facebook pixelCodiga Analysis Terraform Rules, severity error , category security
BACK TO LIST

Terraform rules

Codiga Static Analysis engine checks all terraform code and surface security and safety issues as well as enforcement of best practices. No matter what cloud you use (AWS, GCP, Azure), Codiga got you covered and flags potential problems at every push and pull request.

CKV_AWS_78

Security
Error

Ensure that CodeBuild Project encryption is not disabled

Learn more

CKV_AWS_189

Security
Error

Ensure EBS Volume is encrypted by KMS using a customer managed Key (CMK)

CKV_AWS_195

Security
Error

Ensure Glue component has a security configuration associated

CKV2_AWS_33

Security
Error

Ensure AppSync is protected by WAF

CKV_AZURE_118

Security
Error

Ensure that Network Interfaces disable IP forwarding

CKV_GIT_3

Security
Error

Ensure GitHub repository has vulnerability alerts enabled

CKV_AZURE_49

Security
Error

Ensure Azure linux scale set does not use basic authentication(Use SSH Key Instead)

CKV_AZURE_5

Security
Error

Ensure RBAC is enabled on AKS clusters

CKV_AZURE_130

Security
Error

Ensure that PostgreSQL server enables infrastructure encryption

CKV_AZURE_29

Security
Error

Ensure 'Enforce SSL connection' is set to 'ENABLED' for PostgreSQL Database Server

CKV_AZURE_36

Security
Error

Ensure 'Trusted Microsoft Services' is enabled for Storage Account access

CKV_AZURE_40

Security
Error

Ensure that the expiration date is set on all keys

CKV_AZURE_68

Security
Error

Ensure that PostgreSQL server disables public network access

CKV_AZURE_97

Security
Error

Ensure that Virtual machine scale sets have encryption at host enabled

CKV_AWS_184

Security
Error

Ensure resource is encrypted by KMS using a customer managed Key

CKV_AWS_42

Security
Error

Ensure EFS is securely encrypted

CKV_AWS_133

Security
Error

Ensure RDS instances have backup policy

CKV_AWS_247

Security
Error

Ensure all data stored in the Elasticsearch is encrypted with a CMK

CKV_AZURE_34

Security
Error

Ensure that 'Public access level' is set to Private for blob containers

CKV_AZURE_41

Security
Error

Ensure secrets have an expiration date set

CKV_AWS_260

Security
Error

Ensure no security groups allow ingress from 0.0.0.0:0 to port 80

CKV_AWS_106

Security
Error

Ensure EBS default encryption is enabled

CKV_AWS_128

Security
Error

Ensure Amazon RDS clusters and instances have AWS IAM authentication enabled

CKV_AZURE_104

Security
Error

Ensure Azure Data factory public network access is disabled

CKV_AZURE_13

Security
Error

Ensure App Service Authentication is set on Azure App Service

CKV_AZURE_3

Security
Error

Ensure that 'Secure transfer required' is set to 'Enabled'

CKV_AZURE_33

Security
Error

Ensure Storage logging is enabled for Queue service for read, write and delete requests

CKV_AZURE_56

Security
Error

Ensure that function apps enables Authentication

CKV_AZURE_60

Security
Error

Ensure secure transfer required is enabled

CKV_AZURE_78

Security
Error

Ensure FTP deployments are disabled

CKV2_AZURE_1

Security
Error

Ensure storage for critical data are encrypted with Customer Managed Key