feat(deps): bump aquasecurity/trivy-action from 0.14.0 to 0.15.0 #433
Annotations
8 errors
|
Parse scan results:
main.tf#L37
AVD-AWS-0005: API Gateway domain name uses outdated SSL/TLS protocols.
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
Domain name is configured with an outdated TLS policy.
Resolution: Use the most modern TLS/SSL policies available
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html
https://avd.aquasec.com/misconfig/avd-aws-0005
|
|
Parse scan results:
main.tf#L33
AVD-AWS-0005: API Gateway domain name uses outdated SSL/TLS protocols.
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
Domain name is configured with an outdated TLS policy.
Resolution: Use the most modern TLS/SSL policies available
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html
https://avd.aquasec.com/misconfig/avd-aws-0005
|
|
Parse scan results:
main.tf#L41
AVD-AWS-0005: API Gateway domain name uses outdated SSL/TLS protocols.
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
Domain name is configured with an outdated TLS policy.
Resolution: Use the most modern TLS/SSL policies available
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html
https://avd.aquasec.com/misconfig/avd-aws-0005
|
|
Parse scan results:
main.tf#L20
AVD-AWS-0054: Use of plain HTTP.
Plain HTTP is unencrypted and human-readable. This means that if a malicious actor was to eavesdrop on your connection, they would be able to see all of your data flowing back and forth.
|
|
Parse scan results:
main.tf#L23
AVD-AWS-0081: AWS Classic resource usage.
AWS Classic resources run in a shared environment with infrastructure owned by other AWS customers. You should run
|
|
Parse scan results:
main.tf#L15
AVD-AWS-0107: An ingress security group rule allows traffic from /0.
Opening up ports to the public internet is generally to be avoided. You should restrict access to IP addresses or ranges that explicitly require it where possible.
Security group rule allows ingress from public internet.
Resolution: Set a more restrictive cidr range
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html
https://avd.aquasec.com/misconfig/avd-aws-0107
|
|
Parse scan results:
main.tf#L29
AVD-AZU-0038: Enable disk encryption on managed disk
Manage disks should be encrypted at rest. When specifying the <code>encryption_settings</code> block, the enabled attribute should be set to <code>true</code>.
Managed disk is not encrypted.
Resolution: Enable encryption on managed disks
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption
https://avd.aquasec.com/misconfig/avd-azu-0038
|
|
Parse scan results
Process completed with exit code 1.
|
The logs for this run have expired and are no longer available.
Loading