facebook pixelCodiga Analysis Terraform Rules, severity error , category best practice
BACK TO LIST

Terraform rules

Codiga Static Analysis engine checks all terraform code and surface security and safety issues as well as enforcement of best practices. No matter what cloud you use (AWS, GCP, Azure), Codiga got you covered and flags potential problems at every push and pull request.

CKV_AWS_174

Best practice
Error

Verify CloudFront Distribution Viewer Certificate is using TLS v1.2

Learn more

CKV_AWS_186

Best practice
Error

Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)

CKV_AWS_191

Best practice
Error

Ensure Elasticache replication group is encrypted by KMS using a customer managed Key (CMK)

CKV2_AWS_32

Best practice
Error

Ensure CloudFront distribution has a strict security headers policy attached

CKV_AZURE_98

Best practice
Error

Ensure that Azure Container group is deployed into virtual network.

CKV_AWS_249

Best practice
Error

Ensure that the Execution Role ARN and the Task Role ARN are different in ECS Task definitions

CKV_AWS_120

Best practice
Error

Ensure API Gateway caching is enabled

CKV_AWS_80

Best practice
Error

Ensure MSK Cluster logging is enabled

CKV2_AWS_29

Best practice
Error

Ensure public API gateway are protected by AWS Web Application Firewall v2

CKV_AWS_226

Best practice
Error

Ensure DB instance gets all minor upgrades automatically

CKV2_AWS_35

Best practice
Error

AWS NAT Gateways should be utilized for the default route

CKV_AZURE_24

Best practice
Error

Ensure that 'Auditing' Retention is 'greater than 90 days' for SQL servers