facebook pixelTerraform Static Analysis Rules
BACK TO LIST

Terraform rules

Codiga Static Analysis engine checks all terraform code and surface security and safety issues as well as enforcement of best practices. No matter what cloud you use (AWS, GCP, Azure), Codiga got you covered and flags potential problems at every push and pull request.

      CKV_AWS_174

      Best practice
      High

      Verify CloudFront Distribution Viewer Certificate is using TLS v1.2

      Learn more

      CKV_AWS_186

      Best practice
      High

      Ensure S3 bucket Object is encrypted by KMS using a customer managed Key (CMK)

      CKV_AWS_191

      Best practice
      High

      Ensure Elasticache replication group is encrypted by KMS using a customer managed Key (CMK)

      CKV2_AWS_32

      Best practice
      High

      Ensure CloudFront distribution has a strict security headers policy attached

      CKV_AZURE_98

      Best practice
      High

      Ensure that Azure Container group is deployed into virtual network.

      CKV_AWS_249

      Best practice
      High

      Ensure that the Execution Role ARN and the Task Role ARN are different in ECS Task definitions

      CKV_AWS_120

      Best practice
      High

      Ensure API Gateway caching is enabled

      CKV_AWS_80

      Best practice
      High

      Ensure MSK Cluster logging is enabled

      CKV2_AWS_29

      Best practice
      High

      Ensure public API gateway are protected by AWS Web Application Firewall v2

      CKV_AWS_226

      Best practice
      High

      Ensure DB instance gets all minor upgrades automatically

      CKV2_AWS_35

      Best practice
      High

      AWS NAT Gateways should be utilized for the default route