Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BATIAI-1750 - Update TF provider version #10

Merged
merged 4 commits into from
Jul 25, 2023
Merged

BATIAI-1750 - Update TF provider version #10

merged 4 commits into from
Jul 25, 2023

Conversation

CollectiveUnicorn
Copy link
Contributor

@CollectiveUnicorn CollectiveUnicorn commented Jul 20, 2023
edited
Loading

Fixes Issue: BATIAI-1750

Description:

Updates the fargate version to 10.0.0 which uses a AWS provider version greater than 5.0

Security Impact Analysis Questionnaire

Submitter Checklist

  • Is there an impact on Auditing and Logging procedures or capabilities?
  • Is there an impact on Authentication procedures or capabilities?
  • Is there an impact on Authorization procedures or capabilities?
  • Is there an impact on Communication Security procedures or capabilities?
  • Is there an impact on Cryptography procedures or capabilities?
  • Is there an impact on Sensitive Data procedures or capabilities?
  • Is there an impact on any other security-related procedures or capabilities?
  • No security impacts identified.

Security Risks Identified - For any applicable items on the "Submitter Checklist," describe the impact of the change and any implemented mitigations.

@robo-gotham
Copy link

robo-gotham commented Jul 20, 2023
edited
Loading

Snyk Scanning for Commit: 36e2f6b

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues

Low Severity Issues: 1

[Low] AWS Security Group allows open egress
Info: The inline security group rule allows open egress. Open egress can be
used to exfiltrate data to unauthorized destinations, and enable
access to potentially malicious resources
Rule: https://security.snyk.io/rules/cloud/SNYK-CC-TF-73
Path: resource > aws_security_group[alb_sg] > egress
File: main.tf
Resolve: Set egress.cidr_blocks attribute to specific ranges e.g.
192.168.1.0/24

Test Summary

Organization: batcave-ispg
Project name: CMS-Enterprise/batcave-tf-gatus

✔ Files without issues: 2
✗ Files with issues: 1
Ignored issues: 0
Total issues: 1 [ 0 critical, 0 high, 0 medium, 1 low ]

Report Complete

Your test results are available at: https://snyk.io/org/batcave-ispg/projects
under the name: CMS-Enterprise/batcave-tf-gatus

@CollectiveUnicorn CollectiveUnicorn requested a review from a team July 24, 2023 22:11
@CollectiveUnicorn CollectiveUnicorn merged commit cb0375e into main Jul 25, 2023
@CollectiveUnicorn CollectiveUnicorn deleted the BATIAI-1750-update-tf-providers-to-5-0 branch July 25, 2023 16:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justin-lf justin-lf justin-lf approved these changes

@j-mowery j-mowery j-mowery approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@CollectiveUnicorn @robo-gotham @justin-lf @j-mowery