3453 |
CKV2_AWS_75 |
resource |
aws_shield_drt_access_role_arn_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3454 |
CKV2_AWS_75 |
resource |
aws_shield_proactive_engagement |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3455 |
CKV2_AWS_75 |
resource |
aws_shield_protection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3456 |
CKV2_AWS_75 |
resource |
aws_shield_protection_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3457 |
CKV2_AWS_75 |
resource |
aws_shield_protection_health_check_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3458 |
CKV2_AWS_75 |
resource |
aws_shield_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3459 |
CKV2_AWS_75 |
resource |
aws_signer_signing_job |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3460 |
CKV2_AWS_75 |
resource |
aws_signer_signing_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3461 |
CKV2_AWS_75 |
resource |
aws_signer_signing_profile_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3462 |
CKV2_AWS_75 |
resource |
aws_simpledb_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3463 |
CKV2_AWS_75 |
resource |
aws_snapshot_create_volume_permission |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3464 |
CKV2_AWS_75 |
resource |
aws_sns_platform_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3465 |
CKV2_AWS_75 |
resource |
aws_sns_sms_preferences |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3466 |
CKV2_AWS_75 |
resource |
aws_sns_topic |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3467 |
CKV2_AWS_75 |
resource |
aws_sns_topic_data_protection_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3468 |
CKV2_AWS_75 |
resource |
aws_sns_topic_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3469 |
CKV2_AWS_75 |
resource |
aws_sns_topic_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3470 |
CKV2_AWS_75 |
resource |
aws_spot_datafeed_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3471 |
CKV2_AWS_75 |
resource |
aws_spot_fleet_request |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3472 |
CKV2_AWS_75 |
resource |
aws_spot_instance_request |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3473 |
CKV2_AWS_75 |
resource |
aws_sqs_queue |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3474 |
CKV2_AWS_75 |
resource |
aws_sqs_queue_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3475 |
CKV2_AWS_75 |
resource |
aws_sqs_queue_redrive_allow_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3476 |
CKV2_AWS_75 |
resource |
aws_sqs_queue_redrive_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3477 |
CKV2_AWS_75 |
resource |
aws_ssm_activation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3478 |
CKV2_AWS_75 |
resource |
aws_ssm_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3479 |
CKV2_AWS_75 |
resource |
aws_ssm_default_patch_baseline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3480 |
CKV2_AWS_75 |
resource |
aws_ssm_document |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3481 |
CKV2_AWS_75 |
resource |
aws_ssm_maintenance_window |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3482 |
CKV2_AWS_75 |
resource |
aws_ssm_maintenance_window_target |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3483 |
CKV2_AWS_75 |
resource |
aws_ssm_maintenance_window_task |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3484 |
CKV2_AWS_75 |
resource |
aws_ssm_parameter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3485 |
CKV2_AWS_75 |
resource |
aws_ssm_patch_baseline |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3486 |
CKV2_AWS_75 |
resource |
aws_ssm_patch_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3487 |
CKV2_AWS_75 |
resource |
aws_ssm_resource_data_sync |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3488 |
CKV2_AWS_75 |
resource |
aws_ssm_service_setting |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3489 |
CKV2_AWS_75 |
resource |
aws_ssmcontacts_contact |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3490 |
CKV2_AWS_75 |
resource |
aws_ssmcontacts_contact_channel |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3491 |
CKV2_AWS_75 |
resource |
aws_ssmcontacts_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3492 |
CKV2_AWS_75 |
resource |
aws_ssmcontacts_rotation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3493 |
CKV2_AWS_75 |
resource |
aws_ssmincidents_replication_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3494 |
CKV2_AWS_75 |
resource |
aws_ssmincidents_response_plan |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3495 |
CKV2_AWS_75 |
resource |
aws_ssmquicksetup_configuration_manager |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3496 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_account_assignment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3497 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_application |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3498 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_application_access_scope |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3499 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_application_assignment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3500 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_application_assignment_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3501 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_customer_managed_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3502 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_instance_access_control_attributes |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3503 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_managed_policy_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3504 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_permission_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3505 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_permission_set_inline_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3506 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_permissions_boundary_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3507 |
CKV2_AWS_75 |
resource |
aws_ssoadmin_trusted_token_issuer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3508 |
CKV2_AWS_75 |
resource |
aws_storagegateway_cache |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3509 |
CKV2_AWS_75 |
resource |
aws_storagegateway_cached_iscsi_volume |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3510 |
CKV2_AWS_75 |
resource |
aws_storagegateway_file_system_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3511 |
CKV2_AWS_75 |
resource |
aws_storagegateway_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3512 |
CKV2_AWS_75 |
resource |
aws_storagegateway_nfs_file_share |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3513 |
CKV2_AWS_75 |
resource |
aws_storagegateway_smb_file_share |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3514 |
CKV2_AWS_75 |
resource |
aws_storagegateway_stored_iscsi_volume |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3515 |
CKV2_AWS_75 |
resource |
aws_storagegateway_tape_pool |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3516 |
CKV2_AWS_75 |
resource |
aws_storagegateway_upload_buffer |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3517 |
CKV2_AWS_75 |
resource |
aws_storagegateway_working_storage |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3518 |
CKV2_AWS_75 |
resource |
aws_subnet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3519 |
CKV2_AWS_75 |
resource |
aws_swf_domain |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3520 |
CKV2_AWS_75 |
resource |
aws_synthetics_canary |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3521 |
CKV2_AWS_75 |
resource |
aws_synthetics_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3522 |
CKV2_AWS_75 |
resource |
aws_synthetics_group_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3523 |
CKV2_AWS_75 |
resource |
aws_timestreaminfluxdb_db_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3524 |
CKV2_AWS_75 |
resource |
aws_timestreamquery_scheduled_query |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3525 |
CKV2_AWS_75 |
resource |
aws_timestreamwrite_database |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3526 |
CKV2_AWS_75 |
resource |
aws_timestreamwrite_table |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3527 |
CKV2_AWS_75 |
resource |
aws_transcribe_language_model |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3528 |
CKV2_AWS_75 |
resource |
aws_transcribe_medical_vocabulary |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3529 |
CKV2_AWS_75 |
resource |
aws_transcribe_vocabulary |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3530 |
CKV2_AWS_75 |
resource |
aws_transcribe_vocabulary_filter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3531 |
CKV2_AWS_75 |
resource |
aws_transfer_access |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3532 |
CKV2_AWS_75 |
resource |
aws_transfer_agreement |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3533 |
CKV2_AWS_75 |
resource |
aws_transfer_certificate |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3534 |
CKV2_AWS_75 |
resource |
aws_transfer_connector |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3535 |
CKV2_AWS_75 |
resource |
aws_transfer_profile |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3536 |
CKV2_AWS_75 |
resource |
aws_transfer_server |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3537 |
CKV2_AWS_75 |
resource |
aws_transfer_ssh_key |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3538 |
CKV2_AWS_75 |
resource |
aws_transfer_tag |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3539 |
CKV2_AWS_75 |
resource |
aws_transfer_user |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3540 |
CKV2_AWS_75 |
resource |
aws_transfer_workflow |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3541 |
CKV2_AWS_75 |
resource |
aws_verifiedaccess_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3542 |
CKV2_AWS_75 |
resource |
aws_verifiedaccess_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3543 |
CKV2_AWS_75 |
resource |
aws_verifiedaccess_instance |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3544 |
CKV2_AWS_75 |
resource |
aws_verifiedaccess_instance_logging_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3545 |
CKV2_AWS_75 |
resource |
aws_verifiedaccess_instance_trust_provider_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3546 |
CKV2_AWS_75 |
resource |
aws_verifiedaccess_trust_provider |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3547 |
CKV2_AWS_75 |
resource |
aws_verifiedpermissions_identity_source |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3548 |
CKV2_AWS_75 |
resource |
aws_verifiedpermissions_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3549 |
CKV2_AWS_75 |
resource |
aws_verifiedpermissions_policy_store |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3550 |
CKV2_AWS_75 |
resource |
aws_verifiedpermissions_policy_template |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3551 |
CKV2_AWS_75 |
resource |
aws_verifiedpermissions_schema |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3552 |
CKV2_AWS_75 |
resource |
aws_volume_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3553 |
CKV2_AWS_75 |
resource |
aws_vpc |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3554 |
CKV2_AWS_75 |
resource |
aws_vpc_block_public_access_exclusion |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3555 |
CKV2_AWS_75 |
resource |
aws_vpc_block_public_access_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3556 |
CKV2_AWS_75 |
resource |
aws_vpc_dhcp_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3557 |
CKV2_AWS_75 |
resource |
aws_vpc_dhcp_options_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3558 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3559 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_connection_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3560 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_connection_notification |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3561 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3562 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_private_dns |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3563 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_route_table_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3564 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_security_group_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3565 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3566 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_service_allowed_principal |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3567 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_service_private_dns_verification |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3568 |
CKV2_AWS_75 |
resource |
aws_vpc_endpoint_subnet_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3569 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3570 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_organization_admin_account |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3571 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_pool |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3572 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_pool_cidr |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3573 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_pool_cidr_allocation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3574 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_preview_next_cidr |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3575 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_resource_discovery |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3576 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_resource_discovery_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3577 |
CKV2_AWS_75 |
resource |
aws_vpc_ipam_scope |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3578 |
CKV2_AWS_75 |
resource |
aws_vpc_ipv4_cidr_block_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3579 |
CKV2_AWS_75 |
resource |
aws_vpc_ipv6_cidr_block_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3580 |
CKV2_AWS_75 |
resource |
aws_vpc_network_performance_metric_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3581 |
CKV2_AWS_75 |
resource |
aws_vpc_peering_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3582 |
CKV2_AWS_75 |
resource |
aws_vpc_peering_connection_accepter |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3583 |
CKV2_AWS_75 |
resource |
aws_vpc_peering_connection_options |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3584 |
CKV2_AWS_75 |
resource |
aws_vpc_security_group_egress_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3585 |
CKV2_AWS_75 |
resource |
aws_vpc_security_group_ingress_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3586 |
CKV2_AWS_75 |
resource |
aws_vpc_security_group_vpc_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3587 |
CKV2_AWS_75 |
resource |
aws_vpclattice_access_log_subscription |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3588 |
CKV2_AWS_75 |
resource |
aws_vpclattice_auth_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3589 |
CKV2_AWS_75 |
resource |
aws_vpclattice_listener |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3590 |
CKV2_AWS_75 |
resource |
aws_vpclattice_listener_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3591 |
CKV2_AWS_75 |
resource |
aws_vpclattice_resource_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3592 |
CKV2_AWS_75 |
resource |
aws_vpclattice_resource_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3593 |
CKV2_AWS_75 |
resource |
aws_vpclattice_resource_policy |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3594 |
CKV2_AWS_75 |
resource |
aws_vpclattice_service |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3595 |
CKV2_AWS_75 |
resource |
aws_vpclattice_service_network |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3596 |
CKV2_AWS_75 |
resource |
aws_vpclattice_service_network_resource_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3597 |
CKV2_AWS_75 |
resource |
aws_vpclattice_service_network_service_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3598 |
CKV2_AWS_75 |
resource |
aws_vpclattice_service_network_vpc_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3599 |
CKV2_AWS_75 |
resource |
aws_vpclattice_target_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3600 |
CKV2_AWS_75 |
resource |
aws_vpclattice_target_group_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3601 |
CKV2_AWS_75 |
resource |
aws_vpn_connection |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3602 |
CKV2_AWS_75 |
resource |
aws_vpn_connection_route |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3603 |
CKV2_AWS_75 |
resource |
aws_vpn_gateway |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3604 |
CKV2_AWS_75 |
resource |
aws_vpn_gateway_attachment |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3605 |
CKV2_AWS_75 |
resource |
aws_vpn_gateway_route_propagation |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3606 |
CKV2_AWS_75 |
resource |
aws_waf_byte_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3607 |
CKV2_AWS_75 |
resource |
aws_waf_geo_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3608 |
CKV2_AWS_75 |
resource |
aws_waf_ipset |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3609 |
CKV2_AWS_75 |
resource |
aws_waf_rate_based_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3610 |
CKV2_AWS_75 |
resource |
aws_waf_regex_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3611 |
CKV2_AWS_75 |
resource |
aws_waf_regex_pattern_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3612 |
CKV2_AWS_75 |
resource |
aws_waf_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3613 |
CKV2_AWS_75 |
resource |
aws_waf_rule_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3614 |
CKV2_AWS_75 |
resource |
aws_waf_size_constraint_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3615 |
CKV2_AWS_75 |
resource |
aws_waf_sql_injection_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3616 |
CKV2_AWS_75 |
resource |
aws_waf_web_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3617 |
CKV2_AWS_75 |
resource |
aws_waf_xss_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3618 |
CKV2_AWS_75 |
resource |
aws_wafregional_byte_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3619 |
CKV2_AWS_75 |
resource |
aws_wafregional_geo_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3620 |
CKV2_AWS_75 |
resource |
aws_wafregional_ipset |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3621 |
CKV2_AWS_75 |
resource |
aws_wafregional_rate_based_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3622 |
CKV2_AWS_75 |
resource |
aws_wafregional_regex_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3623 |
CKV2_AWS_75 |
resource |
aws_wafregional_regex_pattern_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3624 |
CKV2_AWS_75 |
resource |
aws_wafregional_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3625 |
CKV2_AWS_75 |
resource |
aws_wafregional_rule_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3626 |
CKV2_AWS_75 |
resource |
aws_wafregional_size_constraint_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3627 |
CKV2_AWS_75 |
resource |
aws_wafregional_sql_injection_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3628 |
CKV2_AWS_75 |
resource |
aws_wafregional_web_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3629 |
CKV2_AWS_75 |
resource |
aws_wafregional_web_acl_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3630 |
CKV2_AWS_75 |
resource |
aws_wafregional_xss_match_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3631 |
CKV2_AWS_75 |
resource |
aws_wafv2_ip_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3632 |
CKV2_AWS_75 |
resource |
aws_wafv2_regex_pattern_set |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3633 |
CKV2_AWS_75 |
resource |
aws_wafv2_rule_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3634 |
CKV2_AWS_75 |
resource |
aws_wafv2_web_acl |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3635 |
CKV2_AWS_75 |
resource |
aws_wafv2_web_acl_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3636 |
CKV2_AWS_75 |
resource |
aws_wafv2_web_acl_logging_configuration |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3637 |
CKV2_AWS_75 |
resource |
aws_worklink_fleet |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3638 |
CKV2_AWS_75 |
resource |
aws_worklink_website_certificate_authority_association |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3639 |
CKV2_AWS_75 |
resource |
aws_workspaces_connection_alias |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3640 |
CKV2_AWS_75 |
resource |
aws_workspaces_directory |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3641 |
CKV2_AWS_75 |
resource |
aws_workspaces_ip_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3642 |
CKV2_AWS_75 |
resource |
aws_workspaces_workspace |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3643 |
CKV2_AWS_75 |
resource |
aws_xray_encryption_config |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3644 |
CKV2_AWS_75 |
resource |
aws_xray_group |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3645 |
CKV2_AWS_75 |
resource |
aws_xray_sampling_rule |
Ensure no open CORS policy |
Terraform |
LambdaOpenCorsPolicy.yaml |
| 3646 |
CKV2_AWS_76 |
resource |
aws_alb |
Ensure AWS ALB attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
ALBWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3647 |
CKV2_AWS_76 |
resource |
aws_lb |
Ensure AWS ALB attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
ALBWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3648 |
CKV2_AWS_76 |
resource |
aws_wafv2_web_acl |
Ensure AWS ALB attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
ALBWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3649 |
CKV2_AWS_77 |
resource |
aws_api_gateway_stage |
Ensure AWS API Gateway Rest API attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
APIGatewayWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3650 |
CKV2_AWS_77 |
resource |
aws_apigatewayv2_api |
Ensure AWS API Gateway Rest API attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
APIGatewayWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3651 |
CKV2_AWS_77 |
resource |
aws_wafv2_web_acl |
Ensure AWS API Gateway Rest API attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
APIGatewayWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3652 |
CKV2_AWS_78 |
resource |
aws_appsync_graphql_api |
Ensure AWS AppSync attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
AppsyncWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3653 |
CKV2_AWS_78 |
resource |
aws_wafv2_web_acl |
Ensure AWS AppSync attached WAFv2 WebACL is configured with AMR for Log4j Vulnerability |
Terraform |
AppsyncWebACLConfiguredWIthLog4jVulnerability.yaml |
| 3654 |
CKV_AZURE_1 |
resource |
azurerm_linux_virtual_machine |
Ensure Azure Instance does not use basic authentication(Use SSH Key Instead) |
Terraform |
AzureInstancePassword.py |
| 3655 |
CKV_AZURE_1 |
resource |
azurerm_virtual_machine |
Ensure Azure Instance does not use basic authentication(Use SSH Key Instead) |
Terraform |
AzureInstancePassword.py |
| 3656 |
CKV_AZURE_2 |
resource |
azurerm_managed_disk |
Ensure Azure managed disk has encryption enabled |
Terraform |
AzureManagedDiskEncryption.py |
| 3657 |
CKV_AZURE_3 |
resource |
azurerm_storage_account |
Ensure that ‘enable_https_traffic_only’ is enabled |
Terraform |
StorageAccountsTransportEncryption.py |
| 3658 |
CKV_AZURE_4 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS logging to Azure Monitoring is Configured |
Terraform |
AKSLoggingEnabled.py |
| 3659 |
CKV_AZURE_5 |
resource |
azurerm_kubernetes_cluster |
Ensure RBAC is enabled on AKS clusters |
Terraform |
AKSRbacEnabled.py |
| 3660 |
CKV_AZURE_6 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS has an API Server Authorized IP Ranges enabled |
Terraform |
AKSApiServerAuthorizedIpRanges.py |
| 3661 |
CKV_AZURE_7 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS cluster has Network Policy configured |
Terraform |
AKSNetworkPolicy.py |
| 3662 |
CKV_AZURE_8 |
resource |
azurerm_kubernetes_cluster |
Ensure Kubernetes Dashboard is disabled |
Terraform |
AKSDashboardDisabled.py |
| 3663 |
CKV_AZURE_9 |
resource |
azurerm_network_security_group |
Ensure that RDP access is restricted from the internet |
Terraform |
NSGRuleRDPAccessRestricted.py |
| 3664 |
CKV_AZURE_9 |
resource |
azurerm_network_security_rule |
Ensure that RDP access is restricted from the internet |
Terraform |
NSGRuleRDPAccessRestricted.py |
| 3665 |
CKV_AZURE_10 |
resource |
azurerm_network_security_group |
Ensure that SSH access is restricted from the internet |
Terraform |
NSGRuleSSHAccessRestricted.py |
| 3666 |
CKV_AZURE_10 |
resource |
azurerm_network_security_rule |
Ensure that SSH access is restricted from the internet |
Terraform |
NSGRuleSSHAccessRestricted.py |
| 3667 |
CKV_AZURE_11 |
resource |
azurerm_mariadb_firewall_rule |
Ensure no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP) |
Terraform |
SQLServerNoPublicAccess.py |
| 3668 |
CKV_AZURE_11 |
resource |
azurerm_mssql_firewall_rule |
Ensure no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP) |
Terraform |
SQLServerNoPublicAccess.py |
| 3669 |
CKV_AZURE_11 |
resource |
azurerm_mysql_firewall_rule |
Ensure no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP) |
Terraform |
SQLServerNoPublicAccess.py |
| 3670 |
CKV_AZURE_11 |
resource |
azurerm_mysql_flexible_server_firewall_rule |
Ensure no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP) |
Terraform |
SQLServerNoPublicAccess.py |
| 3671 |
CKV_AZURE_11 |
resource |
azurerm_postgresql_firewall_rule |
Ensure no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP) |
Terraform |
SQLServerNoPublicAccess.py |
| 3672 |
CKV_AZURE_11 |
resource |
azurerm_sql_firewall_rule |
Ensure no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP) |
Terraform |
SQLServerNoPublicAccess.py |
| 3673 |
CKV_AZURE_12 |
resource |
azurerm_network_watcher_flow_log |
Ensure that Network Security Group Flow Log retention period is ‘greater than 90 days’ |
Terraform |
NetworkWatcherFlowLogPeriod.py |
| 3674 |
CKV_AZURE_13 |
resource |
azurerm_app_service |
Ensure App Service Authentication is set on Azure App Service |
Terraform |
AppServiceAuthentication.py |
| 3675 |
CKV_AZURE_13 |
resource |
azurerm_linux_web_app |
Ensure App Service Authentication is set on Azure App Service |
Terraform |
AppServiceAuthentication.py |
| 3676 |
CKV_AZURE_13 |
resource |
azurerm_windows_web_app |
Ensure App Service Authentication is set on Azure App Service |
Terraform |
AppServiceAuthentication.py |
| 3677 |
CKV_AZURE_14 |
resource |
azurerm_app_service |
Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service |
Terraform |
AppServiceHTTPSOnly.py |
| 3678 |
CKV_AZURE_14 |
resource |
azurerm_linux_web_app |
Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service |
Terraform |
AppServiceHTTPSOnly.py |
| 3679 |
CKV_AZURE_14 |
resource |
azurerm_windows_web_app |
Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service |
Terraform |
AppServiceHTTPSOnly.py |
| 3680 |
CKV_AZURE_15 |
resource |
azurerm_app_service |
Ensure web app is using the latest version of TLS encryption |
Terraform |
AppServiceMinTLSVersion.py |
| 3681 |
CKV_AZURE_15 |
resource |
azurerm_linux_web_app |
Ensure web app is using the latest version of TLS encryption |
Terraform |
AppServiceMinTLSVersion.py |
| 3682 |
CKV_AZURE_15 |
resource |
azurerm_windows_web_app |
Ensure web app is using the latest version of TLS encryption |
Terraform |
AppServiceMinTLSVersion.py |
| 3683 |
CKV_AZURE_16 |
resource |
azurerm_app_service |
Ensure that Register with Azure Active Directory is enabled on App Service |
Terraform |
AppServiceIdentity.py |
| 3684 |
CKV_AZURE_16 |
resource |
azurerm_linux_web_app |
Ensure that Register with Azure Active Directory is enabled on App Service |
Terraform |
AppServiceIdentity.py |
| 3685 |
CKV_AZURE_16 |
resource |
azurerm_windows_web_app |
Ensure that Register with Azure Active Directory is enabled on App Service |
Terraform |
AppServiceIdentity.py |
| 3686 |
CKV_AZURE_17 |
resource |
azurerm_app_service |
Ensure the web app has ‘Client Certificates (Incoming client certificates)’ set |
Terraform |
AppServiceClientCertificate.py |
| 3687 |
CKV_AZURE_17 |
resource |
azurerm_linux_web_app |
Ensure the web app has ‘Client Certificates (Incoming client certificates)’ set |
Terraform |
AppServiceClientCertificate.py |
| 3688 |
CKV_AZURE_17 |
resource |
azurerm_windows_web_app |
Ensure the web app has ‘Client Certificates (Incoming client certificates)’ set |
Terraform |
AppServiceClientCertificate.py |
| 3689 |
CKV_AZURE_18 |
resource |
azurerm_app_service |
Ensure that ‘HTTP Version’ is the latest if used to run the web app |
Terraform |
AppServiceHttps20Enabled.py |
| 3690 |
CKV_AZURE_18 |
resource |
azurerm_linux_web_app |
Ensure that ‘HTTP Version’ is the latest if used to run the web app |
Terraform |
AppServiceHttps20Enabled.py |
| 3691 |
CKV_AZURE_18 |
resource |
azurerm_windows_web_app |
Ensure that ‘HTTP Version’ is the latest if used to run the web app |
Terraform |
AppServiceHttps20Enabled.py |
| 3692 |
CKV_AZURE_19 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that standard pricing tier is selected |
Terraform |
SecurityCenterStandardPricing.py |
| 3693 |
CKV_AZURE_20 |
resource |
azurerm_security_center_contact |
Ensure that security contact ‘Phone number’ is set |
Terraform |
SecurityCenterContactPhone.py |
| 3694 |
CKV_AZURE_21 |
resource |
azurerm_security_center_contact |
Ensure that ‘Send email notification for high severity alerts’ is set to ‘On’ |
Terraform |
SecurityCenterContactEmailAlert.py |
| 3695 |
CKV_AZURE_22 |
resource |
azurerm_security_center_contact |
Ensure that ‘Send email notification for high severity alerts’ is set to ‘On’ |
Terraform |
SecurityCenterContactEmailAlertAdmins.py |
| 3696 |
CKV_AZURE_23 |
resource |
azurerm_mssql_server |
Ensure that ‘Auditing’ is set to ‘On’ for SQL servers |
Terraform |
SQLServerAuditingEnabled.yaml |
| 3697 |
CKV_AZURE_23 |
resource |
azurerm_mssql_server_extended_auditing_policy |
Ensure that ‘Auditing’ is set to ‘On’ for SQL servers |
Terraform |
SQLServerAuditingEnabled.yaml |
| 3698 |
CKV_AZURE_23 |
resource |
azurerm_sql_server |
Ensure that ‘Auditing’ is set to ‘On’ for SQL servers |
Terraform |
SQLServerAuditingEnabled.yaml |
| 3699 |
CKV_AZURE_24 |
resource |
azurerm_mssql_server |
Ensure that ‘Auditing’ Retention is ‘greater than 90 days’ for SQL servers |
Terraform |
SQLServerAuditingRetention90Days.yaml |
| 3700 |
CKV_AZURE_24 |
resource |
azurerm_mssql_server_extended_auditing_policy |
Ensure that ‘Auditing’ Retention is ‘greater than 90 days’ for SQL servers |
Terraform |
SQLServerAuditingRetention90Days.yaml |
| 3701 |
CKV_AZURE_24 |
resource |
azurerm_sql_server |
Ensure that ‘Auditing’ Retention is ‘greater than 90 days’ for SQL servers |
Terraform |
SQLServerAuditingRetention90Days.yaml |
| 3702 |
CKV_AZURE_25 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that ‘Threat Detection types’ is set to ‘All’ |
Terraform |
SQLServerThreatDetectionTypes.py |
| 3703 |
CKV_AZURE_26 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that ‘Send Alerts To’ is enabled for MSSQL servers |
Terraform |
SQLServerEmailAlertsEnabled.py |
| 3704 |
CKV_AZURE_27 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that ‘Email service and co-administrators’ is ‘Enabled’ for MSSQL servers |
Terraform |
SQLServerEmailAlertsToAdminsEnabled.py |
| 3705 |
CKV_AZURE_28 |
resource |
azurerm_mysql_server |
Ensure ‘Enforce SSL connection’ is set to ‘ENABLED’ for MySQL Database Server |
Terraform |
MySQLServerSSLEnforcementEnabled.py |
| 3706 |
CKV_AZURE_29 |
resource |
azurerm_postgresql_server |
Ensure ‘Enforce SSL connection’ is set to ‘ENABLED’ for PostgreSQL Database Server |
Terraform |
PostgreSQLServerSSLEnforcementEnabled.py |
| 3707 |
CKV_AZURE_30 |
resource |
azurerm_postgresql_configuration |
Ensure server parameter ‘log_checkpoints’ is set to ‘ON’ for PostgreSQL Database Server |
Terraform |
PostgreSQLServerLogCheckpointsEnabled.py |
| 3708 |
CKV_AZURE_31 |
resource |
azurerm_postgresql_configuration |
Ensure server parameter ‘log_connections’ is set to ‘ON’ for PostgreSQL Database Server |
Terraform |
PostgreSQLServerLogConnectionsEnabled.py |
| 3709 |
CKV_AZURE_32 |
resource |
azurerm_postgresql_configuration |
Ensure server parameter ‘connection_throttling’ is set to ‘ON’ for PostgreSQL Database Server |
Terraform |
PostgreSQLServerConnectionThrottlingEnabled.py |
| 3710 |
CKV_AZURE_33 |
resource |
azurerm_storage_account |
Ensure Storage logging is enabled for Queue service for read, write and delete requests |
Terraform |
StorageAccountLoggingQueueServiceEnabled.py |
| 3711 |
CKV_AZURE_34 |
resource |
azurerm_storage_container |
Ensure that ‘Public access level’ is set to Private for blob containers |
Terraform |
StorageBlobServiceContainerPrivateAccess.py |
| 3712 |
CKV_AZURE_35 |
resource |
azurerm_storage_account |
Ensure default network access rule for Storage Accounts is set to deny |
Terraform |
StorageAccountDefaultNetworkAccessDeny.py |
| 3713 |
CKV_AZURE_35 |
resource |
azurerm_storage_account_network_rules |
Ensure default network access rule for Storage Accounts is set to deny |
Terraform |
StorageAccountDefaultNetworkAccessDeny.py |
| 3714 |
CKV_AZURE_36 |
resource |
azurerm_storage_account |
Ensure ‘Trusted Microsoft Services’ is enabled for Storage Account access |
Terraform |
StorageAccountAzureServicesAccessEnabled.py |
| 3715 |
CKV_AZURE_36 |
resource |
azurerm_storage_account_network_rules |
Ensure ‘Trusted Microsoft Services’ is enabled for Storage Account access |
Terraform |
StorageAccountAzureServicesAccessEnabled.py |
| 3716 |
CKV_AZURE_37 |
resource |
azurerm_monitor_log_profile |
Ensure that Activity Log Retention is set 365 days or greater |
Terraform |
MonitorLogProfileRetentionDays.py |
| 3717 |
CKV_AZURE_38 |
resource |
azurerm_monitor_log_profile |
Ensure audit profile captures all the activities |
Terraform |
MonitorLogProfileCategories.py |
| 3718 |
CKV_AZURE_39 |
resource |
azurerm_role_definition |
Ensure that no custom subscription owner roles are created |
Terraform |
CutsomRoleDefinitionSubscriptionOwner.py |
| 3719 |
CKV_AZURE_40 |
resource |
azurerm_key_vault_key |
Ensure that the expiration date is set on all keys |
Terraform |
KeyExpirationDate.py |
| 3720 |
CKV_AZURE_41 |
resource |
azurerm_key_vault_secret |
Ensure that the expiration date is set on all secrets |
Terraform |
SecretExpirationDate.py |
| 3721 |
CKV_AZURE_42 |
resource |
azurerm_key_vault |
Ensure the key vault is recoverable |
Terraform |
KeyvaultRecoveryEnabled.py |
| 3722 |
CKV_AZURE_43 |
resource |
azurerm_storage_account |
Ensure Storage Accounts adhere to the naming rules |
Terraform |
StorageAccountName.py |
| 3723 |
CKV_AZURE_44 |
resource |
azurerm_storage_account |
Ensure Storage Account is using the latest version of TLS encryption |
Terraform |
StorageAccountMinimumTlsVersion.py |
| 3724 |
CKV_AZURE_45 |
resource |
azurerm_virtual_machine |
Ensure that no sensitive credentials are exposed in VM custom_data |
Terraform |
VMCredsInCustomData.py |
| 3725 |
CKV_AZURE_47 |
resource |
azurerm_mariadb_server |
Ensure ‘Enforce SSL connection’ is set to ‘ENABLED’ for MariaDB servers |
Terraform |
MariaDBSSLEnforcementEnabled.py |
| 3726 |
CKV_AZURE_48 |
resource |
azurerm_mariadb_server |
Ensure ‘public network access enabled’ is set to ‘False’ for MariaDB servers |
Terraform |
MariaDBPublicAccessDisabled.py |
| 3727 |
CKV_AZURE_49 |
resource |
azurerm_linux_virtual_machine_scale_set |
Ensure Azure linux scale set does not use basic authentication(Use SSH Key Instead) |
Terraform |
AzureScaleSetPassword.py |
| 3728 |
CKV_AZURE_50 |
resource |
azurerm_linux_virtual_machine |
Ensure Virtual Machine Extensions are not Installed |
Terraform |
AzureInstanceExtensions.py |
| 3729 |
CKV_AZURE_50 |
resource |
azurerm_windows_virtual_machine |
Ensure Virtual Machine Extensions are not Installed |
Terraform |
AzureInstanceExtensions.py |
| 3730 |
CKV_AZURE_52 |
resource |
azurerm_mssql_server |
Ensure MSSQL is using the latest version of TLS encryption |
Terraform |
MSSQLServerMinTLSVersion.py |
| 3731 |
CKV_AZURE_53 |
resource |
azurerm_mysql_server |
Ensure ‘public network access enabled’ is set to ‘False’ for mySQL servers |
Terraform |
MySQLPublicAccessDisabled.py |
| 3732 |
CKV_AZURE_54 |
resource |
azurerm_mysql_server |
Ensure MySQL is using the latest version of TLS encryption |
Terraform |
MySQLServerMinTLSVersion.py |
| 3733 |
CKV_AZURE_55 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for Servers |
Terraform |
AzureDefenderOnServers.py |
| 3734 |
CKV_AZURE_56 |
resource |
azurerm_function_app |
Ensure that function apps enables Authentication |
Terraform |
FunctionAppsEnableAuthentication.py |
| 3735 |
CKV_AZURE_57 |
resource |
azurerm_app_service |
Ensure that CORS disallows every resource to access app services |
Terraform |
AppServiceDisallowCORS.py |
| 3736 |
CKV_AZURE_57 |
resource |
azurerm_linux_web_app |
Ensure that CORS disallows every resource to access app services |
Terraform |
AppServiceDisallowCORS.py |
| 3737 |
CKV_AZURE_57 |
resource |
azurerm_windows_web_app |
Ensure that CORS disallows every resource to access app services |
Terraform |
AppServiceDisallowCORS.py |
| 3738 |
CKV_AZURE_58 |
resource |
azurerm_synapse_workspace |
Ensure that Azure Synapse workspaces enables managed virtual networks |
Terraform |
SynapseWorkspaceEnablesManagedVirtualNetworks.py |
| 3739 |
CKV_AZURE_59 |
resource |
azurerm_storage_account |
Ensure that Storage accounts disallow public access |
Terraform |
StorageAccountDisablePublicAccess.py |
| 3740 |
CKV_AZURE_61 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for App Service |
Terraform |
AzureDefenderOnAppServices.py |
| 3741 |
CKV_AZURE_62 |
resource |
azurerm_function_app |
Ensure function apps are not accessible from all regions |
Terraform |
FunctionAppDisallowCORS.py |
| 3742 |
CKV_AZURE_63 |
resource |
azurerm_app_service |
Ensure that App service enables HTTP logging |
Terraform |
AppServiceHttpLoggingEnabled.py |
| 3743 |
CKV_AZURE_63 |
resource |
azurerm_linux_web_app |
Ensure that App service enables HTTP logging |
Terraform |
AppServiceHttpLoggingEnabled.py |
| 3744 |
CKV_AZURE_63 |
resource |
azurerm_windows_web_app |
Ensure that App service enables HTTP logging |
Terraform |
AppServiceHttpLoggingEnabled.py |
| 3745 |
CKV_AZURE_64 |
resource |
azurerm_storage_sync |
Ensure that Azure File Sync disables public network access |
Terraform |
StorageSyncPublicAccessDisabled.py |
| 3746 |
CKV_AZURE_65 |
resource |
azurerm_app_service |
Ensure that App service enables detailed error messages |
Terraform |
AppServiceDetailedErrorMessagesEnabled.py |
| 3747 |
CKV_AZURE_65 |
resource |
azurerm_linux_web_app |
Ensure that App service enables detailed error messages |
Terraform |
AppServiceDetailedErrorMessagesEnabled.py |
| 3748 |
CKV_AZURE_65 |
resource |
azurerm_windows_web_app |
Ensure that App service enables detailed error messages |
Terraform |
AppServiceDetailedErrorMessagesEnabled.py |
| 3749 |
CKV_AZURE_66 |
resource |
azurerm_app_service |
Ensure that App service enables failed request tracing |
Terraform |
AppServiceEnableFailedRequest.py |
| 3750 |
CKV_AZURE_66 |
resource |
azurerm_linux_web_app |
Ensure that App service enables failed request tracing |
Terraform |
AppServiceEnableFailedRequest.py |
| 3751 |
CKV_AZURE_66 |
resource |
azurerm_windows_web_app |
Ensure that App service enables failed request tracing |
Terraform |
AppServiceEnableFailedRequest.py |
| 3752 |
CKV_AZURE_67 |
resource |
azurerm_function_app |
Ensure that ‘HTTP Version’ is the latest, if used to run the Function app |
Terraform |
FunctionAppHttpVersionLatest.py |
| 3753 |
CKV_AZURE_67 |
resource |
azurerm_function_app_slot |
Ensure that ‘HTTP Version’ is the latest, if used to run the Function app |
Terraform |
FunctionAppHttpVersionLatest.py |
| 3754 |
CKV_AZURE_68 |
resource |
azurerm_postgresql_server |
Ensure that PostgreSQL server disables public network access |
Terraform |
PostgreSQLServerPublicAccessDisabled.py |
| 3755 |
CKV_AZURE_69 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for Azure SQL database servers |
Terraform |
AzureDefenderOnSqlServers.py |
| 3756 |
CKV_AZURE_70 |
resource |
azurerm_function_app |
Ensure that Function apps is only accessible over HTTPS |
Terraform |
FunctionAppsAccessibleOverHttps.py |
| 3757 |
CKV_AZURE_70 |
resource |
azurerm_function_app_slot |
Ensure that Function apps is only accessible over HTTPS |
Terraform |
FunctionAppsAccessibleOverHttps.py |
| 3758 |
CKV_AZURE_70 |
resource |
azurerm_linux_function_app |
Ensure that Function apps is only accessible over HTTPS |
Terraform |
FunctionAppsAccessibleOverHttps.py |
| 3759 |
CKV_AZURE_70 |
resource |
azurerm_linux_function_app_slot |
Ensure that Function apps is only accessible over HTTPS |
Terraform |
FunctionAppsAccessibleOverHttps.py |
| 3760 |
CKV_AZURE_70 |
resource |
azurerm_windows_function_app |
Ensure that Function apps is only accessible over HTTPS |
Terraform |
FunctionAppsAccessibleOverHttps.py |
| 3761 |
CKV_AZURE_70 |
resource |
azurerm_windows_function_app_slot |
Ensure that Function apps is only accessible over HTTPS |
Terraform |
FunctionAppsAccessibleOverHttps.py |
| 3762 |
CKV_AZURE_71 |
resource |
azurerm_app_service |
Ensure that Managed identity provider is enabled for app services |
Terraform |
AppServiceIdentityProviderEnabled.py |
| 3763 |
CKV_AZURE_71 |
resource |
azurerm_linux_web_app |
Ensure that Managed identity provider is enabled for app services |
Terraform |
AppServiceIdentityProviderEnabled.py |
| 3764 |
CKV_AZURE_71 |
resource |
azurerm_windows_web_app |
Ensure that Managed identity provider is enabled for app services |
Terraform |
AppServiceIdentityProviderEnabled.py |
| 3765 |
CKV_AZURE_72 |
resource |
azurerm_app_service |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3766 |
CKV_AZURE_72 |
resource |
azurerm_linux_function_app |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3767 |
CKV_AZURE_72 |
resource |
azurerm_linux_function_app_slot |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3768 |
CKV_AZURE_72 |
resource |
azurerm_linux_web_app |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3769 |
CKV_AZURE_72 |
resource |
azurerm_linux_web_app_slot |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3770 |
CKV_AZURE_72 |
resource |
azurerm_windows_function_app |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3771 |
CKV_AZURE_72 |
resource |
azurerm_windows_function_app_slot |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3772 |
CKV_AZURE_72 |
resource |
azurerm_windows_web_app |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3773 |
CKV_AZURE_72 |
resource |
azurerm_windows_web_app_slot |
Ensure that remote debugging is not enabled for app services |
Terraform |
AppServiceRemoteDebuggingNotEnabled.py |
| 3774 |
CKV_AZURE_73 |
resource |
azurerm_automation_variable_bool |
Ensure that Automation account variables are encrypted |
Terraform |
AutomationEncrypted.py |
| 3775 |
CKV_AZURE_73 |
resource |
azurerm_automation_variable_datetime |
Ensure that Automation account variables are encrypted |
Terraform |
AutomationEncrypted.py |
| 3776 |
CKV_AZURE_73 |
resource |
azurerm_automation_variable_int |
Ensure that Automation account variables are encrypted |
Terraform |
AutomationEncrypted.py |
| 3777 |
CKV_AZURE_73 |
resource |
azurerm_automation_variable_string |
Ensure that Automation account variables are encrypted |
Terraform |
AutomationEncrypted.py |
| 3778 |
CKV_AZURE_74 |
resource |
azurerm_kusto_cluster |
Ensure that Azure Data Explorer (Kusto) uses disk encryption |
Terraform |
DataExplorerUsesDiskEncryption.py |
| 3779 |
CKV_AZURE_75 |
resource |
azurerm_kusto_cluster |
Ensure that Azure Data Explorer uses double encryption |
Terraform |
AzureDataExplorerDoubleEncryptionEnabled.py |
| 3780 |
CKV_AZURE_76 |
resource |
azurerm_batch_account |
Ensure that Azure Batch account uses key vault to encrypt data |
Terraform |
AzureBatchAccountUsesKeyVaultEncryption.py |
| 3781 |
CKV_AZURE_77 |
resource |
azurerm_network_security_group |
Ensure that UDP Services are restricted from the Internet |
Terraform |
NSGRuleUDPAccessRestricted.py |
| 3782 |
CKV_AZURE_77 |
resource |
azurerm_network_security_rule |
Ensure that UDP Services are restricted from the Internet |
Terraform |
NSGRuleUDPAccessRestricted.py |
| 3783 |
CKV_AZURE_78 |
resource |
azurerm_app_service |
Ensure FTP deployments are disabled |
Terraform |
AppServiceFTPSState.py |
| 3784 |
CKV_AZURE_78 |
resource |
azurerm_linux_web_app |
Ensure FTP deployments are disabled |
Terraform |
AppServiceFTPSState.py |
| 3785 |
CKV_AZURE_78 |
resource |
azurerm_windows_web_app |
Ensure FTP deployments are disabled |
Terraform |
AppServiceFTPSState.py |
| 3786 |
CKV_AZURE_79 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for SQL servers on machines |
Terraform |
AzureDefenderOnSqlServerVMS.py |
| 3787 |
CKV_AZURE_80 |
resource |
azurerm_app_service |
Ensure that ‘Net Framework’ version is the latest, if used as a part of the web app |
Terraform |
AppServiceDotnetFrameworkVersion.py |
| 3788 |
CKV_AZURE_80 |
resource |
azurerm_windows_web_app |
Ensure that ‘Net Framework’ version is the latest, if used as a part of the web app |
Terraform |
AppServiceDotnetFrameworkVersion.py |
| 3789 |
CKV_AZURE_81 |
resource |
azurerm_app_service |
Ensure that ‘PHP version’ is the latest, if used to run the web app |
Terraform |
AppServicePHPVersion.py |
| 3790 |
CKV_AZURE_82 |
resource |
azurerm_app_service |
Ensure that ‘Python version’ is the latest, if used to run the web app |
Terraform |
AppServicePythonVersion.py |
| 3791 |
CKV_AZURE_83 |
resource |
azurerm_app_service |
Ensure that ‘Java version’ is the latest, if used to run the web app |
Terraform |
AppServiceJavaVersion.py |
| 3792 |
CKV_AZURE_84 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for Storage |
Terraform |
AzureDefenderOnStorage.py |
| 3793 |
CKV_AZURE_85 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for Kubernetes |
Terraform |
AzureDefenderOnKubernetes.py |
| 3794 |
CKV_AZURE_86 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for Container Registries |
Terraform |
AzureDefenderOnContainerRegistry.py |
| 3795 |
CKV_AZURE_87 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender is set to On for Key Vault |
Terraform |
AzureDefenderOnKeyVaults.py |
| 3796 |
CKV_AZURE_88 |
resource |
azurerm_app_service |
Ensure that app services use Azure Files |
Terraform |
AppServiceUsedAzureFiles.py |
| 3797 |
CKV_AZURE_88 |
resource |
azurerm_linux_web_app |
Ensure that app services use Azure Files |
Terraform |
AppServiceUsedAzureFiles.py |
| 3798 |
CKV_AZURE_88 |
resource |
azurerm_windows_web_app |
Ensure that app services use Azure Files |
Terraform |
AppServiceUsedAzureFiles.py |
| 3799 |
CKV_AZURE_89 |
resource |
azurerm_redis_cache |
Ensure that Azure Cache for Redis disables public network access |
Terraform |
RedisCachePublicNetworkAccessEnabled.py |
| 3800 |
CKV_AZURE_91 |
resource |
azurerm_redis_cache |
Ensure that only SSL are enabled for Cache for Redis |
Terraform |
RedisCacheEnableNonSSLPort.py |
| 3801 |
CKV_AZURE_92 |
resource |
azurerm_linux_virtual_machine |
Ensure that Virtual Machines use managed disks |
Terraform |
VMStorageOsDisk.py |
| 3802 |
CKV_AZURE_92 |
resource |
azurerm_windows_virtual_machine |
Ensure that Virtual Machines use managed disks |
Terraform |
VMStorageOsDisk.py |
| 3803 |
CKV_AZURE_93 |
resource |
azurerm_managed_disk |
Ensure that managed disks use a specific set of disk encryption sets for the customer-managed key encryption |
Terraform |
AzureManagedDiskEncryptionSet.py |
| 3804 |
CKV_AZURE_94 |
resource |
azurerm_mysql_flexible_server |
Ensure that My SQL server enables geo-redundant backups |
Terraform |
MySQLGeoBackupEnabled.py |
| 3805 |
CKV_AZURE_94 |
resource |
azurerm_mysql_server |
Ensure that My SQL server enables geo-redundant backups |
Terraform |
MySQLGeoBackupEnabled.py |
| 3806 |
CKV_AZURE_95 |
resource |
azurerm_virtual_machine_scale_set |
Ensure that automatic OS image patching is enabled for Virtual Machine Scale Sets |
Terraform |
VMScaleSetsAutoOSImagePatchingEnabled.py |
| 3807 |
CKV_AZURE_96 |
resource |
azurerm_mysql_server |
Ensure that MySQL server enables infrastructure encryption |
Terraform |
MySQLEncryptionEnabled.py |
| 3808 |
CKV_AZURE_97 |
resource |
azurerm_linux_virtual_machine_scale_set |
Ensure that Virtual machine scale sets have encryption at host enabled |
Terraform |
VMEncryptionAtHostEnabled.py |
| 3809 |
CKV_AZURE_97 |
resource |
azurerm_windows_virtual_machine_scale_set |
Ensure that Virtual machine scale sets have encryption at host enabled |
Terraform |
VMEncryptionAtHostEnabled.py |
| 3810 |
CKV_AZURE_98 |
resource |
azurerm_container_group |
Ensure that Azure Container group is deployed into virtual network |
Terraform |
AzureContainerGroupDeployedIntoVirtualNetwork.py |
| 3811 |
CKV_AZURE_99 |
resource |
azurerm_cosmosdb_account |
Ensure Cosmos DB accounts have restricted access |
Terraform |
CosmosDBAccountsRestrictedAccess.py |
| 3812 |
CKV_AZURE_100 |
resource |
azurerm_cosmosdb_account |
Ensure that Cosmos DB accounts have customer-managed keys to encrypt data at rest |
Terraform |
CosmosDBHaveCMK.py |
| 3813 |
CKV_AZURE_101 |
resource |
azurerm_cosmosdb_account |
Ensure that Azure Cosmos DB disables public network access |
Terraform |
CosmosDBDisablesPublicNetwork.py |
| 3814 |
CKV_AZURE_102 |
resource |
azurerm_postgresql_server |
Ensure that PostgreSQL server enables geo-redundant backups |
Terraform |
PostgressSQLGeoBackupEnabled.py |
| 3815 |
CKV_AZURE_103 |
resource |
azurerm_data_factory |
Ensure that Azure Data Factory uses Git repository for source control |
Terraform |
DataFactoryUsesGitRepository.py |
| 3816 |
CKV_AZURE_104 |
resource |
azurerm_data_factory |
Ensure that Azure Data factory public network access is disabled |
Terraform |
DataFactoryNoPublicNetworkAccess.py |
| 3817 |
CKV_AZURE_105 |
resource |
azurerm_data_lake_store |
Ensure that Data Lake Store accounts enables encryption |
Terraform |
DataLakeStoreEncryption.py |
| 3818 |
CKV_AZURE_106 |
resource |
azurerm_eventgrid_domain |
Ensure that Azure Event Grid Domain public network access is disabled |
Terraform |
EventgridDomainNetworkAccess.py |
| 3819 |
CKV_AZURE_107 |
resource |
azurerm_api_management |
Ensure that API management services use virtual networks |
Terraform |
APIServicesUseVirtualNetwork.py |
| 3820 |
CKV_AZURE_108 |
resource |
azurerm_iothub |
Ensure that Azure IoT Hub disables public network access |
Terraform |
IoTNoPublicNetworkAccess.py |
| 3821 |
CKV_AZURE_109 |
resource |
azurerm_key_vault |
Ensure that key vault allows firewall rules settings |
Terraform |
KeyVaultEnablesFirewallRulesSettings.py |
| 3822 |
CKV_AZURE_110 |
resource |
azurerm_key_vault |
Ensure that key vault enables purge protection |
Terraform |
KeyVaultEnablesPurgeProtection.py |
| 3823 |
CKV_AZURE_111 |
resource |
azurerm_key_vault |
Ensure that key vault enables soft delete |
Terraform |
KeyVaultEnablesSoftDelete.py |
| 3824 |
CKV_AZURE_112 |
resource |
azurerm_key_vault_key |
Ensure that key vault key is backed by HSM |
Terraform |
KeyBackedByHSM.py |
| 3825 |
CKV_AZURE_113 |
resource |
azurerm_mssql_server |
Ensure that SQL server disables public network access |
Terraform |
SQLServerPublicAccessDisabled.py |
| 3826 |
CKV_AZURE_114 |
resource |
azurerm_key_vault_secret |
Ensure that key vault secrets have “content_type” set |
Terraform |
SecretContentType.py |
| 3827 |
CKV_AZURE_115 |
resource |
azurerm_kubernetes_cluster |
Ensure that AKS enables private clusters |
Terraform |
AKSEnablesPrivateClusters.py |
| 3828 |
CKV_AZURE_116 |
resource |
azurerm_kubernetes_cluster |
Ensure that AKS uses Azure Policies Add-on |
Terraform |
AKSUsesAzurePoliciesAddon.py |
| 3829 |
CKV_AZURE_117 |
resource |
azurerm_kubernetes_cluster |
Ensure that AKS uses disk encryption set |
Terraform |
AKSUsesDiskEncryptionSet.py |
| 3830 |
CKV_AZURE_118 |
resource |
azurerm_network_interface |
Ensure that Network Interfaces disable IP forwarding |
Terraform |
NetworkInterfaceEnableIPForwarding.py |
| 3831 |
CKV_AZURE_119 |
resource |
azurerm_network_interface |
Ensure that Network Interfaces don’t use public IPs |
Terraform |
AzureNetworkInterfacePublicIPAddressId.yaml |
| 3832 |
CKV_AZURE_120 |
resource |
azurerm_application_gateway |
Ensure that Application Gateway enables WAF |
Terraform |
ApplicationGatewayEnablesWAF.yaml |
| 3833 |
CKV_AZURE_120 |
resource |
azurerm_web_application_firewall_policy |
Ensure that Application Gateway enables WAF |
Terraform |
ApplicationGatewayEnablesWAF.yaml |
| 3834 |
CKV_AZURE_121 |
resource |
azurerm_frontdoor |
Ensure that Azure Front Door enables WAF |
Terraform |
AzureFrontDoorEnablesWAF.py |
| 3835 |
CKV_AZURE_122 |
resource |
azurerm_web_application_firewall_policy |
Ensure that Application Gateway uses WAF in “Detection” or “Prevention” modes |
Terraform |
AppGWUseWAFMode.py |
| 3836 |
CKV_AZURE_123 |
resource |
azurerm_frontdoor_firewall_policy |
Ensure that Azure Front Door uses WAF in “Detection” or “Prevention” modes |
Terraform |
FrontdoorUseWAFMode.py |
| 3837 |
CKV_AZURE_124 |
resource |
azurerm_search_service |
Ensure that Azure Cognitive Search disables public network access |
Terraform |
AzureSearchPublicNetworkAccessDisabled.py |
| 3838 |
CKV_AZURE_125 |
resource |
azurerm_service_fabric_cluster |
Ensures that Service Fabric use three levels of protection available |
Terraform |
AzureServiceFabricClusterProtectionLevel.py |
| 3839 |
CKV_AZURE_126 |
resource |
azurerm_service_fabric_cluster |
Ensures that Active Directory is used for authentication for Service Fabric |
Terraform |
ActiveDirectoryUsedAuthenticationServiceFabric.py |
| 3840 |
CKV_AZURE_127 |
resource |
azurerm_mysql_server |
Ensure that My SQL server enables Threat detection policy |
Terraform |
MySQLTreatDetectionEnabled.py |
| 3841 |
CKV_AZURE_128 |
resource |
azurerm_postgresql_server |
Ensure that PostgreSQL server enables Threat detection policy |
Terraform |
PostgresSQLTreatDetectionEnabled.py |
| 3842 |
CKV_AZURE_129 |
resource |
azurerm_mariadb_server |
Ensure that MariaDB server enables geo-redundant backups |
Terraform |
MariaDBGeoBackupEnabled.py |
| 3843 |
CKV_AZURE_130 |
resource |
azurerm_postgresql_server |
Ensure that PostgreSQL server enables infrastructure encryption |
Terraform |
PostgreSQLEncryptionEnabled.py |
| 3844 |
CKV_AZURE_131 |
resource |
azurerm_security_center_contact |
Ensure that ‘Security contact emails’ is set |
Terraform |
SecurityCenterContactEmails.py |
| 3845 |
CKV_AZURE_132 |
resource |
azurerm_cosmosdb_account |
Ensure cosmosdb does not allow privileged escalation by restricting management plane changes |
Terraform |
CosmosDBDisableAccessKeyWrite.py |
| 3846 |
CKV_AZURE_133 |
resource |
azurerm_frontdoor_firewall_policy |
Ensure Front Door WAF prevents message lookup in Log4j2. See CVE-2021-44228 aka log4jshell |
Terraform |
FrontDoorWAFACLCVE202144228.py |
| 3847 |
CKV_AZURE_134 |
resource |
azurerm_cognitive_account |
Ensure that Cognitive Services accounts disable public network access |
Terraform |
CognitiveServicesDisablesPublicNetwork.py |
| 3848 |
CKV_AZURE_135 |
resource |
azurerm_web_application_firewall_policy |
Ensure Application Gateway WAF prevents message lookup in Log4j2. See CVE-2021-44228 aka log4jshell |
Terraform |
AppGatewayWAFACLCVE202144228.py |
| 3849 |
CKV_AZURE_136 |
resource |
azurerm_postgresql_flexible_server |
Ensure that PostgreSQL Flexible server enables geo-redundant backups |
Terraform |
PostgreSQLFlexiServerGeoBackupEnabled.py |
| 3850 |
CKV_AZURE_137 |
resource |
azurerm_container_registry |
Ensure ACR admin account is disabled |
Terraform |
ACRAdminAccountDisabled.py |
| 3851 |
CKV_AZURE_138 |
resource |
azurerm_container_registry |
Ensures that ACR disables anonymous pulling of images |
Terraform |
ACRAnonymousPullDisabled.py |
| 3852 |
CKV_AZURE_139 |
resource |
azurerm_container_registry |
Ensure ACR set to disable public networking |
Terraform |
ACRPublicNetworkAccessDisabled.py |
| 3853 |
CKV_AZURE_140 |
resource |
azurerm_cosmosdb_account |
Ensure that Local Authentication is disabled on CosmosDB |
Terraform |
CosmosDBLocalAuthDisabled.py |
| 3854 |
CKV_AZURE_141 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS local admin account is disabled |
Terraform |
AKSLocalAdminDisabled.py |
| 3855 |
CKV_AZURE_142 |
resource |
azurerm_machine_learning_compute_cluster |
Ensure Machine Learning Compute Cluster Local Authentication is disabled |
Terraform |
MLCCLADisabled.py |
| 3856 |
CKV_AZURE_143 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS cluster nodes do not have public IP addresses |
Terraform |
AKSNodePublicIpDisabled.py |
| 3857 |
CKV_AZURE_144 |
resource |
azurerm_machine_learning_workspace |
Ensure that Public Access is disabled for Machine Learning Workspace |
Terraform |
MLPublicAccess.py |
| 3858 |
CKV_AZURE_145 |
resource |
azurerm_function_app |
Ensure Function app is using the latest version of TLS encryption |
Terraform |
FunctionAppMinTLSVersion.py |
| 3859 |
CKV_AZURE_145 |
resource |
azurerm_function_app_slot |
Ensure Function app is using the latest version of TLS encryption |
Terraform |
FunctionAppMinTLSVersion.py |
| 3860 |
CKV_AZURE_145 |
resource |
azurerm_linux_function_app |
Ensure Function app is using the latest version of TLS encryption |
Terraform |
FunctionAppMinTLSVersion.py |
| 3861 |
CKV_AZURE_145 |
resource |
azurerm_linux_function_app_slot |
Ensure Function app is using the latest version of TLS encryption |
Terraform |
FunctionAppMinTLSVersion.py |
| 3862 |
CKV_AZURE_145 |
resource |
azurerm_windows_function_app |
Ensure Function app is using the latest version of TLS encryption |
Terraform |
FunctionAppMinTLSVersion.py |
| 3863 |
CKV_AZURE_145 |
resource |
azurerm_windows_function_app_slot |
Ensure Function app is using the latest version of TLS encryption |
Terraform |
FunctionAppMinTLSVersion.py |
| 3864 |
CKV_AZURE_146 |
resource |
azurerm_postgresql_configuration |
Ensure server parameter ‘log_retention’ is set to ‘ON’ for PostgreSQL Database Server |
Terraform |
PostgreSQLServerLogRetentionEnabled.py |
| 3865 |
CKV_AZURE_147 |
resource |
azurerm_postgresql_server |
Ensure PostgreSQL is using the latest version of TLS encryption |
Terraform |
PostgreSQLMinTLSVersion.py |
| 3866 |
CKV_AZURE_148 |
resource |
azurerm_redis_cache |
Ensure Redis Cache is using the latest version of TLS encryption |
Terraform |
RedisCacheMinTLSVersion.py |
| 3867 |
CKV_AZURE_149 |
resource |
azurerm_linux_virtual_machine |
Ensure that Virtual machine does not enable password authentication |
Terraform |
VMDisablePasswordAuthentication.py |
| 3868 |
CKV_AZURE_149 |
resource |
azurerm_linux_virtual_machine_scale_set |
Ensure that Virtual machine does not enable password authentication |
Terraform |
VMDisablePasswordAuthentication.py |
| 3869 |
CKV_AZURE_150 |
resource |
azurerm_machine_learning_compute_cluster |
Ensure Machine Learning Compute Cluster Minimum Nodes Set To 0 |
Terraform |
MLComputeClusterMinNodes.py |
| 3870 |
CKV_AZURE_151 |
resource |
azurerm_windows_virtual_machine |
Ensure Windows VM enables encryption |
Terraform |
WinVMEncryptionAtHost.py |
| 3871 |
CKV_AZURE_152 |
resource |
azurerm_api_management |
Ensure Client Certificates are enforced for API management |
Terraform |
APIManagementCertsEnforced.py |
| 3872 |
CKV_AZURE_153 |
resource |
azurerm_app_service_slot |
Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service Slot |
Terraform |
AppServiceSlotHTTPSOnly.py |
| 3873 |
CKV_AZURE_153 |
resource |
azurerm_linux_web_app_slot |
Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service Slot |
Terraform |
AppServiceSlotHTTPSOnly.py |
| 3874 |
CKV_AZURE_153 |
resource |
azurerm_windows_web_app_slot |
Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service Slot |
Terraform |
AppServiceSlotHTTPSOnly.py |
| 3875 |
CKV_AZURE_154 |
resource |
azurerm_app_service_slot |
Ensure the App service slot is using the latest version of TLS encryption |
Terraform |
AppServiceSlotMinTLS.py |
| 3876 |
CKV_AZURE_155 |
resource |
azurerm_app_service_slot |
Ensure debugging is disabled for the App service slot |
Terraform |
AppServiceSlotDebugDisabled.py |
| 3877 |
CKV_AZURE_156 |
resource |
azurerm_mssql_database_extended_auditing_policy |
Ensure default Auditing policy for a SQL Server is configured to capture and retain the activity logs |
Terraform |
MSSQLServerAuditPolicyLogMonitor.py |
| 3878 |
CKV_AZURE_157 |
resource |
azurerm_synapse_workspace |
Ensure that Synapse workspace has data_exfiltration_protection_enabled |
Terraform |
SynapseWorkspaceEnablesDataExfilProtection.py |
| 3879 |
CKV_AZURE_158 |
resource |
azurerm_databricks_workspace |
Ensure Databricks Workspace data plane to control plane communication happens over private link |
Terraform |
DatabricksWorkspaceIsNotPublic.py |
| 3880 |
CKV_AZURE_159 |
resource |
azurerm_function_app |
Ensure function app builtin logging is enabled |
Terraform |
FunctionAppEnableLogging.py |
| 3881 |
CKV_AZURE_159 |
resource |
azurerm_function_app_slot |
Ensure function app builtin logging is enabled |
Terraform |
FunctionAppEnableLogging.py |
| 3882 |
CKV_AZURE_160 |
resource |
azurerm_network_security_group |
Ensure that HTTP (port 80) access is restricted from the internet |
Terraform |
NSGRuleHTTPAccessRestricted.py |
| 3883 |
CKV_AZURE_160 |
resource |
azurerm_network_security_rule |
Ensure that HTTP (port 80) access is restricted from the internet |
Terraform |
NSGRuleHTTPAccessRestricted.py |
| 3884 |
CKV_AZURE_161 |
resource |
azurerm_spring_cloud_api_portal |
Ensures Spring Cloud API Portal is enabled on for HTTPS |
Terraform |
SpringCloudAPIPortalHTTPSOnly.py |
| 3885 |
CKV_AZURE_162 |
resource |
azurerm_spring_cloud_api_portal |
Ensures Spring Cloud API Portal Public Access Is Disabled |
Terraform |
SpringCloudAPIPortalPublicAccessIsDisabled.py |
| 3886 |
CKV_AZURE_163 |
resource |
azurerm_container_registry |
Enable vulnerability scanning for container images. |
Terraform |
ACRContainerScanEnabled.py |
| 3887 |
CKV_AZURE_164 |
resource |
azurerm_container_registry |
Ensures that ACR uses signed/trusted images |
Terraform |
ACRUseSignedImages.py |
| 3888 |
CKV_AZURE_165 |
resource |
azurerm_container_registry |
Ensure geo-replicated container registries to match multi-region container deployments. |
Terraform |
ACRGeoreplicated.py |
| 3889 |
CKV_AZURE_166 |
resource |
azurerm_container_registry |
Ensure container image quarantine, scan, and mark images verified |
Terraform |
ACREnableImageQuarantine.py |
| 3890 |
CKV_AZURE_167 |
resource |
azurerm_container_registry |
Ensure a retention policy is set to cleanup untagged manifests. |
Terraform |
ACREnableRetentionPolicy.py |
| 3891 |
CKV_AZURE_168 |
resource |
azurerm_kubernetes_cluster |
Ensure Azure Kubernetes Cluster (AKS) nodes should use a minimum number of 50 pods. |
Terraform |
AKSMaxPodsMinimum.py |
| 3892 |
CKV_AZURE_168 |
resource |
azurerm_kubernetes_cluster_node_pool |
Ensure Azure Kubernetes Cluster (AKS) nodes should use a minimum number of 50 pods. |
Terraform |
AKSMaxPodsMinimum.py |
| 3893 |
CKV_AZURE_169 |
resource |
azurerm_kubernetes_cluster |
Ensure Azure Kubernetes Cluster (AKS) nodes use scale sets |
Terraform |
AKSPoolTypeIsScaleSet.py |
| 3894 |
CKV_AZURE_170 |
resource |
azurerm_kubernetes_cluster |
Ensure that AKS use the Paid Sku for its SLA |
Terraform |
AKSIsPaidSku.py |
| 3895 |
CKV_AZURE_171 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS cluster upgrade channel is chosen |
Terraform |
AKSUpgradeChannel.py |
| 3896 |
CKV_AZURE_172 |
resource |
azurerm_kubernetes_cluster |
Ensure autorotation of Secrets Store CSI Driver secrets for AKS clusters |
Terraform |
AKSSecretStoreRotation.py |
| 3897 |
CKV_AZURE_173 |
resource |
azurerm_api_management |
Ensure API management uses at least TLS 1.2 |
Terraform |
APIManagementMinTLS12.py |
| 3898 |
CKV_AZURE_174 |
resource |
azurerm_api_management |
Ensure API management public access is disabled |
Terraform |
APIManagementPublicAccess.py |
| 3899 |
CKV_AZURE_175 |
resource |
azurerm_web_pubsub |
Ensure Web PubSub uses a SKU with an SLA |
Terraform |
PubsubSKUSLA.py |
| 3900 |
CKV_AZURE_176 |
resource |
azurerm_web_pubsub |
Ensure Web PubSub uses managed identities to access Azure resources |
Terraform |
PubsubSpecifyIdentity.py |
| 3901 |
CKV_AZURE_177 |
resource |
azurerm_windows_virtual_machine |
Ensure Windows VM enables automatic updates |
Terraform |
WinVMAutomaticUpdates.py |
| 3902 |
CKV_AZURE_177 |
resource |
azurerm_windows_virtual_machine_scale_set |
Ensure Windows VM enables automatic updates |
Terraform |
WinVMAutomaticUpdates.py |
| 3903 |
CKV_AZURE_178 |
resource |
azurerm_linux_virtual_machine |
Ensure linux VM enables SSH with keys for secure communication |
Terraform |
LinuxVMUsesSSH.py |
| 3904 |
CKV_AZURE_178 |
resource |
azurerm_linux_virtual_machine_scale_set |
Ensure linux VM enables SSH with keys for secure communication |
Terraform |
LinuxVMUsesSSH.py |
| 3905 |
CKV_AZURE_179 |
resource |
azurerm_linux_virtual_machine |
Ensure VM agent is installed |
Terraform |
VMAgentIsInstalled.py |
| 3906 |
CKV_AZURE_179 |
resource |
azurerm_linux_virtual_machine_scale_set |
Ensure VM agent is installed |
Terraform |
VMAgentIsInstalled.py |
| 3907 |
CKV_AZURE_179 |
resource |
azurerm_windows_virtual_machine |
Ensure VM agent is installed |
Terraform |
VMAgentIsInstalled.py |
| 3908 |
CKV_AZURE_179 |
resource |
azurerm_windows_virtual_machine_scale_set |
Ensure VM agent is installed |
Terraform |
VMAgentIsInstalled.py |
| 3909 |
CKV_AZURE_180 |
resource |
azurerm_kusto_cluster |
Ensure that data explorer uses Sku with an SLA |
Terraform |
DataExplorerSKUHasSLA.py |
| 3910 |
CKV_AZURE_181 |
resource |
azurerm_kusto_cluster |
Ensure that data explorer/Kusto uses managed identities to access Azure resources securely. |
Terraform |
DataExplorerServiceIdentity.py |
| 3911 |
CKV_AZURE_182 |
resource |
azurerm_virtual_network |
Ensure that VNET has at least 2 connected DNS Endpoints |
Terraform |
VnetSingleDNSServer.py |
| 3912 |
CKV_AZURE_182 |
resource |
azurerm_virtual_network_dns_servers |
Ensure that VNET has at least 2 connected DNS Endpoints |
Terraform |
VnetSingleDNSServer.py |
| 3913 |
CKV_AZURE_183 |
resource |
azurerm_virtual_network |
Ensure that VNET uses local DNS addresses |
Terraform |
VnetLocalDNS.py |
| 3914 |
CKV_AZURE_184 |
resource |
azurerm_app_configuration |
Ensure ‘local_auth_enabled’ is set to ‘False’ |
Terraform |
AppConfigLocalAuth.py |
| 3915 |
CKV_AZURE_185 |
resource |
azurerm_app_configuration |
Ensure ‘Public Access’ is not Enabled for App configuration |
Terraform |
AppConfigPublicAccess.py |
| 3916 |
CKV_AZURE_186 |
resource |
azurerm_app_configuration |
Ensure App configuration encryption block is set. |
Terraform |
AppConfigEncryption.py |
| 3917 |
CKV_AZURE_187 |
resource |
azurerm_app_configuration |
Ensure App configuration purge protection is enabled |
Terraform |
AppConfigPurgeProtection.py |
| 3918 |
CKV_AZURE_188 |
resource |
azurerm_app_configuration |
Ensure App configuration Sku is standard |
Terraform |
AppConfigSku.py |
| 3919 |
CKV_AZURE_189 |
resource |
azurerm_key_vault |
Ensure that Azure Key Vault disables public network access |
Terraform |
KeyVaultDisablesPublicNetworkAccess.py |
| 3920 |
CKV_AZURE_190 |
resource |
azurerm_storage_account |
Ensure that Storage blobs restrict public access |
Terraform |
StorageBlobRestrictPublicAccess.py |
| 3921 |
CKV_AZURE_191 |
resource |
azurerm_eventgrid_topic |
Ensure that Managed identity provider is enabled for Azure Event Grid Topic |
Terraform |
EventgridTopicIdentityProviderEnabled.py |
| 3922 |
CKV_AZURE_192 |
resource |
azurerm_eventgrid_topic |
Ensure that Azure Event Grid Topic local Authentication is disabled |
Terraform |
EventgridTopicLocalAuthentication.py |
| 3923 |
CKV_AZURE_193 |
resource |
azurerm_eventgrid_topic |
Ensure public network access is disabled for Azure Event Grid Topic |
Terraform |
EventgridTopicNetworkAccess.py |
| 3924 |
CKV_AZURE_194 |
resource |
azurerm_eventgrid_domain |
Ensure that Managed identity provider is enabled for Azure Event Grid Domain |
Terraform |
EventgridDomainIdentityProviderEnabled.py |
| 3925 |
CKV_AZURE_195 |
resource |
azurerm_eventgrid_domain |
Ensure that Azure Event Grid Domain local Authentication is disabled |
Terraform |
EventgridDomainLocalAuthentication.py |
| 3926 |
CKV_AZURE_196 |
resource |
azurerm_signalr_service |
Ensure that SignalR uses a Paid Sku for its SLA |
Terraform |
SignalRSKUSLA.py |
| 3927 |
CKV_AZURE_197 |
resource |
azurerm_cdn_endpoint |
Ensure the Azure CDN disables the HTTP endpoint |
Terraform |
CDNDisableHttpEndpoints.py |
| 3928 |
CKV_AZURE_198 |
resource |
azurerm_cdn_endpoint |
Ensure the Azure CDN enables the HTTPS endpoint |
Terraform |
CDNEnableHttpsEndpoints.py |
| 3929 |
CKV_AZURE_199 |
resource |
azurerm_servicebus_namespace |
Ensure that Azure Service Bus uses double encryption |
Terraform |
AzureServicebusDoubleEncryptionEnabled.py |
| 3930 |
CKV_AZURE_200 |
resource |
azurerm_cdn_endpoint_custom_domain |
Ensure the Azure CDN endpoint is using the latest version of TLS encryption |
Terraform |
CDNTLSProtocol12.py |
| 3931 |
CKV_AZURE_201 |
resource |
azurerm_servicebus_namespace |
Ensure that Azure Service Bus uses a customer-managed key to encrypt data |
Terraform |
AzureServicebusHasCMK.py |
| 3932 |
CKV_AZURE_202 |
resource |
azurerm_servicebus_namespace |
Ensure that Managed identity provider is enabled for Azure Service Bus |
Terraform |
AzureServicebusIdentityProviderEnabled.py |
| 3933 |
CKV_AZURE_203 |
resource |
azurerm_servicebus_namespace |
Ensure Azure Service Bus Local Authentication is disabled |
Terraform |
AzureServicebusLocalAuthDisabled.py |
| 3934 |
CKV_AZURE_204 |
resource |
azurerm_servicebus_namespace |
Ensure ‘public network access enabled’ is set to ‘False’ for Azure Service Bus |
Terraform |
AzureServicebusPublicAccessDisabled.py |
| 3935 |
CKV_AZURE_205 |
resource |
azurerm_servicebus_namespace |
Ensure Azure Service Bus is using the latest version of TLS encryption |
Terraform |
AzureServicebusMinTLSVersion.py |
| 3936 |
CKV_AZURE_206 |
resource |
azurerm_storage_account |
Ensure that Storage Accounts use replication |
Terraform |
StorageAccountsUseReplication.py |
| 3937 |
CKV_AZURE_207 |
resource |
azurerm_search_service |
Ensure Azure Cognitive Search service uses managed identities to access Azure resources |
Terraform |
AzureSearchManagedIdentity.py |
| 3938 |
CKV_AZURE_208 |
resource |
azurerm_search_service |
Ensure that Azure Cognitive Search maintains SLA for index updates |
Terraform |
AzureSearchSLAIndex.py |
| 3939 |
CKV_AZURE_209 |
resource |
azurerm_search_service |
Ensure that Azure Cognitive Search maintains SLA for search index queries |
Terraform |
AzureSearchSLAQueryUpdates.py |
| 3940 |
CKV_AZURE_210 |
resource |
azurerm_search_service |
Ensure Azure Cognitive Search service allowed IPS does not give public Access |
Terraform |
AzureSearchAllowedIPsNotGlobal.py |
| 3941 |
CKV_AZURE_211 |
resource |
azurerm_service_plan |
Ensure App Service plan suitable for production use |
Terraform |
AppServiceSkuMinimum.py |
| 3942 |
CKV_AZURE_212 |
resource |
azurerm_service_plan |
Ensure App Service has a minimum number of instances for failover |
Terraform |
AppServiceInstanceMinimum.py |
| 3943 |
CKV_AZURE_213 |
resource |
azurerm_app_service |
Ensure that App Service configures health check |
Terraform |
AppServiceSetHealthCheck.py |
| 3944 |
CKV_AZURE_213 |
resource |
azurerm_linux_web_app |
Ensure that App Service configures health check |
Terraform |
AppServiceSetHealthCheck.py |
| 3945 |
CKV_AZURE_213 |
resource |
azurerm_windows_web_app |
Ensure that App Service configures health check |
Terraform |
AppServiceSetHealthCheck.py |
| 3946 |
CKV_AZURE_214 |
resource |
azurerm_linux_web_app |
Ensure App Service is set to be always on |
Terraform |
AppServiceAlwaysOn.py |
| 3947 |
CKV_AZURE_214 |
resource |
azurerm_windows_web_app |
Ensure App Service is set to be always on |
Terraform |
AppServiceAlwaysOn.py |
| 3948 |
CKV_AZURE_215 |
resource |
azurerm_api_management_backend |
Ensure API management backend uses https |
Terraform |
APIManagementBackendHTTPS.py |
| 3949 |
CKV_AZURE_216 |
resource |
azurerm_firewall |
Ensure DenyIntelMode is set to Deny for Azure Firewalls |
Terraform |
AzureFirewallDenyThreatIntelMode.py |
| 3950 |
CKV_AZURE_217 |
resource |
azurerm_application_gateway |
Ensure Azure Application gateways listener that allow connection requests over HTTP |
Terraform |
AppGWUsesHttps.py |
| 3951 |
CKV_AZURE_218 |
resource |
azurerm_application_gateway |
Ensure Application Gateway defines secure protocols for in transit communication |
Terraform |
AppGWDefinesSecureProtocols.py |
| 3952 |
CKV_AZURE_219 |
resource |
azurerm_firewall |
Ensure Firewall defines a firewall policy |
Terraform |
AzureFirewallDefinesPolicy.py |
| 3953 |
CKV_AZURE_220 |
resource |
azurerm_firewall_policy |
Ensure Firewall policy has IDPS mode as deny |
Terraform |
AzureFirewallPolicyIDPSDeny.py |
| 3954 |
CKV_AZURE_221 |
resource |
azurerm_linux_function_app |
Ensure that Azure Function App public network access is disabled |
Terraform |
FunctionAppPublicAccessDisabled.py |
| 3955 |
CKV_AZURE_221 |
resource |
azurerm_linux_function_app_slot |
Ensure that Azure Function App public network access is disabled |
Terraform |
FunctionAppPublicAccessDisabled.py |
| 3956 |
CKV_AZURE_221 |
resource |
azurerm_windows_function_app |
Ensure that Azure Function App public network access is disabled |
Terraform |
FunctionAppPublicAccessDisabled.py |
| 3957 |
CKV_AZURE_221 |
resource |
azurerm_windows_function_app_slot |
Ensure that Azure Function App public network access is disabled |
Terraform |
FunctionAppPublicAccessDisabled.py |
| 3958 |
CKV_AZURE_222 |
resource |
azurerm_linux_web_app |
Ensure that Azure Web App public network access is disabled |
Terraform |
AppServicePublicAccessDisabled.py |
| 3959 |
CKV_AZURE_222 |
resource |
azurerm_windows_web_app |
Ensure that Azure Web App public network access is disabled |
Terraform |
AppServicePublicAccessDisabled.py |
| 3960 |
CKV_AZURE_223 |
resource |
azurerm_eventhub_namespace |
Ensure Event Hub Namespace uses at least TLS 1.2 |
Terraform |
EventHubNamespaceMinTLS12.py |
| 3961 |
CKV_AZURE_224 |
resource |
azurerm_mssql_database |
Ensure that the Ledger feature is enabled on database that requires cryptographic proof and nonrepudiation of data integrity |
Terraform |
SQLDatabaseLedgerEnabled.py |
| 3962 |
CKV_AZURE_225 |
resource |
azurerm_service_plan |
Ensure the App Service Plan is zone redundant |
Terraform |
AppServicePlanZoneRedundant.py |
| 3963 |
CKV_AZURE_226 |
resource |
azurerm_kubernetes_cluster |
Ensure ephemeral disks are used for OS disks |
Terraform |
AKSEphemeralOSDisks.py |
| 3964 |
CKV_AZURE_227 |
resource |
azurerm_kubernetes_cluster |
Ensure that the AKS cluster encrypt temp disks, caches, and data flows between Compute and Storage resources |
Terraform |
AKSEncryptionAtHostEnabled.py |
| 3965 |
CKV_AZURE_227 |
resource |
azurerm_kubernetes_cluster_node_pool |
Ensure that the AKS cluster encrypt temp disks, caches, and data flows between Compute and Storage resources |
Terraform |
AKSEncryptionAtHostEnabled.py |
| 3966 |
CKV_AZURE_228 |
resource |
azurerm_eventhub_namespace |
Ensure the Azure Event Hub Namespace is zone redundant |
Terraform |
EventHubNamespaceZoneRedundant.py |
| 3967 |
CKV_AZURE_229 |
resource |
azurerm_mssql_database |
Ensure the Azure SQL Database Namespace is zone redundant |
Terraform |
SQLDatabaseZoneRedundant.py |
| 3968 |
CKV_AZURE_230 |
resource |
azurerm_redis_cache |
Standard Replication should be enabled |
Terraform |
RedisCacheStandardReplicationEnabled.py |
| 3969 |
CKV_AZURE_231 |
resource |
azurerm_app_service_environment_v3 |
Ensure App Service Environment is zone redundant |
Terraform |
AppServiceEnvironmentZoneRedundant.py |
| 3970 |
CKV_AZURE_232 |
resource |
azurerm_kubernetes_cluster |
Ensure that only critical system pods run on system nodes |
Terraform |
AKSOnlyCriticalPodsOnSystemNodes.py |
| 3971 |
CKV_AZURE_233 |
resource |
azurerm_container_registry |
Ensure Azure Container Registry (ACR) is zone redundant |
Terraform |
ACREnableZoneRedundancy.py |
| 3972 |
CKV_AZURE_234 |
resource |
azurerm_security_center_subscription_pricing |
Ensure that Azure Defender for cloud is set to On for Resource Manager |
Terraform |
AzureDefenderDisabledForResManager.py |
| 3973 |
CKV_AZURE_235 |
resource |
azurerm_container_group |
Ensure that Azure container environment variables are configured with secure values only |
Terraform |
AzureContainerInstanceEnvVarSecureValueType.py |
| 3974 |
CKV_AZURE_236 |
resource |
azurerm_cognitive_account |
Ensure that Cognitive Services accounts disable local authentication |
Terraform |
CognitiveServicesEnableLocalAuth.py |
| 3975 |
CKV_AZURE_237 |
resource |
azurerm_container_registry |
Ensure dedicated data endpoints are enabled. |
Terraform |
ACRDedicatedDataEndpointEnabled.py |
| 3976 |
CKV_AZURE_238 |
resource |
azurerm_cognitive_account |
Ensure that all Azure Cognitive Services accounts are configured with a managed identity |
Terraform |
CognitiveServicesConfigureIdentity.py |
| 3977 |
CKV_AZURE_239 |
resource |
azurerm_synapse_workspace |
Ensure Azure Synapse Workspace administrator login password is not exposed |
Terraform |
SynapseWorkspaceAdministratorLoginPasswordHidden.py |
| 3978 |
CKV_AZURE_240 |
resource |
azurerm_synapse_workspace |
Ensure Azure Synapse Workspace is encrypted with a CMK |
Terraform |
SynapseWorkspaceCMKEncryption.py |
| 3979 |
CKV_AZURE_241 |
resource |
azurerm_synapse_sql_pool |
Ensure Synapse SQL pools are encrypted |
Terraform |
SynapseSQLPoolDataEncryption.py |
| 3980 |
CKV_AZURE_242 |
resource |
azurerm_synapse_spark_pool |
Ensure isolated compute is enabled for Synapse Spark pools |
Terraform |
AzureSparkPoolIsolatedComputeEnabled.py |
| 3981 |
CKV_AZURE_244 |
resource |
azurerm_storage_account |
Avoid the use of local users for Azure Storage unless necessary |
Terraform |
StorageLocalUsers.py |
| 3982 |
CKV_AZURE_245 |
resource |
azurerm_container_group |
Ensure that Azure Container group is deployed into virtual network |
Terraform |
AzureContainerInstancePublicIPAddressType.py |
| 3983 |
CKV_AZURE_246 |
resource |
azurerm_kubernetes_cluster |
Ensure Azure AKS cluster HTTP application routing is disabled |
Terraform |
KubernetesClusterHTTPApplicationRouting.py |
| 3984 |
CKV_AZURE_247 |
resource |
azurerm_cognitive_account |
Ensure that Azure Cognitive Services account hosted with OpenAI is configured with data loss prevention |
Terraform |
OpenAICognitiveServicesRestrictOutboundNetwork.py |
| 3985 |
CKV_AZURE_248 |
resource |
azurerm_batch_account |
Ensure that if Azure Batch account public network access in case ‘enabled’ then its account access must be ‘deny’ |
Terraform |
AzureBatchAccountEndpointAccessDefaultAction.py |
| 3986 |
CKV_AZURE_249 |
resource |
azuread_application_federated_identity_credential |
Ensure Azure GitHub Actions OIDC trust policy is configured securely |
Terraform |
GithubActionsOIDCTrustPolicy.py |
| 3987 |
CKV_AZURE_250 |
resource |
azurerm_storage_sync |
Ensure Storage Sync Service is not configured with overly permissive network access |
Terraform |
StorageSyncServicePermissiveAccess.py |
| 3988 |
CKV_AZURE_251 |
resource |
azurerm_managed_disk |
Ensure Azure Virtual Machine disks are configured without public network access |
Terraform |
VMDiskWithPublicAccess.py |
| 3989 |
CKV2_AZURE_1 |
resource |
azurerm_storage_account |
Ensure storage for critical data are encrypted with Customer Managed Key |
Terraform |
StorageCriticalDataEncryptedCMK.yaml |
| 3990 |
CKV2_AZURE_2 |
resource |
azurerm_mssql_server |
Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account |
Terraform |
VAisEnabledInStorageAccount.yaml |
| 3991 |
CKV2_AZURE_2 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account |
Terraform |
VAisEnabledInStorageAccount.yaml |
| 3992 |
CKV2_AZURE_2 |
resource |
azurerm_sql_server |
Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account |
Terraform |
VAisEnabledInStorageAccount.yaml |
| 3993 |
CKV2_AZURE_3 |
resource |
azurerm_mssql_server |
Ensure that VA setting Periodic Recurring Scans is enabled on a SQL server |
Terraform |
VAsetPeriodicScansOnSQL.yaml |
| 3994 |
CKV2_AZURE_3 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that VA setting Periodic Recurring Scans is enabled on a SQL server |
Terraform |
VAsetPeriodicScansOnSQL.yaml |
| 3995 |
CKV2_AZURE_3 |
resource |
azurerm_mssql_server_vulnerability_assessment |
Ensure that VA setting Periodic Recurring Scans is enabled on a SQL server |
Terraform |
VAsetPeriodicScansOnSQL.yaml |
| 3996 |
CKV2_AZURE_3 |
resource |
azurerm_sql_server |
Ensure that VA setting Periodic Recurring Scans is enabled on a SQL server |
Terraform |
VAsetPeriodicScansOnSQL.yaml |
| 3997 |
CKV2_AZURE_4 |
resource |
azurerm_mssql_server |
Ensure Azure SQL server ADS VA Send scan reports to is configured |
Terraform |
VAconfiguredToSendReports.yaml |
| 3998 |
CKV2_AZURE_4 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure Azure SQL server ADS VA Send scan reports to is configured |
Terraform |
VAconfiguredToSendReports.yaml |
| 3999 |
CKV2_AZURE_4 |
resource |
azurerm_mssql_server_vulnerability_assessment |
Ensure Azure SQL server ADS VA Send scan reports to is configured |
Terraform |
VAconfiguredToSendReports.yaml |
| 4000 |
CKV2_AZURE_4 |
resource |
azurerm_sql_server |
Ensure Azure SQL server ADS VA Send scan reports to is configured |
Terraform |
VAconfiguredToSendReports.yaml |
| 4001 |
CKV2_AZURE_5 |
resource |
azurerm_mssql_server |
Ensure that VA setting ‘Also send email notifications to admins and subscription owners’ is set for a SQL server |
Terraform |
VAconfiguredToSendReportsToAdmins.yaml |
| 4002 |
CKV2_AZURE_5 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that VA setting ‘Also send email notifications to admins and subscription owners’ is set for a SQL server |
Terraform |
VAconfiguredToSendReportsToAdmins.yaml |
| 4003 |
CKV2_AZURE_5 |
resource |
azurerm_mssql_server_vulnerability_assessment |
Ensure that VA setting ‘Also send email notifications to admins and subscription owners’ is set for a SQL server |
Terraform |
VAconfiguredToSendReportsToAdmins.yaml |
| 4004 |
CKV2_AZURE_5 |
resource |
azurerm_sql_server |
Ensure that VA setting ‘Also send email notifications to admins and subscription owners’ is set for a SQL server |
Terraform |
VAconfiguredToSendReportsToAdmins.yaml |
| 4005 |
CKV2_AZURE_6 |
resource |
azurerm_sql_firewall_rule |
Ensure ‘Allow access to Azure services’ for PostgreSQL Database Server is disabled |
Terraform |
AccessToPostgreSQLFromAzureServicesIsDisabled.yaml |
| 4006 |
CKV2_AZURE_6 |
resource |
azurerm_sql_server |
Ensure ‘Allow access to Azure services’ for PostgreSQL Database Server is disabled |
Terraform |
AccessToPostgreSQLFromAzureServicesIsDisabled.yaml |
| 4007 |
CKV2_AZURE_7 |
resource |
azurerm_sql_server |
Ensure that Azure Active Directory Admin is configured |
Terraform |
AzureActiveDirectoryAdminIsConfigured.yaml |
| 4008 |
CKV2_AZURE_8 |
resource |
azurerm_monitor_activity_log_alert |
Ensure the storage container storing the activity logs is not publicly accessible |
Terraform |
StorageContainerActivityLogsNotPublic.yaml |
| 4009 |
CKV2_AZURE_8 |
resource |
azurerm_storage_account |
Ensure the storage container storing the activity logs is not publicly accessible |
Terraform |
StorageContainerActivityLogsNotPublic.yaml |
| 4010 |
CKV2_AZURE_8 |
resource |
azurerm_storage_container |
Ensure the storage container storing the activity logs is not publicly accessible |
Terraform |
StorageContainerActivityLogsNotPublic.yaml |
| 4011 |
CKV2_AZURE_9 |
resource |
azurerm_virtual_machine |
Ensure Virtual Machines are utilizing Managed Disks |
Terraform |
VirtualMachinesUtilizingManagedDisks.yaml |
| 4012 |
CKV2_AZURE_10 |
resource |
azurerm_virtual_machine |
Ensure that Microsoft Antimalware is configured to automatically updates for Virtual Machines |
Terraform |
AzureAntimalwareIsConfiguredWithAutoUpdatesForVMs.yaml |
| 4013 |
CKV2_AZURE_10 |
resource |
azurerm_virtual_machine_extension |
Ensure that Microsoft Antimalware is configured to automatically updates for Virtual Machines |
Terraform |
AzureAntimalwareIsConfiguredWithAutoUpdatesForVMs.yaml |
| 4014 |
CKV2_AZURE_11 |
resource |
azurerm_kusto_cluster |
Ensure that Azure Data Explorer encryption at rest uses a customer-managed key |
Terraform |
DataExplorerEncryptionUsesCustomKey.yaml |
| 4015 |
CKV2_AZURE_12 |
resource |
azurerm_virtual_machine |
Ensure that virtual machines are backed up using Azure Backup |
Terraform |
VMHasBackUpMachine.yaml |
| 4016 |
CKV2_AZURE_13 |
resource |
azurerm_mssql_server_security_alert_policy |
Ensure that sql servers enables data security policy |
Terraform |
AzureMSSQLServerHasSecurityAlertPolicy.yaml |
| 4017 |
CKV2_AZURE_13 |
resource |
azurerm_sql_server |
Ensure that sql servers enables data security policy |
Terraform |
AzureMSSQLServerHasSecurityAlertPolicy.yaml |
| 4018 |
CKV2_AZURE_14 |
resource |
azurerm_managed_disk |
Ensure that Unattached disks are encrypted |
Terraform |
AzureUnattachedDisksAreEncrypted.yaml |
| 4019 |
CKV2_AZURE_14 |
resource |
azurerm_virtual_machine |
Ensure that Unattached disks are encrypted |
Terraform |
AzureUnattachedDisksAreEncrypted.yaml |
| 4020 |
CKV2_AZURE_15 |
resource |
azurerm_data_factory |
Ensure that Azure data factories are encrypted with a customer-managed key |
Terraform |
AzureDataFactoriesEncryptedWithCustomerManagedKey.yaml |
| 4021 |
CKV2_AZURE_16 |
resource |
azurerm_mysql_server |
Ensure that MySQL server enables customer-managed key for encryption |
Terraform |
MSQLenablesCustomerManagedKey.yaml |
| 4022 |
CKV2_AZURE_16 |
resource |
azurerm_mysql_server_key |
Ensure that MySQL server enables customer-managed key for encryption |
Terraform |
MSQLenablesCustomerManagedKey.yaml |
| 4023 |
CKV2_AZURE_17 |
resource |
azurerm_postgresql_server |
Ensure that PostgreSQL server enables customer-managed key for encryption |
Terraform |
PGSQLenablesCustomerManagedKey.yaml |
| 4024 |
CKV2_AZURE_17 |
resource |
azurerm_postgresql_server_key |
Ensure that PostgreSQL server enables customer-managed key for encryption |
Terraform |
PGSQLenablesCustomerManagedKey.yaml |
| 4025 |
CKV2_AZURE_19 |
resource |
azurerm_synapse_workspace |
Ensure that Azure Synapse workspaces have no IP firewall rules attached |
Terraform |
AzureSynapseWorkspacesHaveNoIPFirewallRulesAttached.yaml |
| 4026 |
CKV2_AZURE_20 |
resource |
azurerm_log_analytics_storage_insights |
Ensure Storage logging is enabled for Table service for read requests |
Terraform |
StorageLoggingIsEnabledForTableService.yaml |
| 4027 |
CKV2_AZURE_20 |
resource |
azurerm_storage_account |
Ensure Storage logging is enabled for Table service for read requests |
Terraform |
StorageLoggingIsEnabledForTableService.yaml |
| 4028 |
CKV2_AZURE_20 |
resource |
azurerm_storage_table |
Ensure Storage logging is enabled for Table service for read requests |
Terraform |
StorageLoggingIsEnabledForTableService.yaml |
| 4029 |
CKV2_AZURE_21 |
resource |
azurerm_log_analytics_storage_insights |
Ensure Storage logging is enabled for Blob service for read requests |
Terraform |
StorageLoggingIsEnabledForBlobService.yaml |
| 4030 |
CKV2_AZURE_21 |
resource |
azurerm_storage_account |
Ensure Storage logging is enabled for Blob service for read requests |
Terraform |
StorageLoggingIsEnabledForBlobService.yaml |
| 4031 |
CKV2_AZURE_21 |
resource |
azurerm_storage_container |
Ensure Storage logging is enabled for Blob service for read requests |
Terraform |
StorageLoggingIsEnabledForBlobService.yaml |
| 4032 |
CKV2_AZURE_22 |
resource |
azurerm_cognitive_account |
Ensure that Cognitive Services enables customer-managed key for encryption |
Terraform |
CognitiveServicesCustomerManagedKey.yaml |
| 4033 |
CKV2_AZURE_22 |
resource |
azurerm_cognitive_account_customer_managed_key |
Ensure that Cognitive Services enables customer-managed key for encryption |
Terraform |
CognitiveServicesCustomerManagedKey.yaml |
| 4034 |
CKV2_AZURE_23 |
resource |
azurerm_spring_cloud_service |
Ensure Azure spring cloud is configured with Virtual network (Vnet) |
Terraform |
AzureSpringCloudConfigWithVnet.yaml |
| 4035 |
CKV2_AZURE_24 |
resource |
azurerm_automation_account |
Ensure Azure automation account does NOT have overly permissive network access |
Terraform |
AzureAutomationAccNotOverlyPermissiveNetAccess.yaml |
| 4036 |
CKV2_AZURE_25 |
resource |
azurerm_mssql_database |
Ensure Azure SQL database Transparent Data Encryption (TDE) is enabled |
Terraform |
AzureSqlDbEnableTransparentDataEncryption.yaml |
| 4037 |
CKV2_AZURE_26 |
resource |
azurerm_postgresql_flexible_server_firewall_rule |
Ensure Azure PostgreSQL Flexible server is not configured with overly permissive network access |
Terraform |
AzurePostgreSQLFlexServerNotOverlyPermissive.yaml |
| 4038 |
CKV2_AZURE_27 |
resource |
azurerm_mssql_server |
Ensure Azure AD authentication is enabled for Azure SQL (MSSQL) |
Terraform |
AzureConfigMSSQLwithAD.yaml |
| 4039 |
CKV2_AZURE_28 |
resource |
azurerm_container_group |
Ensure Container Instance is configured with managed identity |
Terraform |
AzureContainerInstanceconfigManagedIdentity.yaml |
| 4040 |
CKV2_AZURE_29 |
resource |
azurerm_kubernetes_cluster |
Ensure AKS cluster has Azure CNI networking enabled |
Terraform |
AzureAKSclusterAzureCNIEnabled.yaml |
| 4041 |
CKV2_AZURE_30 |
resource |
azurerm_container_registry_webhook |
Ensure Azure Container Registry (ACR) has HTTPS enabled for webhook |
Terraform |
AzureACR_HTTPSwebhook.yaml |
| 4042 |
CKV2_AZURE_31 |
resource |
azurerm_subnet |
Ensure VNET subnet is configured with a Network Security Group (NSG) |
Terraform |
AzureSubnetConfigWithNSG.yaml |
| 4043 |
CKV2_AZURE_32 |
resource |
azurerm_key_vault |
Ensure private endpoint is configured to key vault |
Terraform |
AzureKeyVaultConfigPrivateEndpoint.yaml |
| 4044 |
CKV2_AZURE_33 |
resource |
azurerm_storage_account |
Ensure storage account is configured with private endpoint |
Terraform |
AzureStorageAccConfigWithPrivateEndpoint.yaml |
| 4045 |
CKV2_AZURE_34 |
resource |
azurerm_mssql_firewall_rule |
Ensure Azure SQL server firewall is not overly permissive |
Terraform |
AzureSQLserverNotOverlyPermissive.yaml |
| 4046 |
CKV2_AZURE_34 |
resource |
azurerm_sql_firewall_rule |
Ensure Azure SQL server firewall is not overly permissive |
Terraform |
AzureSQLserverNotOverlyPermissive.yaml |
| 4047 |
CKV2_AZURE_35 |
resource |
azurerm_recovery_services_vault |
Ensure Azure recovery services vault is configured with managed identity |
Terraform |
AzureRecoveryServicesvaultConfigManagedIdentity.yaml |
| 4048 |
CKV2_AZURE_36 |
resource |
azurerm_automation_account |
Ensure Azure automation account is configured with managed identity |
Terraform |
AzureAutomationAccConfigManagedIdentity.yaml |
| 4049 |
CKV2_AZURE_37 |
resource |
azurerm_mariadb_server |
Ensure Azure MariaDB server is using latest TLS (1.2) |
Terraform |
AzureMariaDBserverUsingTLS_1_2.yaml |
| 4050 |
CKV2_AZURE_38 |
resource |
azurerm_storage_account |
Ensure soft-delete is enabled on Azure storage account |
Terraform |
AzureStorageAccountEnableSoftDelete.yaml |
| 4051 |
CKV2_AZURE_39 |
resource |
azurerm_linux_virtual_machine |
Ensure Azure VM is not configured with public IP and serial console access |
Terraform |
AzureVMconfigPublicIP_SerialConsoleAccess.yaml |
| 4052 |
CKV2_AZURE_39 |
resource |
azurerm_network_interface |
Ensure Azure VM is not configured with public IP and serial console access |
Terraform |
AzureVMconfigPublicIP_SerialConsoleAccess.yaml |
| 4053 |
CKV2_AZURE_39 |
resource |
azurerm_virtual_machine |
Ensure Azure VM is not configured with public IP and serial console access |
Terraform |
AzureVMconfigPublicIP_SerialConsoleAccess.yaml |
| 4054 |
CKV2_AZURE_39 |
resource |
azurerm_windows_virtual_machine |
Ensure Azure VM is not configured with public IP and serial console access |
Terraform |
AzureVMconfigPublicIP_SerialConsoleAccess.yaml |
| 4055 |
CKV2_AZURE_40 |
resource |
azurerm_storage_account |
Ensure storage account is not configured with Shared Key authorization |
Terraform |
AzureStorageAccConfigSharedKeyAuth.yaml |
| 4056 |
CKV2_AZURE_41 |
resource |
azurerm_storage_account |
Ensure storage account is configured with SAS expiration policy |
Terraform |
AzureStorageAccConfig_SAS_expirePolicy.yaml |
| 4057 |
CKV2_AZURE_42 |
resource |
azurerm_postgresql_server |
Ensure Azure PostgreSQL server is configured with private endpoint |
Terraform |
AzurePostgreSQLserverConfigPrivEndpt.yaml |
| 4058 |
CKV2_AZURE_43 |
resource |
azurerm_mariadb_server |
Ensure Azure MariaDB server is configured with private endpoint |
Terraform |
AzureMariaDBserverConfigPrivEndpt.yaml |
| 4059 |
CKV2_AZURE_44 |
resource |
azurerm_mysql_server |
Ensure Azure MySQL server is configured with private endpoint |
Terraform |
AzureMySQLserverConfigPrivEndpt.yaml |
| 4060 |
CKV2_AZURE_45 |
resource |
azurerm_mssql_server |
Ensure Microsoft SQL server is configured with private endpoint |
Terraform |
AzureMSSQLserverConfigPrivEndpt.yaml |
| 4061 |
CKV2_AZURE_46 |
resource |
azurerm_synapse_workspace_security_alert_policy |
Ensure that Azure Synapse Workspace vulnerability assessment is enabled |
Terraform |
AzureSynapseWorkspaceVAisEnabled.yaml |
| 4062 |
CKV2_AZURE_46 |
resource |
azurerm_synapse_workspace_vulnerability_assessment |
Ensure that Azure Synapse Workspace vulnerability assessment is enabled |
Terraform |
AzureSynapseWorkspaceVAisEnabled.yaml |
| 4063 |
CKV2_AZURE_47 |
resource |
azurerm_storage_account |
Ensure storage account is configured without blob anonymous access |
Terraform |
AzureStorageAccConfigWithoutBlobAnonymousAccess.yaml |
| 4064 |
CKV2_AZURE_48 |
resource |
azurerm_databricks_workspace |
Ensure that Databricks Workspaces enables customer-managed key for root DBFS encryption |
Terraform |
DatabricksWorkspaceDBFSRootEncryptedWithCustomerManagedKey.yaml |
| 4065 |
CKV2_AZURE_49 |
resource |
azurerm_machine_learning_workspace |
Ensure that Azure Machine learning workspace is not configured with overly permissive network access |
Terraform |
AzureMLWorkspacePublicNetwork.yaml |
| 4066 |
CKV2_AZURE_50 |
resource |
azurerm_machine_learning_workspace |
Ensure Azure Storage Account storing Machine Learning workspace high business impact data is not publicly accessible |
Terraform |
AzureMLWorkspaceHBIPublicNetwork.yaml |
| 4067 |
CKV2_AZURE_50 |
resource |
azurerm_storage_account |
Ensure Azure Storage Account storing Machine Learning workspace high business impact data is not publicly accessible |
Terraform |
AzureMLWorkspaceHBIPublicNetwork.yaml |
| 4068 |
CKV2_AZURE_51 |
resource |
azurerm_synapse_sql_pool |
Ensure Synapse SQL Pool has a security alert policy |
Terraform |
SynapseSQLPoolHasSecurityAlertPolicy.yaml |
| 4069 |
CKV2_AZURE_51 |
resource |
azurerm_synapse_sql_pool_security_alert_policy |
Ensure Synapse SQL Pool has a security alert policy |
Terraform |
SynapseSQLPoolHasSecurityAlertPolicy.yaml |
| 4070 |
CKV2_AZURE_52 |
resource |
azurerm_synapse_sql_pool |
Ensure Synapse SQL Pool has vulnerability assessment attached |
Terraform |
SynapseSQLPoolHasVulnerabilityAssessment.yaml |
| 4071 |
CKV2_AZURE_52 |
resource |
azurerm_synapse_sql_pool_security_alert_policy |
Ensure Synapse SQL Pool has vulnerability assessment attached |
Terraform |
SynapseSQLPoolHasVulnerabilityAssessment.yaml |
| 4072 |
CKV2_AZURE_52 |
resource |
azurerm_synapse_sql_pool_vulnerability_assessment |
Ensure Synapse SQL Pool has vulnerability assessment attached |
Terraform |
SynapseSQLPoolHasVulnerabilityAssessment.yaml |
| 4073 |
CKV2_AZURE_53 |
resource |
azurerm_synapse_workspace |
Ensure Azure Synapse Workspace has extended audit logs |
Terraform |
SynapseWorkspaceHasExtendedAuditLogs.yaml |
| 4074 |
CKV2_AZURE_54 |
resource |
azurerm_synapse_sql_pool |
Ensure log monitoring is enabled for Synapse SQL Pool |
Terraform |
SynapseLogMonitoringEnabledForSQLPool.yaml |
| 4075 |
CKV2_AZURE_54 |
resource |
azurerm_synapse_sql_pool_extended_auditing_policy |
Ensure log monitoring is enabled for Synapse SQL Pool |
Terraform |
SynapseLogMonitoringEnabledForSQLPool.yaml |
| 4076 |
CKV2_AZURE_55 |
resource |
azurerm_spring_cloud_app |
Ensure Azure Spring Cloud app end-to-end TLS is enabled |
Terraform |
AzureSpringCloudTLSDisabled.yaml |
| 4077 |
CKV2_AZURE_55 |
resource |
azurerm_spring_cloud_service |
Ensure Azure Spring Cloud app end-to-end TLS is enabled |
Terraform |
AzureSpringCloudTLSDisabled.yaml |
| 4078 |
CKV2_AZURE_56 |
resource |
azurerm_mysql_flexible_server |
Ensure Azure MySQL Flexible Server is configured with private endpoint |
Terraform |
AzureMySQLFlexibleServerConfigPrivEndpt.yaml |
| 4079 |
CKV2_AZURE_57 |
resource |
azurerm_postgresql_flexible_server |
Ensure PostgreSQL Flexible Server is configured with private endpoint |
Terraform |
AzurePostgreSQLFlexibleServerConfigPrivEndpt.yaml |
| 4080 |
CKV_BCW_1 |
provider |
bridgecrew |
Ensure no hard coded API token exist in the provider |
Terraform |
credentials.py |
| 4081 |
CKV_DIO_1 |
resource |
digitalocean_spaces_bucket |
Ensure the Spaces bucket has versioning enabled |
Terraform |
SpacesBucketVersioning.py |
| 4082 |
CKV_DIO_2 |
resource |
digitalocean_droplet |
Ensure the droplet specifies an SSH key |
Terraform |
DropletSSHKeys.py |
| 4083 |
CKV_DIO_3 |
resource |
digitalocean_spaces_bucket |
Ensure the Spaces bucket is private |
Terraform |
SpacesBucketPublicRead.py |
| 4084 |
CKV_DIO_4 |
resource |
digitalocean_firewall |
Ensure the firewall ingress is not wide open |
Terraform |
FirewallIngressOpen.py |
| 4085 |
CKV_GCP_1 |
resource |
google_container_cluster |
Ensure Stackdriver Logging is set to Enabled on Kubernetes Engine Clusters |
Terraform |
GKEClusterLogging.py |
| 4086 |
CKV_GCP_2 |
resource |
google_compute_firewall |
Ensure Google compute firewall ingress does not allow unrestricted ssh access |
Terraform |
GoogleComputeFirewallUnrestrictedIngress22.py |
| 4087 |
CKV_GCP_3 |
resource |
google_compute_firewall |
Ensure Google compute firewall ingress does not allow unrestricted rdp access |
Terraform |
GoogleComputeFirewallUnrestrictedIngress3389.py |
| 4088 |
CKV_GCP_4 |
resource |
google_compute_ssl_policy |
Ensure no HTTPS or SSL proxy load balancers permit SSL policies with weak cipher suites |
Terraform |
GoogleComputeSSLPolicy.py |
| 4089 |
CKV_GCP_6 |
resource |
google_sql_database_instance |
Ensure all Cloud SQL database instance requires all incoming connections to use SSL |
Terraform |
GoogleCloudSqlDatabaseRequireSsl.py |
| 4090 |
CKV_GCP_7 |
resource |
google_container_cluster |
Ensure Legacy Authorization is set to Disabled on Kubernetes Engine Clusters |
Terraform |
GKEDisableLegacyAuth.py |
| 4091 |
CKV_GCP_8 |
resource |
google_container_cluster |
Ensure Stackdriver Monitoring is set to Enabled on Kubernetes Engine Clusters |
Terraform |
GKEMonitoringEnabled.py |
| 4092 |
CKV_GCP_9 |
resource |
google_container_node_pool |
Ensure ‘Automatic node repair’ is enabled for Kubernetes Clusters |
Terraform |
GKENodePoolAutoRepairEnabled.py |
| 4093 |
CKV_GCP_10 |
resource |
google_container_node_pool |
Ensure ‘Automatic node upgrade’ is enabled for Kubernetes Clusters |
Terraform |
GKENodePoolAutoUpgradeEnabled.py |
| 4094 |
CKV_GCP_11 |
resource |
google_sql_database_instance |
Ensure that Cloud SQL database Instances are not open to the world |
Terraform |
GoogleCloudSqlDatabasePubliclyAccessible.py |
| 4095 |
CKV_GCP_12 |
resource |
google_container_cluster |
Ensure Network Policy is enabled on Kubernetes Engine Clusters |
Terraform |
GKENetworkPolicyEnabled.py |
| 4096 |
CKV_GCP_13 |
resource |
google_container_cluster |
Ensure client certificate authentication to Kubernetes Engine Clusters is disabled |
Terraform |
GKEClientCertificateDisabled.py |
| 4097 |
CKV_GCP_14 |
resource |
google_sql_database_instance |
Ensure all Cloud SQL database instance have backup configuration enabled |
Terraform |
GoogleCloudSqlBackupConfiguration.py |
| 4098 |
CKV_GCP_15 |
resource |
google_bigquery_dataset |
Ensure that BigQuery datasets are not anonymously or publicly accessible |
Terraform |
GoogleBigQueryDatasetPublicACL.py |
| 4099 |
CKV_GCP_16 |
resource |
google_dns_managed_zone |
Ensure that DNSSEC is enabled for Cloud DNS |
Terraform |
GoogleCloudDNSSECEnabled.py |
| 4100 |
CKV_GCP_17 |
resource |
google_dns_managed_zone |
Ensure that RSASHA1 is not used for the zone-signing and key-signing keys in Cloud DNS DNSSEC |
Terraform |
GoogleCloudDNSKeySpecsRSASHA1.py |
| 4101 |
CKV_GCP_18 |
resource |
google_container_cluster |
Ensure GKE Control Plane is not public |
Terraform |
GKEPublicControlPlane.py |
| 4102 |
CKV_GCP_20 |
resource |
google_container_cluster |
Ensure master authorized networks is set to enabled in GKE clusters |
Terraform |
GKEMasterAuthorizedNetworksEnabled.py |
| 4103 |
CKV_GCP_21 |
resource |
google_container_cluster |
Ensure Kubernetes Clusters are configured with Labels |
Terraform |
GKEHasLabels.py |
| 4104 |
CKV_GCP_22 |
resource |
google_container_node_pool |
Ensure Container-Optimized OS (cos) is used for Kubernetes Engine Clusters Node image |
Terraform |
GKEUseCosImage.py |
| 4105 |
CKV_GCP_23 |
resource |
google_container_cluster |
Ensure Kubernetes Cluster is created with Alias IP ranges enabled |
Terraform |
GKEAliasIpEnabled.py |
| 4106 |
CKV_GCP_24 |
resource |
google_container_cluster |
Ensure PodSecurityPolicy controller is enabled on the Kubernetes Engine Clusters |
Terraform |
GKEPodSecurityPolicyEnabled.py |
| 4107 |
CKV_GCP_25 |
resource |
google_container_cluster |
Ensure Kubernetes Cluster is created with Private cluster enabled |
Terraform |
GKEPrivateClusterConfig.py |
| 4108 |
CKV_GCP_26 |
resource |
google_compute_subnetwork |
Ensure that VPC Flow Logs is enabled for every subnet in a VPC Network |
Terraform |
GoogleSubnetworkLoggingEnabled.py |
| 4109 |
CKV_GCP_27 |
resource |
google_project |
Ensure that the default network does not exist in a project |
Terraform |
GoogleProjectDefaultNetwork.py |
| 4110 |
CKV_GCP_28 |
resource |
google_storage_bucket_iam_binding |
Ensure that Cloud Storage bucket is not anonymously or publicly accessible |
Terraform |
GoogleStorageBucketNotPublic.py |
| 4111 |
CKV_GCP_28 |
resource |
google_storage_bucket_iam_member |
Ensure that Cloud Storage bucket is not anonymously or publicly accessible |
Terraform |
GoogleStorageBucketNotPublic.py |
| 4112 |
CKV_GCP_29 |
resource |
google_storage_bucket |
Ensure that Cloud Storage buckets have uniform bucket-level access enabled |
Terraform |
GoogleStorageBucketUniformAccess.py |
| 4113 |
CKV_GCP_30 |
resource |
google_compute_instance |
Ensure that instances are not configured to use the default service account |
Terraform |
GoogleComputeDefaultServiceAccount.py |
| 4114 |
CKV_GCP_30 |
resource |
google_compute_instance_from_template |
Ensure that instances are not configured to use the default service account |
Terraform |
GoogleComputeDefaultServiceAccount.py |
| 4115 |
CKV_GCP_30 |
resource |
google_compute_instance_template |
Ensure that instances are not configured to use the default service account |
Terraform |
GoogleComputeDefaultServiceAccount.py |
| 4116 |
CKV_GCP_31 |
resource |
google_compute_instance |
Ensure that instances are not configured to use the default service account with full access to all Cloud APIs |
Terraform |
GoogleComputeDefaultServiceAccountFullAccess.py |
| 4117 |
CKV_GCP_31 |
resource |
google_compute_instance_from_template |
Ensure that instances are not configured to use the default service account with full access to all Cloud APIs |
Terraform |
GoogleComputeDefaultServiceAccountFullAccess.py |
| 4118 |
CKV_GCP_31 |
resource |
google_compute_instance_template |
Ensure that instances are not configured to use the default service account with full access to all Cloud APIs |
Terraform |
GoogleComputeDefaultServiceAccountFullAccess.py |
| 4119 |
CKV_GCP_32 |
resource |
google_compute_instance |
Ensure ‘Block Project-wide SSH keys’ is enabled for VM instances |
Terraform |
GoogleComputeBlockProjectSSH.py |
| 4120 |
CKV_GCP_32 |
resource |
google_compute_instance_from_template |
Ensure ‘Block Project-wide SSH keys’ is enabled for VM instances |
Terraform |
GoogleComputeBlockProjectSSH.py |
| 4121 |
CKV_GCP_32 |
resource |
google_compute_instance_template |
Ensure ‘Block Project-wide SSH keys’ is enabled for VM instances |
Terraform |
GoogleComputeBlockProjectSSH.py |
| 4122 |
CKV_GCP_33 |
resource |
google_compute_project_metadata |
Ensure oslogin is enabled for a Project |
Terraform |
GoogleComputeProjectOSLogin.py |
| 4123 |
CKV_GCP_34 |
resource |
google_compute_instance |
Ensure that no instance in the project overrides the project setting for enabling OSLogin(OSLogin needs to be enabled in project metadata for all instances) |
Terraform |
GoogleComputeInstanceOSLogin.py |
| 4124 |
CKV_GCP_34 |
resource |
google_compute_instance_from_template |
Ensure that no instance in the project overrides the project setting for enabling OSLogin(OSLogin needs to be enabled in project metadata for all instances) |
Terraform |
GoogleComputeInstanceOSLogin.py |
| 4125 |
CKV_GCP_34 |
resource |
google_compute_instance_template |
Ensure that no instance in the project overrides the project setting for enabling OSLogin(OSLogin needs to be enabled in project metadata for all instances) |
Terraform |
GoogleComputeInstanceOSLogin.py |
| 4126 |
CKV_GCP_35 |
resource |
google_compute_instance |
Ensure ‘Enable connecting to serial ports’ is not enabled for VM Instance |
Terraform |
GoogleComputeSerialPorts.py |
| 4127 |
CKV_GCP_35 |
resource |
google_compute_instance_from_template |
Ensure ‘Enable connecting to serial ports’ is not enabled for VM Instance |
Terraform |
GoogleComputeSerialPorts.py |
| 4128 |
CKV_GCP_35 |
resource |
google_compute_instance_template |
Ensure ‘Enable connecting to serial ports’ is not enabled for VM Instance |
Terraform |
GoogleComputeSerialPorts.py |
| 4129 |
CKV_GCP_36 |
resource |
google_compute_instance |
Ensure that IP forwarding is not enabled on Instances |
Terraform |
GoogleComputeIPForward.py |
| 4130 |
CKV_GCP_36 |
resource |
google_compute_instance_from_template |
Ensure that IP forwarding is not enabled on Instances |
Terraform |
GoogleComputeIPForward.py |
| 4131 |
CKV_GCP_36 |
resource |
google_compute_instance_template |
Ensure that IP forwarding is not enabled on Instances |
Terraform |
GoogleComputeIPForward.py |
| 4132 |
CKV_GCP_37 |
resource |
google_compute_disk |
Ensure VM disks for critical VMs are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
GoogleComputeDiskEncryption.py |
| 4133 |
CKV_GCP_38 |
resource |
google_compute_instance |
Ensure VM disks for critical VMs are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
GoogleComputeBootDiskEncryption.py |
| 4134 |
CKV_GCP_39 |
resource |
google_compute_instance |
Ensure Compute instances are launched with Shielded VM enabled |
Terraform |
GoogleComputeShieldedVM.py |
| 4135 |
CKV_GCP_39 |
resource |
google_compute_instance_from_template |
Ensure Compute instances are launched with Shielded VM enabled |
Terraform |
GoogleComputeShieldedVM.py |
| 4136 |
CKV_GCP_39 |
resource |
google_compute_instance_template |
Ensure Compute instances are launched with Shielded VM enabled |
Terraform |
GoogleComputeShieldedVM.py |
| 4137 |
CKV_GCP_40 |
resource |
google_compute_instance |
Ensure that Compute instances do not have public IP addresses |
Terraform |
GoogleComputeExternalIP.py |
| 4138 |
CKV_GCP_40 |
resource |
google_compute_instance_from_template |
Ensure that Compute instances do not have public IP addresses |
Terraform |
GoogleComputeExternalIP.py |
| 4139 |
CKV_GCP_40 |
resource |
google_compute_instance_template |
Ensure that Compute instances do not have public IP addresses |
Terraform |
GoogleComputeExternalIP.py |
| 4140 |
CKV_GCP_41 |
resource |
google_project_iam_binding |
Ensure that IAM users are not assigned the Service Account User or Service Account Token Creator roles at project level |
Terraform |
GoogleRoleServiceAccountUser.py |
| 4141 |
CKV_GCP_41 |
resource |
google_project_iam_member |
Ensure that IAM users are not assigned the Service Account User or Service Account Token Creator roles at project level |
Terraform |
GoogleRoleServiceAccountUser.py |
| 4142 |
CKV_GCP_42 |
resource |
google_project_iam_member |
Ensure that Service Account has no Admin privileges |
Terraform |
GoogleProjectAdminServiceAccount.py |
| 4143 |
CKV_GCP_43 |
resource |
google_kms_crypto_key |
Ensure KMS encryption keys are rotated within a period of 90 days |
Terraform |
GoogleKMSRotationPeriod.py |
| 4144 |
CKV_GCP_44 |
resource |
google_folder_iam_binding |
Ensure no roles that enable to impersonate and manage all service accounts are used at a folder level |
Terraform |
GoogleFolderImpersonationRole.py |
| 4145 |
CKV_GCP_44 |
resource |
google_folder_iam_member |
Ensure no roles that enable to impersonate and manage all service accounts are used at a folder level |
Terraform |
GoogleFolderImpersonationRole.py |
| 4146 |
CKV_GCP_45 |
resource |
google_organization_iam_binding |
Ensure no roles that enable to impersonate and manage all service accounts are used at an organization level |
Terraform |
GoogleOrgImpersonationRole.py |
| 4147 |
CKV_GCP_45 |
resource |
google_organization_iam_member |
Ensure no roles that enable to impersonate and manage all service accounts are used at an organization level |
Terraform |
GoogleOrgImpersonationRole.py |
| 4148 |
CKV_GCP_46 |
resource |
google_project_iam_binding |
Ensure Default Service account is not used at a project level |
Terraform |
GoogleProjectMemberDefaultServiceAccount.py |
| 4149 |
CKV_GCP_46 |
resource |
google_project_iam_member |
Ensure Default Service account is not used at a project level |
Terraform |
GoogleProjectMemberDefaultServiceAccount.py |
| 4150 |
CKV_GCP_47 |
resource |
google_organization_iam_binding |
Ensure default service account is not used at an organization level |
Terraform |
GoogleOrgMemberDefaultServiceAccount.py |
| 4151 |
CKV_GCP_47 |
resource |
google_organization_iam_member |
Ensure default service account is not used at an organization level |
Terraform |
GoogleOrgMemberDefaultServiceAccount.py |
| 4152 |
CKV_GCP_48 |
resource |
google_folder_iam_binding |
Ensure Default Service account is not used at a folder level |
Terraform |
GoogleFolderMemberDefaultServiceAccount.py |
| 4153 |
CKV_GCP_48 |
resource |
google_folder_iam_member |
Ensure Default Service account is not used at a folder level |
Terraform |
GoogleFolderMemberDefaultServiceAccount.py |
| 4154 |
CKV_GCP_49 |
resource |
google_project_iam_binding |
Ensure roles do not impersonate or manage Service Accounts used at project level |
Terraform |
GoogleProjectImpersonationRole.py |
| 4155 |
CKV_GCP_49 |
resource |
google_project_iam_member |
Ensure roles do not impersonate or manage Service Accounts used at project level |
Terraform |
GoogleProjectImpersonationRole.py |
| 4156 |
CKV_GCP_50 |
resource |
google_sql_database_instance |
Ensure MySQL database ‘local_infile’ flag is set to ‘off’ |
Terraform |
GoogleCloudMySqlLocalInfileOff.py |
| 4157 |
CKV_GCP_51 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_checkpoints’ flag is set to ‘on’ |
Terraform |
GoogleCloudPostgreSqlLogCheckpoints.py |
| 4158 |
CKV_GCP_52 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_connections’ flag is set to ‘on’ |
Terraform |
GoogleCloudPostgreSqlLogConnection.py |
| 4159 |
CKV_GCP_53 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_disconnections’ flag is set to ‘on’ |
Terraform |
GoogleCloudPostgreSqlLogDisconnection.py |
| 4160 |
CKV_GCP_54 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_lock_waits’ flag is set to ‘on’ |
Terraform |
GoogleCloudPostgreSqlLogLockWaits.py |
| 4161 |
CKV_GCP_55 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_min_messages’ flag is set to a valid value |
Terraform |
GoogleCloudPostgreSqlLogMinMessage.py |
| 4162 |
CKV_GCP_56 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_temp_files flag is set to ‘0’ |
Terraform |
GoogleCloudPostgreSqlLogTemp.py |
| 4163 |
CKV_GCP_57 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database ‘log_min_duration_statement’ flag is set to ‘-1’ |
Terraform |
GoogleCloudPostgreSqlLogMinDuration.py |
| 4164 |
CKV_GCP_58 |
resource |
google_sql_database_instance |
Ensure SQL database ‘cross db ownership chaining’ flag is set to ‘off’ |
Terraform |
GoogleCloudSqlServerCrossDBOwnershipChaining.py |
| 4165 |
CKV_GCP_59 |
resource |
google_sql_database_instance |
Ensure SQL database ‘contained database authentication’ flag is set to ‘off’ |
Terraform |
GoogleCloudSqlServerContainedDBAuthentication.py |
| 4166 |
CKV_GCP_60 |
resource |
google_sql_database_instance |
Ensure Cloud SQL database does not have public IP |
Terraform |
GoogleCloudSqlServerNoPublicIP.py |
| 4167 |
CKV_GCP_61 |
resource |
google_container_cluster |
Enable VPC Flow Logs and Intranode Visibility |
Terraform |
GKEEnableVPCFlowLogs.py |
| 4168 |
CKV_GCP_62 |
resource |
google_storage_bucket |
Bucket should log access |
Terraform |
CloudStorageLogging.py |
| 4169 |
CKV_GCP_63 |
resource |
google_storage_bucket |
Bucket should not log to itself |
Terraform |
CloudStorageSelfLogging.py |
| 4170 |
CKV_GCP_64 |
resource |
google_container_cluster |
Ensure clusters are created with Private Nodes |
Terraform |
GKEPrivateNodes.py |
| 4171 |
CKV_GCP_65 |
resource |
google_container_cluster |
Manage Kubernetes RBAC users with Google Groups for GKE |
Terraform |
GKEKubernetesRBACGoogleGroups.py |
| 4172 |
CKV_GCP_66 |
resource |
google_container_cluster |
Ensure use of Binary Authorization |
Terraform |
GKEBinaryAuthorization.py |
| 4173 |
CKV_GCP_68 |
resource |
google_container_cluster |
Ensure Secure Boot for Shielded GKE Nodes is Enabled |
Terraform |
GKESecureBootforShieldedNodes.py |
| 4174 |
CKV_GCP_68 |
resource |
google_container_node_pool |
Ensure Secure Boot for Shielded GKE Nodes is Enabled |
Terraform |
GKESecureBootforShieldedNodes.py |
| 4175 |
CKV_GCP_69 |
resource |
google_container_cluster |
Ensure the GKE Metadata Server is Enabled |
Terraform |
GKEMetadataServerIsEnabled.py |
| 4176 |
CKV_GCP_69 |
resource |
google_container_node_pool |
Ensure the GKE Metadata Server is Enabled |
Terraform |
GKEMetadataServerIsEnabled.py |
| 4177 |
CKV_GCP_70 |
resource |
google_container_cluster |
Ensure the GKE Release Channel is set |
Terraform |
GKEReleaseChannel.py |
| 4178 |
CKV_GCP_71 |
resource |
google_container_cluster |
Ensure Shielded GKE Nodes are Enabled |
Terraform |
GKEEnableShieldedNodes.py |
| 4179 |
CKV_GCP_72 |
resource |
google_container_cluster |
Ensure Integrity Monitoring for Shielded GKE Nodes is Enabled |
Terraform |
GKEEnsureIntegrityMonitoring.py |
| 4180 |
CKV_GCP_72 |
resource |
google_container_node_pool |
Ensure Integrity Monitoring for Shielded GKE Nodes is Enabled |
Terraform |
GKEEnsureIntegrityMonitoring.py |
| 4181 |
CKV_GCP_73 |
resource |
google_compute_security_policy |
Ensure Cloud Armor prevents message lookup in Log4j2. See CVE-2021-44228 aka log4jshell |
Terraform |
CloudArmorWAFACLCVE202144228.py |
| 4182 |
CKV_GCP_74 |
resource |
google_compute_subnetwork |
Ensure that private_ip_google_access is enabled for Subnet |
Terraform |
GoogleSubnetworkPrivateGoogleEnabled.py |
| 4183 |
CKV_GCP_75 |
resource |
google_compute_firewall |
Ensure Google compute firewall ingress does not allow unrestricted FTP access |
Terraform |
GoogleComputeFirewallUnrestrictedIngress21.py |
| 4184 |
CKV_GCP_76 |
resource |
google_compute_subnetwork |
Ensure that Private google access is enabled for IPV6 |
Terraform |
GoogleSubnetworkIPV6PrivateGoogleEnabled.py |
| 4185 |
CKV_GCP_77 |
resource |
google_compute_firewall |
Ensure Google compute firewall ingress does not allow on ftp port |
Terraform |
GoogleComputeFirewallUnrestrictedIngress20.py |
| 4186 |
CKV_GCP_78 |
resource |
google_storage_bucket |
Ensure Cloud storage has versioning enabled |
Terraform |
CloudStorageVersioningEnabled.py |
| 4187 |
CKV_GCP_79 |
resource |
google_sql_database_instance |
Ensure SQL database is using latest Major version |
Terraform |
CloudSqlMajorVersion.py |
| 4188 |
CKV_GCP_80 |
resource |
google_bigquery_table |
Ensure Big Query Tables are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
BigQueryTableEncryptedWithCMK.py |
| 4189 |
CKV_GCP_81 |
resource |
google_bigquery_dataset |
Ensure Big Query Datasets are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
BigQueryDatasetEncryptedWithCMK.py |
| 4190 |
CKV_GCP_82 |
resource |
google_kms_crypto_key |
Ensure KMS keys are protected from deletion |
Terraform |
GoogleKMSPreventDestroy.py |
| 4191 |
CKV_GCP_83 |
resource |
google_pubsub_topic |
Ensure PubSub Topics are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
CloudPubSubEncryptedWithCMK.py |
| 4192 |
CKV_GCP_84 |
resource |
google_artifact_registry_repository |
Ensure Artifact Registry Repositories are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
ArtifactRegsitryEncryptedWithCMK.py |
| 4193 |
CKV_GCP_85 |
resource |
google_bigtable_instance |
Ensure Big Table Instances are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
BigTableInstanceEncryptedWithCMK.py |
| 4194 |
CKV_GCP_86 |
resource |
google_cloudbuild_worker_pool |
Ensure Cloud build workers are private |
Terraform |
CloudBuildWorkersArePrivate.py |
| 4195 |
CKV_GCP_87 |
resource |
google_data_fusion_instance |
Ensure Data fusion instances are private |
Terraform |
DataFusionPrivateInstance.py |
| 4196 |
CKV_GCP_88 |
resource |
google_compute_firewall |
Ensure Google compute firewall ingress does not allow unrestricted mysql access |
Terraform |
GoogleComputeFirewallUnrestrictedIngress3306.py |
| 4197 |
CKV_GCP_89 |
resource |
google_notebooks_instance |
Ensure Vertex AI instances are private |
Terraform |
VertexAIPrivateInstance.py |
| 4198 |
CKV_GCP_90 |
resource |
google_dataflow_job |
Ensure data flow jobs are encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
DataflowJobEncryptedWithCMK.py |
| 4199 |
CKV_GCP_91 |
resource |
google_dataproc_cluster |
Ensure Dataproc cluster is encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
DataprocClusterEncryptedWithCMK.py |
| 4200 |
CKV_GCP_92 |
resource |
google_vertex_ai_dataset |
Ensure Vertex AI datasets uses a CMK (Customer Managed Key) |
Terraform |
VertexAIDatasetEncryptedWithCMK.py |
| 4201 |
CKV_GCP_93 |
resource |
google_spanner_database |
Ensure Spanner Database is encrypted with Customer Supplied Encryption Keys (CSEK) |
Terraform |
SpannerDatabaseEncryptedWithCMK.py |
| 4202 |
CKV_GCP_94 |
resource |
google_dataflow_job |
Ensure Dataflow jobs are private |
Terraform |
DataflowPrivateJob.py |
| 4203 |
CKV_GCP_95 |
resource |
google_redis_instance |
Ensure Memorystore for Redis has AUTH enabled |
Terraform |
MemorystoreForRedisAuthEnabled.py |
| 4204 |
CKV_GCP_96 |
resource |
google_vertex_ai_metadata_store |
Ensure Vertex AI Metadata Store uses a CMK (Customer Managed Key) |
Terraform |
VertexAIMetadataStoreEncryptedWithCMK.py |
| 4205 |
CKV_GCP_97 |
resource |
google_redis_instance |
Ensure Memorystore for Redis uses intransit encryption |
Terraform |
MemorystoreForRedisInTransitEncryption.py |
| 4206 |
CKV_GCP_98 |
resource |
google_dataproc_cluster_iam_binding |
Ensure that Dataproc clusters are not anonymously or publicly accessible |
Terraform |
DataprocPrivateCluster.py |
| 4207 |
CKV_GCP_98 |
resource |
google_dataproc_cluster_iam_member |
Ensure that Dataproc clusters are not anonymously or publicly accessible |
Terraform |
DataprocPrivateCluster.py |
| 4208 |
CKV_GCP_99 |
resource |
google_pubsub_topic_iam_binding |
Ensure that Pub/Sub Topics are not anonymously or publicly accessible |
Terraform |
PubSubPrivateTopic.py |
| 4209 |
CKV_GCP_99 |
resource |
google_pubsub_topic_iam_member |
Ensure that Pub/Sub Topics are not anonymously or publicly accessible |
Terraform |
PubSubPrivateTopic.py |
| 4210 |
CKV_GCP_100 |
resource |
google_bigquery_table_iam_binding |
Ensure that BigQuery Tables are not anonymously or publicly accessible |
Terraform |
BigQueryPrivateTable.py |
| 4211 |
CKV_GCP_100 |
resource |
google_bigquery_table_iam_member |
Ensure that BigQuery Tables are not anonymously or publicly accessible |
Terraform |
BigQueryPrivateTable.py |
| 4212 |
CKV_GCP_101 |
resource |
google_artifact_registry_repository_iam_binding |
Ensure that Artifact Registry repositories are not anonymously or publicly accessible |
Terraform |
ArtifactRegistryPrivateRepo.py |
| 4213 |
CKV_GCP_101 |
resource |
google_artifact_registry_repository_iam_member |
Ensure that Artifact Registry repositories are not anonymously or publicly accessible |
Terraform |
ArtifactRegistryPrivateRepo.py |
| 4214 |
CKV_GCP_102 |
resource |
google_cloud_run_service_iam_binding |
Ensure that GCP Cloud Run services are not anonymously or publicly accessible |
Terraform |
GCPCloudRunPrivateService.py |
| 4215 |
CKV_GCP_102 |
resource |
google_cloud_run_service_iam_member |
Ensure that GCP Cloud Run services are not anonymously or publicly accessible |
Terraform |
GCPCloudRunPrivateService.py |
| 4216 |
CKV_GCP_103 |
resource |
google_dataproc_cluster |
Ensure Dataproc Clusters do not have public IPs |
Terraform |
DataprocPublicIpCluster.py |
| 4217 |
CKV_GCP_104 |
resource |
google_data_fusion_instance |
Ensure Datafusion has stack driver logging enabled |
Terraform |
DataFusionStackdriverLogs.py |
| 4218 |
CKV_GCP_105 |
resource |
google_data_fusion_instance |
Ensure Datafusion has stack driver monitoring enabled |
Terraform |
DataFusionStackdriverMonitoring.py |
| 4219 |
CKV_GCP_106 |
resource |
google_compute_firewall |
Ensure Google compute firewall ingress does not allow unrestricted http port 80 access |
Terraform |
GoogleComputeFirewallUnrestrictedIngress80.py |
| 4220 |
CKV_GCP_107 |
resource |
google_cloudfunctions2_function_iam_binding |
Cloud functions should not be public |
Terraform |
CloudFunctionsShouldNotBePublic.py |
| 4221 |
CKV_GCP_107 |
resource |
google_cloudfunctions2_function_iam_member |
Cloud functions should not be public |
Terraform |
CloudFunctionsShouldNotBePublic.py |
| 4222 |
CKV_GCP_107 |
resource |
google_cloudfunctions_function_iam_binding |
Cloud functions should not be public |
Terraform |
CloudFunctionsShouldNotBePublic.py |
| 4223 |
CKV_GCP_107 |
resource |
google_cloudfunctions_function_iam_member |
Cloud functions should not be public |
Terraform |
CloudFunctionsShouldNotBePublic.py |
| 4224 |
CKV_GCP_108 |
resource |
google_sql_database_instance |
Ensure hostnames are logged for GCP PostgreSQL databases |
Terraform |
GoogleCloudPostgreSqlLogHostname.py |
| 4225 |
CKV_GCP_109 |
resource |
google_sql_database_instance |
Ensure the GCP PostgreSQL database log levels are set to ERROR or lower |
Terraform |
GoogleCloudPostgreSqlLogMinErrorStatement.py |
| 4226 |
CKV_GCP_110 |
resource |
google_sql_database_instance |
Ensure pgAudit is enabled for your GCP PostgreSQL database |
Terraform |
GoogleCloudPostgreSqlEnablePgaudit.py |
| 4227 |
CKV_GCP_111 |
resource |
google_sql_database_instance |
Ensure GCP PostgreSQL logs SQL statements |
Terraform |
GoogleCloudPostgreSqlLogStatement.py |
| 4228 |
CKV_GCP_112 |
resource |
google_kms_crypto_key_iam_binding |
Ensure KMS policy should not allow public access |
Terraform |
GoogleKMSKeyIsPublic.py |
| 4229 |
CKV_GCP_112 |
resource |
google_kms_crypto_key_iam_member |
Ensure KMS policy should not allow public access |
Terraform |
GoogleKMSKeyIsPublic.py |
| 4230 |
CKV_GCP_112 |
resource |
google_kms_crypto_key_iam_policy |
Ensure KMS policy should not allow public access |
Terraform |
GoogleKMSKeyIsPublic.py |
| 4231 |
CKV_GCP_113 |
data |
google_iam_policy |
Ensure IAM policy should not define public access |
Terraform |
GooglePolicyIsPrivate.py |
| 4232 |
CKV_GCP_114 |
resource |
google_storage_bucket |
Ensure public access prevention is enforced on Cloud Storage bucket |
Terraform |
GoogleStoragePublicAccessPrevention.py |
| 4233 |
CKV_GCP_115 |
resource |
google_organization_iam_binding |
Ensure basic roles are not used at organization level. |
Terraform |
GoogleOrgBasicRole.py |
| 4234 |
CKV_GCP_115 |
resource |
google_organization_iam_member |
Ensure basic roles are not used at organization level. |
Terraform |
GoogleOrgBasicRole.py |
| 4235 |
CKV_GCP_116 |
resource |
google_folder_iam_binding |
Ensure basic roles are not used at folder level. |
Terraform |
GoogleFolderBasicRole.py |
| 4236 |
CKV_GCP_116 |
resource |
google_folder_iam_member |
Ensure basic roles are not used at folder level. |
Terraform |
GoogleFolderBasicRole.py |
| 4237 |
CKV_GCP_117 |
resource |
google_project_iam_binding |
Ensure basic roles are not used at project level. |
Terraform |
GoogleProjectBasicRole.py |
| 4238 |
CKV_GCP_117 |
resource |
google_project_iam_member |
Ensure basic roles are not used at project level. |
Terraform |
GoogleProjectBasicRole.py |
| 4239 |
CKV_GCP_118 |
resource |
google_iam_workload_identity_pool_provider |
Ensure IAM workload identity pool provider is restricted |
Terraform |
GoogleIAMWorkloadIdentityConditional.py |
| 4240 |
CKV_GCP_119 |
resource |
google_spanner_database |
Ensure Spanner Database has deletion protection enabled |
Terraform |
SpannerDatabaseDeletionProtection.py |
| 4241 |
CKV_GCP_120 |
resource |
google_spanner_database |
Ensure Spanner Database has drop protection enabled |
Terraform |
SpannerDatabaseDropProtection.py |
| 4242 |
CKV_GCP_121 |
resource |
google_bigquery_table |
Ensure BigQuery tables have deletion protection enabled |
Terraform |
BigQueryTableDeletionProtection.py |
| 4243 |
CKV_GCP_122 |
resource |
google_bigtable_instance |
Ensure Big Table Instances have deletion protection enabled |
Terraform |
BigTableInstanceDeletionProtection.py |
| 4244 |
CKV_GCP_123 |
resource |
google_container_cluster |
GKE Don’t Use NodePools in the Cluster configuration |
Terraform |
GKEDontUseNodePools.py |
| 4245 |
CKV_GCP_124 |
resource |
google_cloudfunctions2_function |
Ensure GCP Cloud Function is not configured with overly permissive Ingress setting |
Terraform |
CloudFunctionPermissiveIngress.py |
| 4246 |
CKV_GCP_124 |
resource |
google_cloudfunctions_function |
Ensure GCP Cloud Function is not configured with overly permissive Ingress setting |
Terraform |
CloudFunctionPermissiveIngress.py |
| 4247 |
CKV_GCP_125 |
resource |
google_iam_workload_identity_pool_provider |
Ensure GCP GitHub Actions OIDC trust policy is configured securely |
Terraform |
GithubActionsOIDCTrustPolicy.py |
| 4248 |
CKV_GCP_126 |
resource |
google_notebooks_instance |
Ensure Vertex AI Notebook instances are launched with Shielded VM enabled |
Terraform |
GoogleVertexAINotebookShieldedVM.py |
| 4249 |
CKV_GCP_127 |
resource |
google_notebooks_instance |
Ensure Integrity Monitoring for Shielded Vertex AI Notebook Instances is Enabled |
Terraform |
VertexAINotebookEnsureIntegrityMonitoring.py |
| 4250 |
CKV2_GCP_1 |
resource |
google_project_default_service_accounts |
Ensure GKE clusters are not running using the Compute Engine default service account |
Terraform |
GKEClustersAreNotUsingDefaultServiceAccount.yaml |
| 4251 |
CKV2_GCP_2 |
resource |
google_compute_network |
Ensure legacy networks do not exist for a project |
Terraform |
GCPProjectHasNoLegacyNetworks.yaml |
| 4252 |
CKV2_GCP_3 |
resource |
google_service_account_key |
Ensure that there are only GCP-managed service account keys for each service account |
Terraform |
ServiceAccountHasGCPmanagedKey.yaml |
| 4253 |
CKV2_GCP_4 |
resource |
google_logging_folder_sink |
Ensure that retention policies on log buckets are configured using Bucket Lock |
Terraform |
GCPLogBucketsConfiguredUsingLock.yaml |
| 4254 |
CKV2_GCP_4 |
resource |
google_logging_organization_sink |
Ensure that retention policies on log buckets are configured using Bucket Lock |
Terraform |
GCPLogBucketsConfiguredUsingLock.yaml |
| 4255 |
CKV2_GCP_4 |
resource |
google_logging_project_sink |
Ensure that retention policies on log buckets are configured using Bucket Lock |
Terraform |
GCPLogBucketsConfiguredUsingLock.yaml |
| 4256 |
CKV2_GCP_4 |
resource |
google_storage_bucket |
Ensure that retention policies on log buckets are configured using Bucket Lock |
Terraform |
GCPLogBucketsConfiguredUsingLock.yaml |
| 4257 |
CKV2_GCP_5 |
resource |
google_project |
Ensure that Cloud Audit Logging is configured properly across all services and all users from a project |
Terraform |
GCPAuditLogsConfiguredForAllServicesAndUsers.yaml |
| 4258 |
CKV2_GCP_5 |
resource |
google_project_iam_audit_config |
Ensure that Cloud Audit Logging is configured properly across all services and all users from a project |
Terraform |
GCPAuditLogsConfiguredForAllServicesAndUsers.yaml |
| 4259 |
CKV2_GCP_6 |
resource |
google_kms_crypto_key |
Ensure that Cloud KMS cryptokeys are not anonymously or publicly accessible |
Terraform |
GCPKMSCryptoKeysAreNotPubliclyAccessible.yaml |
| 4260 |
CKV2_GCP_6 |
resource |
google_kms_crypto_key_iam_binding |
Ensure that Cloud KMS cryptokeys are not anonymously or publicly accessible |
Terraform |
GCPKMSCryptoKeysAreNotPubliclyAccessible.yaml |
| 4261 |
CKV2_GCP_6 |
resource |
google_kms_crypto_key_iam_member |
Ensure that Cloud KMS cryptokeys are not anonymously or publicly accessible |
Terraform |
GCPKMSCryptoKeysAreNotPubliclyAccessible.yaml |
| 4262 |
CKV2_GCP_7 |
resource |
google_sql_database_instance |
Ensure that a MySQL database instance does not allow anyone to connect with administrative privileges |
Terraform |
DisableAccessToSqlDBInstanceForRootUsersWithoutPassword.yaml |
| 4263 |
CKV2_GCP_7 |
resource |
google_sql_user |
Ensure that a MySQL database instance does not allow anyone to connect with administrative privileges |
Terraform |
DisableAccessToSqlDBInstanceForRootUsersWithoutPassword.yaml |
| 4264 |
CKV2_GCP_8 |
resource |
google_kms_key_ring |
Ensure that Cloud KMS Key Rings are not anonymously or publicly accessible |
Terraform |
GCPKMSKeyRingsAreNotPubliclyAccessible.yaml |
| 4265 |
CKV2_GCP_8 |
resource |
google_kms_key_ring_iam_binding |
Ensure that Cloud KMS Key Rings are not anonymously or publicly accessible |
Terraform |
GCPKMSKeyRingsAreNotPubliclyAccessible.yaml |
| 4266 |
CKV2_GCP_8 |
resource |
google_kms_key_ring_iam_member |
Ensure that Cloud KMS Key Rings are not anonymously or publicly accessible |
Terraform |
GCPKMSKeyRingsAreNotPubliclyAccessible.yaml |
| 4267 |
CKV2_GCP_9 |
resource |
google_container_registry |
Ensure that Container Registry repositories are not anonymously or publicly accessible |
Terraform |
GCPContainerRegistryReposAreNotPubliclyAccessible.yaml |
| 4268 |
CKV2_GCP_9 |
resource |
google_storage_bucket_iam_binding |
Ensure that Container Registry repositories are not anonymously or publicly accessible |
Terraform |
GCPContainerRegistryReposAreNotPubliclyAccessible.yaml |
| 4269 |
CKV2_GCP_9 |
resource |
google_storage_bucket_iam_member |
Ensure that Container Registry repositories are not anonymously or publicly accessible |
Terraform |
GCPContainerRegistryReposAreNotPubliclyAccessible.yaml |
| 4270 |
CKV2_GCP_10 |
resource |
google_cloudfunctions_function |
Ensure GCP Cloud Function HTTP trigger is secured |
Terraform |
CloudFunctionSecureHTTPTrigger.yaml |
| 4271 |
CKV2_GCP_11 |
resource |
google_project_services |
Ensure GCP GCR Container Vulnerability Scanning is enabled |
Terraform |
GCRContainerVulnerabilityScanningEnabled.yaml |
| 4272 |
CKV2_GCP_12 |
resource |
google_compute_firewall |
Ensure GCP compute firewall ingress does not allow unrestricted access to all ports |
Terraform |
GCPComputeFirewallOverlyPermissiveToAllTraffic.yaml |
| 4273 |
CKV2_GCP_13 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database flag ‘log_duration’ is set to ‘on’ |
Terraform |
GCPPostgreSQLDatabaseFlaglog_durationIsSetToON.yaml |
| 4274 |
CKV2_GCP_14 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database flag ‘log_executor_stats’ is set to ‘off’ |
Terraform |
GCPPostgreSQLDatabaseFlaglog_executor_statsIsSetToOFF.yaml |
| 4275 |
CKV2_GCP_15 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database flag ‘log_parser_stats’ is set to ‘off’ |
Terraform |
GCPPostgreSQLDatabaseFlaglog_parser_statsIsSetToOFF.yaml |
| 4276 |
CKV2_GCP_16 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database flag ‘log_planner_stats’ is set to ‘off’ |
Terraform |
GCPPostgreSQLDatabaseFlaglog_planner_statsIsSetToOFF.yaml |
| 4277 |
CKV2_GCP_17 |
resource |
google_sql_database_instance |
Ensure PostgreSQL database flag ‘log_statement_stats’ is set to ‘off’ |
Terraform |
GCPPostgreSQLDatabaseFlaglog_statement_statsIsSetToOFF.yaml |
| 4278 |
CKV2_GCP_18 |
resource |
google_compute_network |
Ensure GCP network defines a firewall and does not use the default firewall |
Terraform |
GCPNetworkDoesNotUseDefaultFirewall.yaml |
| 4279 |
CKV2_GCP_19 |
resource |
google_container_cluster |
Ensure GCP Kubernetes engine clusters have ‘alpha cluster’ feature disabled |
Terraform |
GCPdisableAlphaClusterFeatureInKubernetesEngineClusters.yaml |
| 4280 |
CKV2_GCP_20 |
resource |
google_sql_database_instance |
Ensure MySQL DB instance has point-in-time recovery backup configured |
Terraform |
GCPMySQLdbInstancePoint_In_TimeRecoveryBackupIsEnabled.yaml |
| 4281 |
CKV2_GCP_21 |
resource |
google_notebooks_instance |
Ensure Vertex AI instance disks are encrypted with a Customer Managed Key (CMK) |
Terraform |
GCPVertexInstanceEncryptedWithCMK.yaml |
| 4282 |
CKV2_GCP_22 |
resource |
google_document_ai_processor |
Ensure Document AI Processors are encrypted with a Customer Managed Key (CMK) |
Terraform |
GCPDocumentAIProcessorEncryptedWithCMK.yaml |
| 4283 |
CKV2_GCP_23 |
resource |
google_document_ai_warehouse_location |
Ensure Document AI Warehouse Location is configured to use a Customer Managed Key (CMK) |
Terraform |
GCPDocumentAIWarehouseLocationEncryptedWithCMK.yaml |
| 4284 |
CKV2_GCP_24 |
resource |
google_vertex_ai_endpoint |
Ensure Vertex AI endpoint uses a Customer Managed Key (CMK) |
Terraform |
GCPVertexAIEndpointEncryptedWithCMK.yaml |
| 4285 |
CKV2_GCP_25 |
resource |
google_vertex_ai_featurestore |
Ensure Vertex AI featurestore uses a Customer Managed Key (CMK) |
Terraform |
GCPVertexAIFeaturestoreEncryptedWithCMK.yaml |
| 4286 |
CKV2_GCP_26 |
resource |
google_vertex_ai_tensorboard |
Ensure Vertex AI tensorboard uses a Customer Managed Key (CMK) |
Terraform |
GCPVertexAITensorboardEncryptedWithCMK.yaml |
| 4287 |
CKV2_GCP_27 |
resource |
google_workbench_instance |
Ensure Vertex AI workbench instance disks are encrypted with a Customer Managed Key (CMK) |
Terraform |
GCPVertexWorkbenchInstanceEncryptedWithCMK.yaml |
| 4288 |
CKV2_GCP_28 |
resource |
google_workbench_instance |
Ensure Vertex AI workbench instances are private |
Terraform |
GCPVertexWorkbenchInstanceNoPublicIp.yaml |
| 4289 |
CKV2_GCP_29 |
resource |
google_dialogflow_agent |
Ensure logging is enabled for Dialogflow agents |
Terraform |
GCPDialogFlowAgentLoggingEnabled.yaml |
| 4290 |
CKV2_GCP_30 |
resource |
google_dialogflow_cx_agent |
Ensure logging is enabled for Dialogflow CX agents |
Terraform |
GCPDialogFlowCxAgentLoggingEnabled.yaml |
| 4291 |
CKV2_GCP_31 |
resource |
google_dialogflow_cx_webhook |
Ensure logging is enabled for Dialogflow CX webhooks |
Terraform |
GCPDialogFlowCxWebhookLoggingEnabled.yaml |
| 4292 |
CKV2_GCP_32 |
resource |
google_tpu_v2_vm |
Ensure TPU v2 is private |
Terraform |
GCPTpuV2VmPrivateEndpoint.yaml |
| 4293 |
CKV2_GCP_33 |
resource |
google_vertex_ai_endpoint |
Ensure Vertex AI endpoint is private |
Terraform |
GCPVertexAIPrivateEndpoint.yaml |
| 4294 |
CKV2_GCP_34 |
resource |
google_vertex_ai_index_endpoint |
Ensure Vertex AI index endpoint is private |
Terraform |
GCPVertexAIPrivateIndexEndpoint.yaml |
| 4295 |
CKV2_GCP_35 |
resource |
google_notebooks_runtime |
Ensure Vertex AI runtime is encrypted with a Customer Managed Key (CMK) |
Terraform |
GCPVertexRuntimeEncryptedWithCMK.yaml |
| 4296 |
CKV2_GCP_36 |
resource |
google_notebooks_runtime |
Ensure Vertex AI runtime is private |
Terraform |
GCPVertexRuntimePrivate.yaml |
| 4297 |
CKV2_GCP_37 |
resource |
google_compute_forwarding_rule |
Ensure GCP compute regional forwarding rule does not use HTTP proxies with EXTERNAL load balancing scheme |
Terraform |
GCPComputeRegionalForwardingRuleCheck.yaml |
| 4298 |
CKV2_GCP_38 |
resource |
google_compute_global_forwarding_rule |
Ensure GCP compute global forwarding rule does not use HTTP proxies with EXTERNAL load balancing scheme |
Terraform |
GCPComputeGlobalForwardingRuleCheck.yaml |
| 4299 |
CKV_GIT_1 |
resource |
github_repository |
Ensure GitHub repository is Private |
Terraform |
PrivateRepo.py |
| 4300 |
CKV_GIT_2 |
resource |
github_repository_webhook |
Ensure GitHub repository webhooks are using HTTPS |
Terraform |
WebhookInsecureSsl.py |
| 4301 |
CKV_GIT_3 |
resource |
github_repository |
Ensure GitHub repository has vulnerability alerts enabled |
Terraform |
RepositoryEnableVulnerabilityAlerts.py |
| 4302 |
CKV_GIT_4 |
resource |
github_actions_environment_secret |
Ensure GitHub Actions secrets are encrypted |
Terraform |
SecretsEncrypted.py |
| 4303 |
CKV_GIT_4 |
resource |
github_actions_organization_secret |
Ensure GitHub Actions secrets are encrypted |
Terraform |
SecretsEncrypted.py |
| 4304 |
CKV_GIT_4 |
resource |
github_actions_secret |
Ensure GitHub Actions secrets are encrypted |
Terraform |
SecretsEncrypted.py |
| 4305 |
CKV_GIT_5 |
resource |
github_branch_protection |
GitHub pull requests should require at least 2 approvals |
Terraform |
BranchProtectionReviewNumTwo.py |
| 4306 |
CKV_GIT_5 |
resource |
github_branch_protection_v3 |
GitHub pull requests should require at least 2 approvals |
Terraform |
BranchProtectionReviewNumTwo.py |
| 4307 |
CKV_GIT_6 |
resource |
github_branch_protection |
Ensure GitHub branch protection rules requires signed commits |
Terraform |
BranchProtectionRequireSignedCommits.py |
| 4308 |
CKV_GIT_6 |
resource |
github_branch_protection_v3 |
Ensure GitHub branch protection rules requires signed commits |
Terraform |
BranchProtectionRequireSignedCommits.py |
| 4309 |
CKV2_GIT_1 |
resource |
github_repository |
Ensure each Repository has branch protection associated |
Terraform |
RepositoryHasBranchProtection.yaml |
| 4310 |
CKV_GLB_1 |
resource |
gitlab_project |
Ensure at least two approving reviews are required to merge a GitLab MR |
Terraform |
RequireTwoApprovalsToMerge.py |
| 4311 |
CKV_GLB_2 |
resource |
gitlab_branch_protection |
Ensure GitLab branch protection rules does not allow force pushes |
Terraform |
ForcePushDisabled.py |
| 4312 |
CKV_GLB_3 |
resource |
gitlab_project |
Ensure GitLab prevent secrets is enabled |
Terraform |
PreventSecretsEnabled.py |
| 4313 |
CKV_GLB_4 |
resource |
gitlab_project |
Ensure GitLab commits are signed |
Terraform |
RejectUnsignedCommits.py |
| 4314 |
CKV2_IBM_1 |
resource |
ibm_is_lb |
Ensure load balancer for VPC is private (disable public access) |
Terraform |
IBM_LoadBalancerforVPCisPrivate.yaml |
| 4315 |
CKV2_IBM_2 |
resource |
ibm_is_vpc |
Ensure VPC classic access is disabled |
Terraform |
IBM_VPCclassicAccessIsDisabled.yaml |
| 4316 |
CKV2_IBM_3 |
resource |
ibm_iam_account_settings |
Ensure API key creation is restricted in account settings |
Terraform |
IBM_RestrictAPIkeyCreationInAccountSettings.yaml |
| 4317 |
CKV2_IBM_4 |
resource |
ibm_iam_account_settings |
Ensure Multi-Factor Authentication (MFA) is enabled at the account level |
Terraform |
IBM_EnableMFAatAccountLevel.yaml |
| 4318 |
CKV2_IBM_5 |
resource |
ibm_iam_account_settings |
Ensure Service ID creation is restricted in account settings |
Terraform |
IBM_RestrictServiceIDCreationInAccountSettings.yaml |
| 4319 |
CKV2_IBM_7 |
resource |
ibm_container_cluster |
Ensure Kubernetes clusters are accessible by using private endpoint and NOT public endpoint |
Terraform |
IBM_K8sClustersAccessibleViaPrivateEndPt.yaml |
| 4320 |
CKV_K8S_1 |
resource |
kubernetes_pod_security_policy |
Do not admit containers wishing to share the host process ID namespace |
Terraform |
ShareHostPIDPSP.py |
| 4321 |
CKV_K8S_2 |
resource |
kubernetes_pod_security_policy |
Do not admit privileged containers |
Terraform |
PrivilegedContainerPSP.py |
| 4322 |
CKV_K8S_3 |
resource |
kubernetes_pod_security_policy |
Do not admit containers wishing to share the host IPC namespace |
Terraform |
ShareHostIPCPSP.py |
| 4323 |
CKV_K8S_4 |
resource |
kubernetes_pod_security_policy |
Do not admit containers wishing to share the host network namespace |
Terraform |
SharedHostNetworkNamespacePSP.py |
| 4324 |
CKV_K8S_5 |
resource |
kubernetes_pod_security_policy |
Containers should not run with allowPrivilegeEscalation |
Terraform |
AllowPrivilegeEscalationPSP.py |
| 4325 |
CKV_K8S_6 |
resource |
kubernetes_pod_security_policy |
Do not admit root containers |
Terraform |
RootContainerPSP.py |
| 4326 |
CKV_K8S_7 |
resource |
kubernetes_pod_security_policy |
Do not admit containers with the NET_RAW capability |
Terraform |
DropCapabilitiesPSP.py |
| 4327 |
CKV_K8S_8 |
resource |
kubernetes_deployment |
Liveness Probe Should be Configured |
Terraform |
LivenessProbe.py |
| 4328 |
CKV_K8S_8 |
resource |
kubernetes_deployment_v1 |
Liveness Probe Should be Configured |
Terraform |
LivenessProbe.py |
| 4329 |
CKV_K8S_8 |
resource |
kubernetes_pod |
Liveness Probe Should be Configured |
Terraform |
LivenessProbe.py |
| 4330 |
CKV_K8S_8 |
resource |
kubernetes_pod_v1 |
Liveness Probe Should be Configured |
Terraform |
LivenessProbe.py |
| 4331 |
CKV_K8S_9 |
resource |
kubernetes_deployment |
Readiness Probe Should be Configured |
Terraform |
ReadinessProbe.py |
| 4332 |
CKV_K8S_9 |
resource |
kubernetes_deployment_v1 |
Readiness Probe Should be Configured |
Terraform |
ReadinessProbe.py |
| 4333 |
CKV_K8S_9 |
resource |
kubernetes_pod |
Readiness Probe Should be Configured |
Terraform |
ReadinessProbe.py |
| 4334 |
CKV_K8S_9 |
resource |
kubernetes_pod_v1 |
Readiness Probe Should be Configured |
Terraform |
ReadinessProbe.py |
| 4335 |
CKV_K8S_10 |
resource |
kubernetes_deployment |
CPU requests should be set |
Terraform |
CPURequests.py |
| 4336 |
CKV_K8S_10 |
resource |
kubernetes_deployment_v1 |
CPU requests should be set |
Terraform |
CPURequests.py |
| 4337 |
CKV_K8S_10 |
resource |
kubernetes_pod |
CPU requests should be set |
Terraform |
CPURequests.py |
| 4338 |
CKV_K8S_10 |
resource |
kubernetes_pod_v1 |
CPU requests should be set |
Terraform |
CPURequests.py |
| 4339 |
CKV_K8S_11 |
resource |
kubernetes_deployment |
CPU Limits should be set |
Terraform |
CPULimits.py |
| 4340 |
CKV_K8S_11 |
resource |
kubernetes_deployment_v1 |
CPU Limits should be set |
Terraform |
CPULimits.py |
| 4341 |
CKV_K8S_11 |
resource |
kubernetes_pod |
CPU Limits should be set |
Terraform |
CPULimits.py |
| 4342 |
CKV_K8S_11 |
resource |
kubernetes_pod_v1 |
CPU Limits should be set |
Terraform |
CPULimits.py |
| 4343 |
CKV_K8S_12 |
resource |
kubernetes_deployment |
Memory Limits should be set |
Terraform |
MemoryLimits.py |
| 4344 |
CKV_K8S_12 |
resource |
kubernetes_deployment_v1 |
Memory Limits should be set |
Terraform |
MemoryLimits.py |
| 4345 |
CKV_K8S_12 |
resource |
kubernetes_pod |
Memory Limits should be set |
Terraform |
MemoryLimits.py |
| 4346 |
CKV_K8S_12 |
resource |
kubernetes_pod_v1 |
Memory Limits should be set |
Terraform |
MemoryLimits.py |
| 4347 |
CKV_K8S_13 |
resource |
kubernetes_deployment |
Memory requests should be set |
Terraform |
MemoryRequests.py |
| 4348 |
CKV_K8S_13 |
resource |
kubernetes_deployment_v1 |
Memory requests should be set |
Terraform |
MemoryRequests.py |
| 4349 |
CKV_K8S_13 |
resource |
kubernetes_pod |
Memory requests should be set |
Terraform |
MemoryRequests.py |
| 4350 |
CKV_K8S_13 |
resource |
kubernetes_pod_v1 |
Memory requests should be set |
Terraform |
MemoryRequests.py |
| 4351 |
CKV_K8S_14 |
resource |
kubernetes_deployment |
Image Tag should be fixed - not latest or blank |
Terraform |
ImageTagFixed.py |
| 4352 |
CKV_K8S_14 |
resource |
kubernetes_deployment_v1 |
Image Tag should be fixed - not latest or blank |
Terraform |
ImageTagFixed.py |
| 4353 |
CKV_K8S_14 |
resource |
kubernetes_pod |
Image Tag should be fixed - not latest or blank |
Terraform |
ImageTagFixed.py |
| 4354 |
CKV_K8S_14 |
resource |
kubernetes_pod_v1 |
Image Tag should be fixed - not latest or blank |
Terraform |
ImageTagFixed.py |
| 4355 |
CKV_K8S_15 |
resource |
kubernetes_deployment |
Image Pull Policy should be Always |
Terraform |
ImagePullPolicyAlways.py |
| 4356 |
CKV_K8S_15 |
resource |
kubernetes_deployment_v1 |
Image Pull Policy should be Always |
Terraform |
ImagePullPolicyAlways.py |
| 4357 |
CKV_K8S_15 |
resource |
kubernetes_pod |
Image Pull Policy should be Always |
Terraform |
ImagePullPolicyAlways.py |
| 4358 |
CKV_K8S_15 |
resource |
kubernetes_pod_v1 |
Image Pull Policy should be Always |
Terraform |
ImagePullPolicyAlways.py |
| 4359 |
CKV_K8S_16 |
resource |
kubernetes_deployment |
Do not admit privileged containers |
Terraform |
PrivilegedContainer.py |
| 4360 |
CKV_K8S_16 |
resource |
kubernetes_deployment_v1 |
Do not admit privileged containers |
Terraform |
PrivilegedContainer.py |
| 4361 |
CKV_K8S_16 |
resource |
kubernetes_pod |
Do not admit privileged containers |
Terraform |
PrivilegedContainer.py |
| 4362 |
CKV_K8S_16 |
resource |
kubernetes_pod_v1 |
Do not admit privileged containers |
Terraform |
PrivilegedContainer.py |
| 4363 |
CKV_K8S_17 |
resource |
kubernetes_deployment |
Do not admit containers wishing to share the host process ID namespace |
Terraform |
ShareHostPID.py |
| 4364 |
CKV_K8S_17 |
resource |
kubernetes_deployment_v1 |
Do not admit containers wishing to share the host process ID namespace |
Terraform |
ShareHostPID.py |
| 4365 |
CKV_K8S_17 |
resource |
kubernetes_pod |
Do not admit containers wishing to share the host process ID namespace |
Terraform |
ShareHostPID.py |
| 4366 |
CKV_K8S_17 |
resource |
kubernetes_pod_v1 |
Do not admit containers wishing to share the host process ID namespace |
Terraform |
ShareHostPID.py |
| 4367 |
CKV_K8S_18 |
resource |
kubernetes_deployment |
Do not admit containers wishing to share the host IPC namespace |
Terraform |
ShareHostIPC.py |
| 4368 |
CKV_K8S_18 |
resource |
kubernetes_deployment_v1 |
Do not admit containers wishing to share the host IPC namespace |
Terraform |
ShareHostIPC.py |
| 4369 |
CKV_K8S_18 |
resource |
kubernetes_pod |
Do not admit containers wishing to share the host IPC namespace |
Terraform |
ShareHostIPC.py |
| 4370 |
CKV_K8S_18 |
resource |
kubernetes_pod_v1 |
Do not admit containers wishing to share the host IPC namespace |
Terraform |
ShareHostIPC.py |
| 4371 |
CKV_K8S_19 |
resource |
kubernetes_deployment |
Do not admit containers wishing to share the host network namespace |
Terraform |
SharedHostNetworkNamespace.py |
| 4372 |
CKV_K8S_19 |
resource |
kubernetes_deployment_v1 |
Do not admit containers wishing to share the host network namespace |
Terraform |
SharedHostNetworkNamespace.py |
| 4373 |
CKV_K8S_19 |
resource |
kubernetes_pod |
Do not admit containers wishing to share the host network namespace |
Terraform |
SharedHostNetworkNamespace.py |
| 4374 |
CKV_K8S_19 |
resource |
kubernetes_pod_v1 |
Do not admit containers wishing to share the host network namespace |
Terraform |
SharedHostNetworkNamespace.py |
| 4375 |
CKV_K8S_20 |
resource |
kubernetes_deployment |
Containers should not run with allowPrivilegeEscalation |
Terraform |
AllowPrivilegeEscalation.py |
| 4376 |
CKV_K8S_20 |
resource |
kubernetes_deployment_v1 |
Containers should not run with allowPrivilegeEscalation |
Terraform |
AllowPrivilegeEscalation.py |
| 4377 |
CKV_K8S_20 |
resource |
kubernetes_pod |
Containers should not run with allowPrivilegeEscalation |
Terraform |
AllowPrivilegeEscalation.py |
| 4378 |
CKV_K8S_20 |
resource |
kubernetes_pod_v1 |
Containers should not run with allowPrivilegeEscalation |
Terraform |
AllowPrivilegeEscalation.py |
| 4379 |
CKV_K8S_21 |
resource |
kubernetes_config_map |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4380 |
CKV_K8S_21 |
resource |
kubernetes_config_map_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4381 |
CKV_K8S_21 |
resource |
kubernetes_cron_job |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4382 |
CKV_K8S_21 |
resource |
kubernetes_cron_job_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4383 |
CKV_K8S_21 |
resource |
kubernetes_daemon_set_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4384 |
CKV_K8S_21 |
resource |
kubernetes_daemonset |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4385 |
CKV_K8S_21 |
resource |
kubernetes_deployment |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4386 |
CKV_K8S_21 |
resource |
kubernetes_deployment_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4387 |
CKV_K8S_21 |
resource |
kubernetes_ingress |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4388 |
CKV_K8S_21 |
resource |
kubernetes_ingress_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4389 |
CKV_K8S_21 |
resource |
kubernetes_job |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4390 |
CKV_K8S_21 |
resource |
kubernetes_job_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4391 |
CKV_K8S_21 |
resource |
kubernetes_pod |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4392 |
CKV_K8S_21 |
resource |
kubernetes_pod_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4393 |
CKV_K8S_21 |
resource |
kubernetes_replication_controller |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4394 |
CKV_K8S_21 |
resource |
kubernetes_replication_controller_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4395 |
CKV_K8S_21 |
resource |
kubernetes_role_binding |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4396 |
CKV_K8S_21 |
resource |
kubernetes_role_binding_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4397 |
CKV_K8S_21 |
resource |
kubernetes_secret |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4398 |
CKV_K8S_21 |
resource |
kubernetes_secret_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4399 |
CKV_K8S_21 |
resource |
kubernetes_service |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4400 |
CKV_K8S_21 |
resource |
kubernetes_service_account |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4401 |
CKV_K8S_21 |
resource |
kubernetes_service_account_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4402 |
CKV_K8S_21 |
resource |
kubernetes_service_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4403 |
CKV_K8S_21 |
resource |
kubernetes_stateful_set |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4404 |
CKV_K8S_21 |
resource |
kubernetes_stateful_set_v1 |
The default namespace should not be used |
Terraform |
DefaultNamespace.py |
| 4405 |
CKV_K8S_22 |
resource |
kubernetes_deployment |
Use read-only filesystem for containers where possible |
Terraform |
ReadonlyRootFilesystem.py |
| 4406 |
CKV_K8S_22 |
resource |
kubernetes_deployment_v1 |
Use read-only filesystem for containers where possible |
Terraform |
ReadonlyRootFilesystem.py |
| 4407 |
CKV_K8S_22 |
resource |
kubernetes_pod |
Use read-only filesystem for containers where possible |
Terraform |
ReadonlyRootFilesystem.py |
| 4408 |
CKV_K8S_22 |
resource |
kubernetes_pod_v1 |
Use read-only filesystem for containers where possible |
Terraform |
ReadonlyRootFilesystem.py |
| 4409 |
CKV_K8S_24 |
resource |
kubernetes_pod_security_policy |
Do not allow containers with added capability |
Terraform |
AllowedCapabilitiesPSP.py |
| 4410 |
CKV_K8S_25 |
resource |
kubernetes_deployment |
Minimize the admission of containers with added capability |
Terraform |
AllowedCapabilities.py |
| 4411 |
CKV_K8S_25 |
resource |
kubernetes_deployment_v1 |
Minimize the admission of containers with added capability |
Terraform |
AllowedCapabilities.py |
| 4412 |
CKV_K8S_25 |
resource |
kubernetes_pod |
Minimize the admission of containers with added capability |
Terraform |
AllowedCapabilities.py |
| 4413 |
CKV_K8S_25 |
resource |
kubernetes_pod_v1 |
Minimize the admission of containers with added capability |
Terraform |
AllowedCapabilities.py |
| 4414 |
CKV_K8S_26 |
resource |
kubernetes_deployment |
Do not specify hostPort unless absolutely necessary |
Terraform |
HostPort.py |
| 4415 |
CKV_K8S_26 |
resource |
kubernetes_deployment_v1 |
Do not specify hostPort unless absolutely necessary |
Terraform |
HostPort.py |
| 4416 |
CKV_K8S_26 |
resource |
kubernetes_pod |
Do not specify hostPort unless absolutely necessary |
Terraform |
HostPort.py |
| 4417 |
CKV_K8S_26 |
resource |
kubernetes_pod_v1 |
Do not specify hostPort unless absolutely necessary |
Terraform |
HostPort.py |
| 4418 |
CKV_K8S_27 |
resource |
kubernetes_daemon_set_v1 |
Do not expose the docker daemon socket to containers |
Terraform |
DockerSocketVolume.py |
| 4419 |
CKV_K8S_27 |
resource |
kubernetes_daemonset |
Do not expose the docker daemon socket to containers |
Terraform |
DockerSocketVolume.py |
| 4420 |
CKV_K8S_27 |
resource |
kubernetes_deployment |
Do not expose the docker daemon socket to containers |
Terraform |
DockerSocketVolume.py |
| 4421 |
CKV_K8S_27 |
resource |
kubernetes_deployment_v1 |
Do not expose the docker daemon socket to containers |
Terraform |
DockerSocketVolume.py |
| 4422 |
CKV_K8S_27 |
resource |
kubernetes_pod |
Do not expose the docker daemon socket to containers |
Terraform |
DockerSocketVolume.py |
| 4423 |
CKV_K8S_27 |
resource |
kubernetes_pod_v1 |
Do not expose the docker daemon socket to containers |
Terraform |
DockerSocketVolume.py |
| 4424 |
CKV_K8S_28 |
resource |
kubernetes_deployment |
Minimize the admission of containers with the NET_RAW capability |
Terraform |
DropCapabilities.py |
| 4425 |
CKV_K8S_28 |
resource |
kubernetes_deployment_v1 |
Minimize the admission of containers with the NET_RAW capability |
Terraform |
DropCapabilities.py |
| 4426 |
CKV_K8S_28 |
resource |
kubernetes_pod |
Minimize the admission of containers with the NET_RAW capability |
Terraform |
DropCapabilities.py |
| 4427 |
CKV_K8S_28 |
resource |
kubernetes_pod_v1 |
Minimize the admission of containers with the NET_RAW capability |
Terraform |
DropCapabilities.py |
| 4428 |
CKV_K8S_29 |
resource |
kubernetes_daemon_set_v1 |
Apply security context to your pods, deployments and daemon_sets |
Terraform |
PodSecurityContext.py |
| 4429 |
CKV_K8S_29 |
resource |
kubernetes_daemonset |
Apply security context to your pods, deployments and daemon_sets |
Terraform |
PodSecurityContext.py |
| 4430 |
CKV_K8S_29 |
resource |
kubernetes_deployment |
Apply security context to your pods, deployments and daemon_sets |
Terraform |
PodSecurityContext.py |
| 4431 |
CKV_K8S_29 |
resource |
kubernetes_deployment_v1 |
Apply security context to your pods, deployments and daemon_sets |
Terraform |
PodSecurityContext.py |
| 4432 |
CKV_K8S_29 |
resource |
kubernetes_pod |
Apply security context to your pods, deployments and daemon_sets |
Terraform |
PodSecurityContext.py |
| 4433 |
CKV_K8S_29 |
resource |
kubernetes_pod_v1 |
Apply security context to your pods, deployments and daemon_sets |
Terraform |
PodSecurityContext.py |
| 4434 |
CKV_K8S_30 |
resource |
kubernetes_deployment |
Apply security context to your pods and containers |
Terraform |
ContainerSecurityContext.py |
| 4435 |
CKV_K8S_30 |
resource |
kubernetes_deployment_v1 |
Apply security context to your pods and containers |
Terraform |
ContainerSecurityContext.py |
| 4436 |
CKV_K8S_30 |
resource |
kubernetes_pod |
Apply security context to your pods and containers |
Terraform |
ContainerSecurityContext.py |
| 4437 |
CKV_K8S_30 |
resource |
kubernetes_pod_v1 |
Apply security context to your pods and containers |
Terraform |
ContainerSecurityContext.py |
| 4438 |
CKV_K8S_32 |
resource |
kubernetes_pod_security_policy |
Ensure default seccomp profile set to docker/default or runtime/default |
Terraform |
SeccompPSP.py |
| 4439 |
CKV_K8S_34 |
resource |
kubernetes_deployment |
Ensure that Tiller (Helm v2) is not deployed |
Terraform |
Tiller.py |
| 4440 |
CKV_K8S_34 |
resource |
kubernetes_deployment_v1 |
Ensure that Tiller (Helm v2) is not deployed |
Terraform |
Tiller.py |
| 4441 |
CKV_K8S_34 |
resource |
kubernetes_pod |
Ensure that Tiller (Helm v2) is not deployed |
Terraform |
Tiller.py |
| 4442 |
CKV_K8S_34 |
resource |
kubernetes_pod_v1 |
Ensure that Tiller (Helm v2) is not deployed |
Terraform |
Tiller.py |
| 4443 |
CKV_K8S_35 |
resource |
kubernetes_deployment |
Prefer using secrets as files over secrets as environment variables |
Terraform |
Secrets.py |
| 4444 |
CKV_K8S_35 |
resource |
kubernetes_deployment_v1 |
Prefer using secrets as files over secrets as environment variables |
Terraform |
Secrets.py |
| 4445 |
CKV_K8S_35 |
resource |
kubernetes_pod |
Prefer using secrets as files over secrets as environment variables |
Terraform |
Secrets.py |
| 4446 |
CKV_K8S_35 |
resource |
kubernetes_pod_v1 |
Prefer using secrets as files over secrets as environment variables |
Terraform |
Secrets.py |
| 4447 |
CKV_K8S_36 |
resource |
kubernetes_pod_security_policy |
Minimise the admission of containers with capabilities assigned |
Terraform |
MinimiseCapabilitiesPSP.py |
| 4448 |
CKV_K8S_37 |
resource |
kubernetes_deployment |
Minimise the admission of containers with capabilities assigned |
Terraform |
MinimiseCapabilities.py |
| 4449 |
CKV_K8S_37 |
resource |
kubernetes_deployment_v1 |
Minimise the admission of containers with capabilities assigned |
Terraform |
MinimiseCapabilities.py |
| 4450 |
CKV_K8S_37 |
resource |
kubernetes_pod |
Minimise the admission of containers with capabilities assigned |
Terraform |
MinimiseCapabilities.py |
| 4451 |
CKV_K8S_37 |
resource |
kubernetes_pod_v1 |
Minimise the admission of containers with capabilities assigned |
Terraform |
MinimiseCapabilities.py |
| 4452 |
CKV_K8S_39 |
resource |
kubernetes_deployment |
Do not use the CAP_SYS_ADMIN linux capability |
Terraform |
AllowedCapabilitiesSysAdmin.py |
| 4453 |
CKV_K8S_39 |
resource |
kubernetes_deployment_v1 |
Do not use the CAP_SYS_ADMIN linux capability |
Terraform |
AllowedCapabilitiesSysAdmin.py |
| 4454 |
CKV_K8S_39 |
resource |
kubernetes_pod |
Do not use the CAP_SYS_ADMIN linux capability |
Terraform |
AllowedCapabilitiesSysAdmin.py |
| 4455 |
CKV_K8S_39 |
resource |
kubernetes_pod_v1 |
Do not use the CAP_SYS_ADMIN linux capability |
Terraform |
AllowedCapabilitiesSysAdmin.py |
| 4456 |
CKV_K8S_41 |
resource |
kubernetes_service_account |
Ensure that default service accounts are not actively used |
Terraform |
DefaultServiceAccount.py |
| 4457 |
CKV_K8S_41 |
resource |
kubernetes_service_account_v1 |
Ensure that default service accounts are not actively used |
Terraform |
DefaultServiceAccount.py |
| 4458 |
CKV_K8S_42 |
resource |
kubernetes_cluster_role_binding |
Ensure that default service accounts are not actively used |
Terraform |
DefaultServiceAccountBinding.py |
| 4459 |
CKV_K8S_42 |
resource |
kubernetes_cluster_role_binding_v1 |
Ensure that default service accounts are not actively used |
Terraform |
DefaultServiceAccountBinding.py |
| 4460 |
CKV_K8S_42 |
resource |
kubernetes_role_binding |
Ensure that default service accounts are not actively used |
Terraform |
DefaultServiceAccountBinding.py |
| 4461 |
CKV_K8S_42 |
resource |
kubernetes_role_binding_v1 |
Ensure that default service accounts are not actively used |
Terraform |
DefaultServiceAccountBinding.py |
| 4462 |
CKV_K8S_43 |
resource |
kubernetes_deployment |
Image should use digest |
Terraform |
ImageDigest.py |
| 4463 |
CKV_K8S_43 |
resource |
kubernetes_deployment_v1 |
Image should use digest |
Terraform |
ImageDigest.py |
| 4464 |
CKV_K8S_43 |
resource |
kubernetes_pod |
Image should use digest |
Terraform |
ImageDigest.py |
| 4465 |
CKV_K8S_43 |
resource |
kubernetes_pod_v1 |
Image should use digest |
Terraform |
ImageDigest.py |
| 4466 |
CKV_K8S_44 |
resource |
kubernetes_service |
Ensure that the Tiller Service (Helm v2) is deleted |
Terraform |
TillerService.py |
| 4467 |
CKV_K8S_44 |
resource |
kubernetes_service_v1 |
Ensure that the Tiller Service (Helm v2) is deleted |
Terraform |
TillerService.py |
| 4468 |
CKV_K8S_49 |
resource |
kubernetes_cluster_role |
Minimize wildcard use in Roles and ClusterRoles |
Terraform |
WildcardRoles.py |
| 4469 |
CKV_K8S_49 |
resource |
kubernetes_cluster_role_v1 |
Minimize wildcard use in Roles and ClusterRoles |
Terraform |
WildcardRoles.py |
| 4470 |
CKV_K8S_49 |
resource |
kubernetes_role |
Minimize wildcard use in Roles and ClusterRoles |
Terraform |
WildcardRoles.py |
| 4471 |
CKV_K8S_49 |
resource |
kubernetes_role_v1 |
Minimize wildcard use in Roles and ClusterRoles |
Terraform |
WildcardRoles.py |
| 4472 |
CKV_K8S_159 |
resource |
kubernetes_deployment |
Do not admit privileged containers |
Terraform |
DangerousGitSync.py |
| 4473 |
CKV_K8S_159 |
resource |
kubernetes_deployment_v1 |
Do not admit privileged containers |
Terraform |
DangerousGitSync.py |
| 4474 |
CKV_K8S_159 |
resource |
kubernetes_pod |
Do not admit privileged containers |
Terraform |
DangerousGitSync.py |
| 4475 |
CKV_K8S_159 |
resource |
kubernetes_pod_v1 |
Do not admit privileged containers |
Terraform |
DangerousGitSync.py |
| 4476 |
CKV_LIN_1 |
provider |
linode |
Ensure no hard coded Linode tokens exist in provider |
Terraform |
credentials.py |
| 4477 |
CKV_LIN_2 |
resource |
linode_instance |
Ensure SSH key set in authorized_keys |
Terraform |
authorized_keys.py |
| 4478 |
CKV_LIN_3 |
resource |
linode_user |
Ensure email is set |
Terraform |
user_email_set.py |
| 4479 |
CKV_LIN_4 |
resource |
linode_user |
Ensure username is set |
Terraform |
user_username_set.py |
| 4480 |
CKV_LIN_5 |
resource |
linode_firewall |
Ensure Inbound Firewall Policy is not set to ACCEPT |
Terraform |
firewall_inbound_policy.py |
| 4481 |
CKV_LIN_6 |
resource |
linode_firewall |
Ensure Outbound Firewall Policy is not set to ACCEPT |
Terraform |
firewall_outbound_policy.py |
| 4482 |
CKV_NCP_1 |
resource |
ncloud_lb_target_group |
Ensure HTTP HTTPS Target group defines Healthcheck |
Terraform |
LBTargetGroupDefinesHealthCheck.py |
| 4483 |
CKV_NCP_2 |
resource |
ncloud_access_control_group |
Ensure every access control groups rule has a description |
Terraform |
AccessControlGroupRuleDescription.py |
| 4484 |
CKV_NCP_2 |
resource |
ncloud_access_control_group_rule |
Ensure every access control groups rule has a description |
Terraform |
AccessControlGroupRuleDescription.py |
| 4485 |
CKV_NCP_3 |
resource |
ncloud_access_control_group_rule |
Ensure no security group rules allow outbound traffic to 0.0.0.0/0 |
Terraform |
AccessControlGroupOutboundRule.py |
| 4486 |
CKV_NCP_4 |
resource |
ncloud_access_control_group_rule |
Ensure no access control groups allow inbound from 0.0.0.0:0 to port 22 |
Terraform |
AccessControlGroupInboundRulePort22.py |
| 4487 |
CKV_NCP_5 |
resource |
ncloud_access_control_group_rule |
Ensure no access control groups allow inbound from 0.0.0.0:0 to port 3389 |
Terraform |
AccessControlGroupInboundRulePort3389.py |
| 4488 |
CKV_NCP_6 |
resource |
ncloud_server |
Ensure Server instance is encrypted. |
Terraform |
ServerEncryptionVPC.py |
| 4489 |
CKV_NCP_7 |
resource |
ncloud_launch_configuration |
Ensure Basic Block storage is encrypted. |
Terraform |
LaunchConfigurationEncryptionVPC.py |
| 4490 |
CKV_NCP_8 |
resource |
ncloud_network_acl_rule |
Ensure no NACL allow inbound from 0.0.0.0:0 to port 20 |
Terraform |
NACLInbound20.py |
| 4491 |
CKV_NCP_9 |
resource |
ncloud_network_acl_rule |
Ensure no NACL allow inbound from 0.0.0.0:0 to port 21 |
Terraform |
NACLInbound21.py |
| 4492 |
CKV_NCP_10 |
resource |
ncloud_network_acl_rule |
Ensure no NACL allow inbound from 0.0.0.0:0 to port 22 |
Terraform |
NACLInbound22.py |
| 4493 |
CKV_NCP_11 |
resource |
ncloud_network_acl_rule |
Ensure no NACL allow inbound from 0.0.0.0:0 to port 3389 |
Terraform |
NACLInbound3389.py |
| 4494 |
CKV_NCP_12 |
resource |
ncloud_network_acl_rule |
An inbound Network ACL rule should not allow ALL ports. |
Terraform |
NACLPortCheck.py |
| 4495 |
CKV_NCP_13 |
resource |
ncloud_lb_listener |
Ensure LB Listener uses only secure protocols |
Terraform |
LBListenerUsesSecureProtocols.py |
| 4496 |
CKV_NCP_14 |
resource |
ncloud_nas_volume |
Ensure NAS is securely encrypted |
Terraform |
NASEncryptionEnabled.py |
| 4497 |
CKV_NCP_15 |
resource |
ncloud_lb_target_group |
Ensure Load Balancer Target Group is not using HTTP |
Terraform |
LBTargetGroupUsingHTTPS.py |
| 4498 |
CKV_NCP_16 |
resource |
ncloud_lb |
Ensure Load Balancer isn’t exposed to the internet |
Terraform |
LBNetworkPrivate.py |
| 4499 |
CKV_NCP_18 |
resource |
ncloud_auto_scaling_group |
Ensure that auto Scaling groups that are associated with a load balancer, are using Load Balancing health checks. |
Terraform |
AutoScalingEnabledLB.yaml |
| 4500 |
CKV_NCP_18 |
resource |
ncloud_lb_target_group |
Ensure that auto Scaling groups that are associated with a load balancer, are using Load Balancing health checks. |
Terraform |
AutoScalingEnabledLB.yaml |
| 4501 |
CKV_NCP_19 |
resource |
ncloud_nks_cluster |
Ensure Naver Kubernetes Service public endpoint disabled |
Terraform |
NKSPublicAccess.py |
| 4502 |
CKV_NCP_20 |
resource |
ncloud_route |
Ensure Routing Table associated with Web tier subnet have the default route (0.0.0.0/0) defined to allow connectivity |
Terraform |
RouteTableNATGatewayDefault.py |
| 4503 |
CKV_NCP_22 |
resource |
ncloud_nks_cluster |
Ensure NKS control plane logging enabled for all log types |
Terraform |
NKSControlPlaneLogging.py |
| 4504 |
CKV_NCP_22 |
resource |
ncloud_route_table |
Ensure a route table for the public subnets is created. |
Terraform |
RouteTablePublicSubnetConnection.yaml |
| 4505 |
CKV_NCP_22 |
resource |
ncloud_subnet |
Ensure a route table for the public subnets is created. |
Terraform |
RouteTablePublicSubnetConnection.yaml |
| 4506 |
CKV_NCP_23 |
resource |
ncloud_public_ip |
Ensure Server instance should not have public IP. |
Terraform |
ServerPublicIP.py |
| 4507 |
CKV_NCP_24 |
resource |
ncloud_lb_listener |
Ensure Load Balancer Listener Using HTTPS |
Terraform |
LBListenerUsingHTTPS.py |
| 4508 |
CKV_NCP_25 |
resource |
ncloud_access_control_group_rule |
Ensure no access control groups allow inbound from 0.0.0.0:0 to port 80 |
Terraform |
AccessControlGroupInboundRulePort80.py |
| 4509 |
CKV_NCP_26 |
resource |
ncloud_access_control_group |
Ensure Access Control Group has Access Control Group Rule attached |
Terraform |
AccessControlGroupRuleDefine.yaml |
| 4510 |
CKV_OCI_1 |
provider |
oci |
Ensure no hard coded OCI private key in provider |
Terraform |
credentials.py |
| 4511 |
CKV_OCI_2 |
resource |
oci_core_volume |
Ensure OCI Block Storage Block Volume has backup enabled |
Terraform |
StorageBlockBackupEnabled.py |
| 4512 |
CKV_OCI_3 |
resource |
oci_core_volume |
OCI Block Storage Block Volumes are not encrypted with a Customer Managed Key (CMK) |
Terraform |
StorageBlockEncryption.py |
| 4513 |
CKV_OCI_4 |
resource |
oci_core_instance |
Ensure OCI Compute Instance boot volume has in-transit data encryption enabled |
Terraform |
InstanceBootVolumeIntransitEncryption.py |
| 4514 |
CKV_OCI_5 |
resource |
oci_core_instance |
Ensure OCI Compute Instance has Legacy MetaData service endpoint disabled |
Terraform |
InstanceMetadataServiceEnabled.py |
| 4515 |
CKV_OCI_6 |
resource |
oci_core_instance |
Ensure OCI Compute Instance has monitoring enabled |
Terraform |
InstanceMonitoringEnabled.py |
| 4516 |
CKV_OCI_7 |
resource |
oci_objectstorage_bucket |
Ensure OCI Object Storage bucket can emit object events |
Terraform |
ObjectStorageEmitEvents.py |
| 4517 |
CKV_OCI_8 |
resource |
oci_objectstorage_bucket |
Ensure OCI Object Storage has versioning enabled |
Terraform |
ObjectStorageVersioning.py |
| 4518 |
CKV_OCI_9 |
resource |
oci_objectstorage_bucket |
Ensure OCI Object Storage is encrypted with Customer Managed Key |
Terraform |
ObjectStorageEncryption.py |
| 4519 |
CKV_OCI_10 |
resource |
oci_objectstorage_bucket |
Ensure OCI Object Storage is not Public |
Terraform |
ObjectStoragePublic.py |
| 4520 |
CKV_OCI_11 |
resource |
oci_identity_authentication_policy |
OCI IAM password policy - must contain lower case |
Terraform |
IAMPasswordPolicyLowerCase.py |
| 4521 |
CKV_OCI_12 |
resource |
oci_identity_authentication_policy |
OCI IAM password policy - must contain Numeric characters |
Terraform |
IAMPasswordPolicyNumeric.py |
| 4522 |
CKV_OCI_13 |
resource |
oci_identity_authentication_policy |
OCI IAM password policy - must contain Special characters |
Terraform |
IAMPasswordPolicySpecialCharacters.py |
| 4523 |
CKV_OCI_14 |
resource |
oci_identity_authentication_policy |
OCI IAM password policy - must contain Uppercase characters |
Terraform |
IAMPasswordPolicyUpperCase.py |
| 4524 |
CKV_OCI_15 |
resource |
oci_file_storage_file_system |
Ensure OCI File System is Encrypted with a customer Managed Key |
Terraform |
FileSystemEncryption.py |
| 4525 |
CKV_OCI_16 |
resource |
oci_core_security_list |
Ensure VCN has an inbound security list |
Terraform |
SecurityListIngress.py |
| 4526 |
CKV_OCI_17 |
resource |
oci_core_security_list |
Ensure VCN inbound security lists are stateless |
Terraform |
SecurityListIngressStateless.py |
| 4527 |
CKV_OCI_18 |
resource |
oci_identity_authentication_policy |
OCI IAM password policy for local (non-federated) users has a minimum length of 14 characters |
Terraform |
IAMPasswordLength.py |
| 4528 |
CKV_OCI_19 |
resource |
oci_core_security_list |
Ensure no security list allow ingress from 0.0.0.0:0 to port 22. |
Terraform |
SecurityListUnrestrictedIngress22.py |
| 4529 |
CKV_OCI_20 |
resource |
oci_core_security_list |
Ensure no security list allow ingress from 0.0.0.0:0 to port 3389. |
Terraform |
SecurityListUnrestrictedIngress3389.py |
| 4530 |
CKV_OCI_21 |
resource |
oci_core_network_security_group_security_rule |
Ensure security group has stateless ingress security rules |
Terraform |
SecurityGroupsIngressStatelessSecurityRules.py |
| 4531 |
CKV_OCI_22 |
resource |
oci_core_network_security_group_security_rule |
Ensure no security groups rules allow ingress from 0.0.0.0/0 to port 22 |
Terraform |
AbsSecurityGroupUnrestrictedIngress.py |
| 4532 |
CKV_OCI_23 |
resource |
oci_datacatalog_catalog |
Ensure OCI Data Catalog is configured without overly permissive network access |
Terraform |
DataCatalogWithPublicAccess.py |
| 4533 |
CKV2_OCI_1 |
resource |
oci_identity_group |
Ensure administrator users are not associated with API keys |
Terraform |
AdministratorUserNotAssociatedWithAPIKey.yaml |
| 4534 |
CKV2_OCI_1 |
resource |
oci_identity_user |
Ensure administrator users are not associated with API keys |
Terraform |
AdministratorUserNotAssociatedWithAPIKey.yaml |
| 4535 |
CKV2_OCI_1 |
resource |
oci_identity_user_group_membership |
Ensure administrator users are not associated with API keys |
Terraform |
AdministratorUserNotAssociatedWithAPIKey.yaml |
| 4536 |
CKV2_OCI_2 |
resource |
oci_core_network_security_group_security_rule |
Ensure NSG does not allow all traffic on RDP port (3389) |
Terraform |
OCI_NSGNotAllowRDP.yaml |
| 4537 |
CKV2_OCI_3 |
resource |
oci_containerengine_cluster |
Ensure Kubernetes engine cluster is configured with NSG(s) |
Terraform |
OCI_KubernetesEngineClusterEndpointConfigWithNSG.yaml |
| 4538 |
CKV2_OCI_4 |
resource |
oci_file_storage_export |
Ensure File Storage File System access is restricted to root users |
Terraform |
OCI_NFSaccessRestrictedToRootUsers.yaml |
| 4539 |
CKV2_OCI_5 |
resource |
oci_containerengine_node_pool |
Ensure Kubernetes Engine Cluster boot volume is configured with in-transit data encryption |
Terraform |
OCI_K8EngineClusterBootVolConfigInTransitEncryption.yaml |
| 4540 |
CKV2_OCI_6 |
resource |
oci_containerengine_cluster |
Ensure Kubernetes Engine Cluster pod security policy is enforced |
Terraform |
OCI_K8EngineClusterPodSecPolicyEnforced.yaml |
| 4541 |
CKV_OPENSTACK_1 |
provider |
openstack |
Ensure no hard coded OpenStack password, token, or application_credential_secret exists in provider |
Terraform |
credentials.py |
| 4542 |
CKV_OPENSTACK_2 |
resource |
openstack_compute_secgroup_v2 |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 22 (tcp / udp) |
Terraform |
SecurityGroupUnrestrictedIngress22.py |
| 4543 |
CKV_OPENSTACK_2 |
resource |
openstack_networking_secgroup_rule_v2 |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 22 (tcp / udp) |
Terraform |
SecurityGroupUnrestrictedIngress22.py |
| 4544 |
CKV_OPENSTACK_3 |
resource |
openstack_compute_secgroup_v2 |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 3389 (tcp / udp) |
Terraform |
SecurityGroupUnrestrictedIngress3389.py |
| 4545 |
CKV_OPENSTACK_3 |
resource |
openstack_networking_secgroup_rule_v2 |
Ensure no security groups allow ingress from 0.0.0.0:0 to port 3389 (tcp / udp) |
Terraform |
SecurityGroupUnrestrictedIngress3389.py |
| 4546 |
CKV_OPENSTACK_4 |
resource |
openstack_compute_instance_v2 |
Ensure that instance does not use basic credentials |
Terraform |
ComputeInstanceAdminPassword.py |
| 4547 |
CKV_OPENSTACK_5 |
resource |
openstack_fw_rule_v1 |
Ensure firewall rule set a destination IP |
Terraform |
FirewallRuleSetDestinationIP.py |
| 4548 |
CKV_PAN_1 |
provider |
panos |
Ensure no hard coded PAN-OS credentials exist in provider |
Terraform |
credentials.py |
| 4549 |
CKV_PAN_2 |
resource |
panos_management_profile |
Ensure plain-text management HTTP is not enabled for an Interface Management Profile |
Terraform |
InterfaceMgmtProfileNoHTTP.py |
| 4550 |
CKV_PAN_3 |
resource |
panos_management_profile |
Ensure plain-text management Telnet is not enabled for an Interface Management Profile |
Terraform |
InterfaceMgmtProfileNoTelnet.py |
| 4551 |
CKV_PAN_4 |
resource |
panos_security_policy |
Ensure DSRI is not enabled within security policies |
Terraform |
PolicyNoDSRI.py |
| 4552 |
CKV_PAN_4 |
resource |
panos_security_rule_group |
Ensure DSRI is not enabled within security policies |
Terraform |
PolicyNoDSRI.py |
| 4553 |
CKV_PAN_5 |
resource |
panos_security_policy |
Ensure security rules do not have ‘applications’ set to ‘any’ |
Terraform |
PolicyNoApplicationAny.py |
| 4554 |
CKV_PAN_5 |
resource |
panos_security_rule_group |
Ensure security rules do not have ‘applications’ set to ‘any’ |
Terraform |
PolicyNoApplicationAny.py |
| 4555 |
CKV_PAN_6 |
resource |
panos_security_policy |
Ensure security rules do not have ‘services’ set to ‘any’ |
Terraform |
PolicyNoServiceAny.py |
| 4556 |
CKV_PAN_6 |
resource |
panos_security_rule_group |
Ensure security rules do not have ‘services’ set to ‘any’ |
Terraform |
PolicyNoServiceAny.py |
| 4557 |
CKV_PAN_7 |
resource |
panos_security_policy |
Ensure security rules do not have ‘source_addresses’ and ‘destination_addresses’ both containing values of ‘any’ |
Terraform |
PolicyNoSrcAnyDstAny.py |
| 4558 |
CKV_PAN_7 |
resource |
panos_security_rule_group |
Ensure security rules do not have ‘source_addresses’ and ‘destination_addresses’ both containing values of ‘any’ |
Terraform |
PolicyNoSrcAnyDstAny.py |
| 4559 |
CKV_PAN_8 |
resource |
panos_security_policy |
Ensure description is populated within security policies |
Terraform |
PolicyDescription.py |
| 4560 |
CKV_PAN_8 |
resource |
panos_security_rule_group |
Ensure description is populated within security policies |
Terraform |
PolicyDescription.py |
| 4561 |
CKV_PAN_9 |
resource |
panos_security_policy |
Ensure a Log Forwarding Profile is selected for each security policy rule |
Terraform |
PolicyLogForwarding.py |
| 4562 |
CKV_PAN_9 |
resource |
panos_security_rule_group |
Ensure a Log Forwarding Profile is selected for each security policy rule |
Terraform |
PolicyLogForwarding.py |
| 4563 |
CKV_PAN_10 |
resource |
panos_security_policy |
Ensure logging at session end is enabled within security policies |
Terraform |
PolicyLoggingEnabled.py |
| 4564 |
CKV_PAN_10 |
resource |
panos_security_rule_group |
Ensure logging at session end is enabled within security policies |
Terraform |
PolicyLoggingEnabled.py |
| 4565 |
CKV_PAN_11 |
resource |
panos_ipsec_crypto_profile |
Ensure IPsec profiles do not specify use of insecure encryption algorithms |
Terraform |
NetworkIPsecAlgorithms.py |
| 4566 |
CKV_PAN_11 |
resource |
panos_panorama_ipsec_crypto_profile |
Ensure IPsec profiles do not specify use of insecure encryption algorithms |
Terraform |
NetworkIPsecAlgorithms.py |
| 4567 |
CKV_PAN_12 |
resource |
panos_ipsec_crypto_profile |
Ensure IPsec profiles do not specify use of insecure authentication algorithms |
Terraform |
NetworkIPsecAuthAlgorithms.py |
| 4568 |
CKV_PAN_12 |
resource |
panos_panorama_ipsec_crypto_profile |
Ensure IPsec profiles do not specify use of insecure authentication algorithms |
Terraform |
NetworkIPsecAuthAlgorithms.py |
| 4569 |
CKV_PAN_13 |
resource |
panos_ipsec_crypto_profile |
Ensure IPsec profiles do not specify use of insecure protocols |
Terraform |
NetworkIPsecProtocols.py |
| 4570 |
CKV_PAN_13 |
resource |
panos_panorama_ipsec_crypto_profile |
Ensure IPsec profiles do not specify use of insecure protocols |
Terraform |
NetworkIPsecProtocols.py |
| 4571 |
CKV_PAN_14 |
resource |
panos_panorama_zone |
Ensure a Zone Protection Profile is defined within Security Zones |
Terraform |
ZoneProtectionProfile.py |
| 4572 |
CKV_PAN_14 |
resource |
panos_zone |
Ensure a Zone Protection Profile is defined within Security Zones |
Terraform |
ZoneProtectionProfile.py |
| 4573 |
CKV_PAN_14 |
resource |
panos_zone_entry |
Ensure a Zone Protection Profile is defined within Security Zones |
Terraform |
ZoneProtectionProfile.py |
| 4574 |
CKV_PAN_15 |
resource |
panos_panorama_zone |
Ensure an Include ACL is defined for a Zone when User-ID is enabled |
Terraform |
ZoneUserIDIncludeACL.py |
| 4575 |
CKV_PAN_15 |
resource |
panos_zone |
Ensure an Include ACL is defined for a Zone when User-ID is enabled |
Terraform |
ZoneUserIDIncludeACL.py |
| 4576 |
CKV_TC_1 |
resource |
tencentcloud_cbs_storage |
Ensure Tencent Cloud CBS is encrypted |
Terraform |
CBSEncryption.py |
| 4577 |
CKV_TC_2 |
resource |
tencentcloud_instance |
Ensure Tencent Cloud CVM instance does not allocate a public IP |
Terraform |
CVMAllocatePublicIp.py |
| 4578 |
CKV_TC_3 |
resource |
tencentcloud_instance |
Ensure Tencent Cloud CVM monitor service is enabled |
Terraform |
CVMDisableMonitorService.py |
| 4579 |
CKV_TC_4 |
resource |
tencentcloud_instance |
Ensure Tencent Cloud CVM instances do not use the default security group |
Terraform |
CVMUseDefaultSecurityGroup.py |
| 4580 |
CKV_TC_5 |
resource |
tencentcloud_instance |
Ensure Tencent Cloud CVM instances do not use the default VPC |
Terraform |
CVMUseDefaultVPC.py |
| 4581 |
CKV_TC_6 |
resource |
tencentcloud_kubernetes_cluster |
Ensure Tencent Cloud TKE clusters enable log agent |
Terraform |
TKELogAgentEnabled.py |
| 4582 |
CKV_TC_7 |
resource |
tencentcloud_kubernetes_cluster |
Ensure Tencent Cloud TKE cluster is not assigned a public IP address |
Terraform |
TKEPublicIpAssigned.py |
| 4583 |
CKV_TC_8 |
resource |
tencentcloud_security_group_rule_set |
Ensure Tencent Cloud VPC security group rules do not accept all traffic |
Terraform |
VPCSecurityGroupRuleSet.py |
| 4584 |
CKV_TC_9 |
resource |
tencentcloud_mysql_instance |
Ensure Tencent Cloud mysql instances do not enable access from public networks |
Terraform |
CDBInternetService.py |
| 4585 |
CKV_TC_10 |
resource |
tencentcloud_mysql_instance |
Ensure Tencent Cloud MySQL instances intranet ports are not set to the default 3306 |
Terraform |
CDBIntranetPort.py |
| 4586 |
CKV_TC_11 |
resource |
tencentcloud_clb_instance |
Ensure Tencent Cloud CLB has a logging ID and topic |
Terraform |
CLBInstanceLog.py |
| 4587 |
CKV_TC_12 |
resource |
tencentcloud_clb_listener |
Ensure Tencent Cloud CLBs use modern, encrypted protocols |
Terraform |
CLBListenerProtocol.py |
| 4588 |
CKV_TC_13 |
resource |
tencentcloud_instance |
Ensure Tencent Cloud CVM user data does not contain sensitive information |
Terraform |
CVMUserData.py |
| 4589 |
CKV_TC_14 |
resource |
tencentcloud_vpc_flow_log_config |
Ensure Tencent Cloud VPC flow logs are enabled |
Terraform |
VPCFlowLogConfigEnable.py |
| 4590 |
CKV_TF_1 |
module |
module |
Ensure Terraform module sources use a commit hash |
Terraform |
RevisionHash.py |
| 4591 |
CKV_TF_2 |
module |
module |
Ensure Terraform module sources use a tag with a version number |
Terraform |
RevisionVersionTag.py |
| 4592 |
CKV_YC_1 |
resource |
yandex_mdb_clickhouse_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4593 |
CKV_YC_1 |
resource |
yandex_mdb_elasticsearch_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4594 |
CKV_YC_1 |
resource |
yandex_mdb_greenplum_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4595 |
CKV_YC_1 |
resource |
yandex_mdb_kafka_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4596 |
CKV_YC_1 |
resource |
yandex_mdb_mongodb_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4597 |
CKV_YC_1 |
resource |
yandex_mdb_mysql_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4598 |
CKV_YC_1 |
resource |
yandex_mdb_postgresql_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4599 |
CKV_YC_1 |
resource |
yandex_mdb_redis_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4600 |
CKV_YC_1 |
resource |
yandex_mdb_sqlserver_cluster |
Ensure security group is assigned to database cluster. |
Terraform |
MDBSecurityGroup.py |
| 4601 |
CKV_YC_2 |
resource |
yandex_compute_instance |
Ensure compute instance does not have public IP. |
Terraform |
ComputeVMPublicIP.py |
| 4602 |
CKV_YC_3 |
resource |
yandex_storage_bucket |
Ensure storage bucket is encrypted. |
Terraform |
ObjectStorageBucketEncryption.py |
| 4603 |
CKV_YC_4 |
resource |
yandex_compute_instance |
Ensure compute instance does not have serial console enabled. |
Terraform |
ComputeVMSerialConsole.py |
| 4604 |
CKV_YC_5 |
resource |
yandex_kubernetes_cluster |
Ensure Kubernetes cluster does not have public IP address. |
Terraform |
K8SPublicIP.py |
| 4605 |
CKV_YC_6 |
resource |
yandex_kubernetes_node_group |
Ensure Kubernetes cluster node group does not have public IP addresses. |
Terraform |
K8SNodeGroupPublicIP.py |
| 4606 |
CKV_YC_7 |
resource |
yandex_kubernetes_cluster |
Ensure Kubernetes cluster auto-upgrade is enabled. |
Terraform |
K8SAutoUpgrade.py |
| 4607 |
CKV_YC_8 |
resource |
yandex_kubernetes_node_group |
Ensure Kubernetes node group auto-upgrade is enabled. |
Terraform |
K8SNodeGroupAutoUpgrade.py |
| 4608 |
CKV_YC_9 |
resource |
yandex_kms_symmetric_key |
Ensure KMS symmetric key is rotated. |
Terraform |
KMSSymmetricKeyRotation.py |
| 4609 |
CKV_YC_10 |
resource |
yandex_kubernetes_cluster |
Ensure etcd database is encrypted with KMS key. |
Terraform |
K8SEtcdKMSEncryption.py |
| 4610 |
CKV_YC_11 |
resource |
yandex_compute_instance |
Ensure security group is assigned to network interface. |
Terraform |
ComputeVMSecurityGroup.py |
| 4611 |
CKV_YC_12 |
resource |
yandex_mdb_clickhouse_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4612 |
CKV_YC_12 |
resource |
yandex_mdb_elasticsearch_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4613 |
CKV_YC_12 |
resource |
yandex_mdb_greenplum_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4614 |
CKV_YC_12 |
resource |
yandex_mdb_kafka_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4615 |
CKV_YC_12 |
resource |
yandex_mdb_mongodb_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4616 |
CKV_YC_12 |
resource |
yandex_mdb_mysql_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4617 |
CKV_YC_12 |
resource |
yandex_mdb_postgresql_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4618 |
CKV_YC_12 |
resource |
yandex_mdb_sqlserver_cluster |
Ensure public IP is not assigned to database cluster. |
Terraform |
MDBPublicIP.py |
| 4619 |
CKV_YC_13 |
resource |
yandex_resourcemanager_cloud_iam_binding |
Ensure cloud member does not have elevated access. |
Terraform |
IAMCloudElevatedMembers.py |
| 4620 |
CKV_YC_13 |
resource |
yandex_resourcemanager_cloud_iam_member |
Ensure cloud member does not have elevated access. |
Terraform |
IAMCloudElevatedMembers.py |
| 4621 |
CKV_YC_14 |
resource |
yandex_kubernetes_cluster |
Ensure security group is assigned to Kubernetes cluster. |
Terraform |
K8SSecurityGroup.py |
| 4622 |
CKV_YC_15 |
resource |
yandex_kubernetes_node_group |
Ensure security group is assigned to Kubernetes node group. |
Terraform |
K8SNodeGroupSecurityGroup.py |
| 4623 |
CKV_YC_16 |
resource |
yandex_kubernetes_cluster |
Ensure network policy is assigned to Kubernetes cluster. |
Terraform |
K8SNetworkPolicy.py |
| 4624 |
CKV_YC_17 |
resource |
yandex_storage_bucket |
Ensure storage bucket does not have public access permissions. |
Terraform |
ObjectStorageBucketPublicAccess.py |
| 4625 |
CKV_YC_18 |
resource |
yandex_compute_instance_group |
Ensure compute instance group does not have public IP. |
Terraform |
ComputeInstanceGroupPublicIP.py |
| 4626 |
CKV_YC_19 |
resource |
yandex_vpc_security_group |
Ensure security group does not contain allow-all rules. |
Terraform |
VPCSecurityGroupAllowAll.py |
| 4627 |
CKV_YC_20 |
resource |
yandex_vpc_security_group_rule |
Ensure security group rule is not allow-all. |
Terraform |
VPCSecurityGroupRuleAllowAll.py |
| 4628 |
CKV_YC_21 |
resource |
yandex_organizationmanager_organization_iam_binding |
Ensure organization member does not have elevated access. |
Terraform |
IAMOrganizationElevatedMembers.py |
| 4629 |
CKV_YC_21 |
resource |
yandex_organizationmanager_organization_iam_member |
Ensure organization member does not have elevated access. |
Terraform |
IAMOrganizationElevatedMembers.py |
| 4630 |
CKV_YC_22 |
resource |
yandex_compute_instance_group |
Ensure compute instance group has security group assigned. |
Terraform |
ComputeInstanceGroupSecurityGroup.py |
| 4631 |
CKV_YC_23 |
resource |
yandex_resourcemanager_folder_iam_binding |
Ensure folder member does not have elevated access. |
Terraform |
IAMFolderElevatedMembers.py |
| 4632 |
CKV_YC_23 |
resource |
yandex_resourcemanager_folder_iam_member |
Ensure folder member does not have elevated access. |
Terraform |
IAMFolderElevatedMembers.py |
| 4633 |
CKV_YC_24 |
resource |
yandex_organizationmanager_organization_iam_binding |
Ensure passport account is not used for assignment. Use service accounts and federated accounts where possible. |
Terraform |
IAMPassportAccountUsage.py |
| 4634 |
CKV_YC_24 |
resource |
yandex_organizationmanager_organization_iam_member |
Ensure passport account is not used for assignment. Use service accounts and federated accounts where possible. |
Terraform |
IAMPassportAccountUsage.py |
| 4635 |
CKV_YC_24 |
resource |
yandex_resourcemanager_cloud_iam_binding |
Ensure passport account is not used for assignment. Use service accounts and federated accounts where possible. |
Terraform |
IAMPassportAccountUsage.py |
| 4636 |
CKV_YC_24 |
resource |
yandex_resourcemanager_cloud_iam_member |
Ensure passport account is not used for assignment. Use service accounts and federated accounts where possible. |
Terraform |
IAMPassportAccountUsage.py |
| 4637 |
CKV_YC_24 |
resource |
yandex_resourcemanager_folder_iam_binding |
Ensure passport account is not used for assignment. Use service accounts and federated accounts where possible. |
Terraform |
IAMPassportAccountUsage.py |
| 4638 |
CKV_YC_24 |
resource |
yandex_resourcemanager_folder_iam_member |
Ensure passport account is not used for assignment. Use service accounts and federated accounts where possible. |
Terraform |
IAMPassportAccountUsage.py |