facebook pixelTerraform Static Analysis Rules
BACK TO LIST

Terraform rules

Codiga Static Analysis engine checks all terraform code and surface security and safety issues as well as enforcement of best practices. No matter what cloud you use (AWS, GCP, Azure), Codiga got you covered and flags potential problems at every push and pull request.

      CKV_AWS_78

      Security
      High

      Ensure that CodeBuild Project encryption is not disabled

      Learn more

      CKV_AWS_189

      Security
      High

      Ensure EBS Volume is encrypted by KMS using a customer managed Key (CMK)

      CKV_AWS_195

      Security
      High

      Ensure Glue component has a security configuration associated

      CKV2_AWS_33

      Security
      High

      Ensure AppSync is protected by WAF

      CKV_AZURE_118

      Security
      High

      Ensure that Network Interfaces disable IP forwarding

      CKV_GIT_3

      Security
      High

      Ensure GitHub repository has vulnerability alerts enabled

      CKV_AZURE_49

      Security
      High

      Ensure Azure linux scale set does not use basic authentication(Use SSH Key Instead)

      CKV_AZURE_5

      Security
      High

      Ensure RBAC is enabled on AKS clusters

      CKV_AZURE_130

      Security
      High

      Ensure that PostgreSQL server enables infrastructure encryption

      CKV_AZURE_29

      Security
      High

      Ensure 'Enforce SSL connection' is set to 'ENABLED' for PostgreSQL Database Server

      CKV_AZURE_36

      Security
      High

      Ensure 'Trusted Microsoft Services' is enabled for Storage Account access

      CKV_AZURE_40

      Security
      High

      Ensure that the expiration date is set on all keys

      CKV_AZURE_68

      Security
      High

      Ensure that PostgreSQL server disables public network access

      CKV_AZURE_97

      Security
      High

      Ensure that Virtual machine scale sets have encryption at host enabled

      CKV_AWS_184

      Security
      High

      Ensure resource is encrypted by KMS using a customer managed Key

      CKV_AWS_42

      Security
      High

      Ensure EFS is securely encrypted

      CKV_AWS_133

      Security
      High

      Ensure RDS instances have backup policy