Gomboc Fix for #24 - tf-test #25
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![gomboc-community-dev[bot]](https://avatars.githubusercontent.com/u/143810953?s=60&v=4){kind=small}
| @@ -6,14 +6,27 @@ data "aws_region" "current" {} | |||
|
|
|||
| resource "aws_dynamodb_table" "test_table_a" { | |||
|
|
|||
| deletion_protection_enabled = true | |||
There was a problem hiding this comment.
l.9Recommended applying Deletion Protection:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
- CIS Critical Security Controls v8.1
Leave feedback
Please post on our discussions channel. You can provide the following reference: d464e376604756a617e8baccc5cc483f0de93c9d80f2d39c7ee5e0a0d2572966
| @@ -6,14 +6,27 @@ data "aws_region" "current" {} | |||
|
|
|||
| resource "aws_dynamodb_table" "test_table_a" { | |||
|
|
|||
| deletion_protection_enabled = true | |||
| billing_mode = "PAY_PER_REQUEST" | |||
There was a problem hiding this comment.
l.10Recommended applying On-Demand Capacity:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
Leave feedback
Please post on our discussions channel. You can provide the following reference: 2611ff7b5b3eae44bcc9796c834cd2d2c7935c9e97dd43e531cea620e981feb1
| @@ -6,14 +6,27 @@ data "aws_region" "current" {} | |||
|
|
|||
| resource "aws_dynamodb_table" "test_table_a" { | |||
|
|
|||
| deletion_protection_enabled = true | |||
| billing_mode = "PAY_PER_REQUEST" | |||
| tags = "null" | |||
There was a problem hiding this comment.
l.11Recommended applying Resource Tags:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
- CIS Critical Security Controls v8.1
Leave feedback
Please post on our discussions channel. You can provide the following reference: 411f3e36ed53e52f7e3cbaf9072767d6262fc37d250785221664e8503f0fb156
| billing_mode = "PAY_PER_REQUEST" | ||
| tags = "null" | ||
| server_side_encryption { | ||
| enabled = false |
There was a problem hiding this comment.
l.13Recommended applying Encryption At-Rest with Bespoke Service Implementation:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
Leave feedback
Please post on our discussions channel. You can provide the following reference: b0f7e9f4458edaed4cd2552dd0d3c1f1f2afaf3a233e43f01c1c0ba789462c97
| } | ||
|
|
||
| resource "aws_lambda_function" "myfunction" { | ||
| tracing_config { | ||
| mode = "Active" |
There was a problem hiding this comment.
l.19Recommended applying Request Tracing:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
- CIS Critical Security Controls v8.1
Leave feedback
Please post on our discussions channel. You can provide the following reference: 62765aecbde07930d8afdc5696a332e40096397147c55134f82a87707ef492b7
| } | ||
|
|
||
| resource "aws_appsync_graphql_api" "test_api" { | ||
| authentication_type = "API_KEY" | ||
| xray_enabled = true |
There was a problem hiding this comment.
l.25Recommended applying Request Tracing:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
- CIS Critical Security Controls v8.1
Leave feedback
Please post on our discussions channel. You can provide the following reference: af879331249c525901eab405f59e69d22c6054f0f9210c45442068029cac615e
| } | ||
|
|
||
| resource "aws_keyspaces_table" "mykeyspacestable" { | ||
| } | ||
| encryption_specification { | ||
| type = "AWS_OWNED_KMS_KEY" |
There was a problem hiding this comment.
l.30Recommended applying Encryption At-Rest with Provider Managed Key:- Gomboc Best Practices CIS Critical Security Controls v8.1 (AWS)
Leave feedback
Please post on our discussions channel. You can provide the following reference: 836e766e32572c9b826b7b6eb5f08575aaa011e2acd90073135728da07e46486
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fix was produced in response to #24 on the following target:
These recommendations come from the following benchmarks