Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delete Dockerfile #105

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Delete Dockerfile #105

wants to merge 2 commits into from

Conversation

Yoavast
Copy link
Owner

@Yoavast Yoavast commented May 31, 2023

No description provided.

@Yoavast
Copy link
Owner Author

Yoavast commented May 31, 2023
edited

Logo
Checkmarx One – Scan Summary & Details855ea74a-5a7f-412f-ad81-45e3d44a636a

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH ALB Listening on HTTP /positive1.tf: 9 AWS Application Load Balancer (alb) should not listen on HTTP
HIGH ALB Listening on HTTP /positive2.tf: 70 AWS Application Load Balancer (alb) should not listen on HTTP
HIGH EC2 Instance Has Public IP /negative2.tf: 109 EC2 Instance should not have a public IP address.
HIGH EC2 Instance Has Public IP /positive2.tf: 82 EC2 Instance should not have a public IP address.
HIGH EC2 Instance Has Public IP /negative2.tf: 83 EC2 Instance should not have a public IP address.
HIGH EC2 Instance Has Public IP /positive2.tf: 95 EC2 Instance should not have a public IP address.
HIGH EC2 Instance Has Public IP /positive2.tf: 108 EC2 Instance should not have a public IP address.
HIGH EC2 Instance Has Public IP /negative2.tf: 96 EC2 Instance should not have a public IP address.
HIGH Missing User Instruction /Dockerfile: 1 A user should be specified in the dockerfile, otherwise the image will run as root
MEDIUM ALB Not Dropping Invalid Headers /positive1.tf: 15 It's considered a best practice when using Application Load Balancers to drop invalid header fields
MEDIUM ALB Not Dropping Invalid Headers /negative1.tf: 15 It's considered a best practice when using Application Load Balancers to drop invalid header fields
MEDIUM ALB Not Dropping Invalid Headers /positive2.tf: 49 It's considered a best practice when using Application Load Balancers to drop invalid header fields
MEDIUM ALB Not Dropping Invalid Headers /negative2.tf: 49 It's considered a best practice when using Application Load Balancers to drop invalid header fields
MEDIUM Apt Get Install Pin Version Not Defined /Dockerfile: 5 When installing a package, its pin version should be defined
MEDIUM VPC Without Network Firewall /negative2.tf: 26 VPC should have a Network Firewall associated
MEDIUM VPC Without Network Firewall /positive2.tf: 26 VPC should have a Network Firewall associated
LOW ALB Deletion Protection Disabled /positive1.tf: 15 Application Load Balancer should have deletion protection enabled
LOW ALB Deletion Protection Disabled /negative2.tf: 49 Application Load Balancer should have deletion protection enabled
LOW ALB Deletion Protection Disabled /positive2.tf: 49 Application Load Balancer should have deletion protection enabled
LOW ALB Deletion Protection Disabled /negative1.tf: 15 Application Load Balancer should have deletion protection enabled
LOW EC2 Instance Using Default Security Group /negative2.tf: 110 EC2 instances should not use default security group(s)
LOW EC2 Instance Using Default Security Group /negative2.tf: 97 EC2 instances should not use default security group(s)
LOW EC2 Instance Using Default Security Group /positive2.tf: 109 EC2 instances should not use default security group(s)
LOW EC2 Instance Using Default Security Group /positive2.tf: 83 EC2 instances should not use default security group(s)
LOW EC2 Instance Using Default Security Group /negative2.tf: 84 EC2 instances should not use default security group(s)
LOW EC2 Instance Using Default Security Group /positive2.tf: 96 EC2 instances should not use default security group(s)
LOW Healthcheck Instruction Missing /Dockerfile: 1 Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
LOW IAM Access Analyzer Not Enabled /negative1.tf: 1 IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
LOW Shield Advanced Not In Use /negative2.tf: 49 AWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
LOW Shield Advanced Not In Use /positive1.tf: 15 AWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
LOW Shield Advanced Not In Use /negative1.tf: 15 AWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
LOW Shield Advanced Not In Use /positive2.tf: 49 AWS Shield Advanced should be used for Amazon Route 53 hosted zone, AWS Global Accelerator accelerator, Elastic IP Address, Elastic Load Balancing,...
LOW VPC FlowLogs Disabled /negative2.tf: 26 Every VPC resource should have an associated Flow Log
LOW VPC FlowLogs Disabled /positive2.tf: 26 Every VPC resource should have an associated Flow Log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@Yoavast