facebook pixelTerraform Static Analysis Rules
BACK TO LIST

Terraform rules

Codiga Static Analysis engine checks all terraform code and surface security and safety issues as well as enforcement of best practices. No matter what cloud you use (AWS, GCP, Azure), Codiga got you covered and flags potential problems at every push and pull request.

      CKV_AZURE_114

      Best practice
      Medium

      Ensure key vault secrets have content_type set

      Learn more

      CKV_AWS_237

      Best practice
      Medium

      Ensure Create before destroy for API GATEWAY

      CKV_AWS_217

      Best practice
      Medium

      Ensure Create before destroy for API deployments

      CKV2_AZURE_22

      Best practice
      Medium

      Ensure that Cognitive Services enables customer-managed key for encryption

      CKV_AWS_219

      Best practice
      Medium

      Ensure Code Pipeline Artifact store is using a KMS CMK

      CKV_AWS_35

      Best practice
      Medium

      Ensure CloudTrail logs are encrypted at rest using KMS CMKs

      CKV_AWS_36

      Best practice
      Medium

      Ensure AWS CloudTrail log validation is enabled in all regions.

      CKV_AWS_252

      Best practice
      Medium

      Ensure CloudTrail defines an SNS Topic.

      CKV_AWS_67

      Best practice
      Medium

      Ensure CloudTrail is enabled in all Regions

      CKV2_AWS_10

      Best practice
      Medium

      Ensure CloudTrail trails are integrated with CloudWatch Logs

      CKV_AWS_73

      Best practice
      Medium

      Ensure API Gateway has X-Ray tracing enabled

      CKV_K8S_21

      Best practice
      Medium

      The default namespace should not be used.

      CKV2_AWS_4

      Best practice
      Medium

      Ensure API Gateway stage have logging level defined as appropriate