aws
Automatic information enumeration - AWS - Aws
Need Minimization of exposed resources in AWS Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } resource ...
Traceability Loss - AWS - Aws
Need Enhancement of traceability and logging in AWS instances Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with AWS services and resources Description Non compliant code resource "aws_instance" ...
Use of an insecure channel - AWS - Aws
Need Secure communication channels for data transmission in AWS Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" ...
Authentication mechanism absence or evasion - AWS - Aws
Need Implementation of a robust and secure authentication mechanism for AWS Context Usage of Terraform for infrastructure as code provisioning and management Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code ...
Non-encrypted confidential information - AWS - Aws
Need Secure storage of AWS credentials Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code provider "aws" { region = "us-west-2" ...
Business information leak - AWS - Aws
Need Protection of sensitive business information in AWS Context Usage of Terraform for Infrastructure as Code (IaC) Usage of terraform-provider-aws for managing AWS resources using Terraform Description Non compliant code provider "aws" { access_key ...
Excessive privileges - AWS - Aws
Need Restriction of privileges to the minimum necessary level Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } ...
Unrestricted access between network segments - AWS - Aws
Need Enforce restricted access between network segments in AWS Context Usage of Terraform for Infrastructure as Code (IaC) Usage of terraform-provider-aws for managing AWS resources with Terraform Description Non compliant code provider "aws" { ...