Skip to content

Automated Remediation Patch#38

Closed
mrchoc wants to merge 1 commit intomainfrom
remediation-20251115063052
Closed

Automated Remediation Patch#38
mrchoc wants to merge 1 commit intomainfrom
remediation-20251115063052

Conversation

@mrchoc
Copy link
Contributor

@mrchoc mrchoc commented Nov 15, 2025

Policy Remediation Report

Original File: sample-configs/ecr.tf
Validation Status: FAILED
Violations Detected: 1
Policy Used: policy/deny-ecr.rego

🧩 Changes Summary

Total Changes: 1

Details

  • ADDED → Added: image_tag_mutability = "IMMUTABLE"

🔍 Validation Summary

Test Type Total Passed Failed
Original 4 3 1
Patched 4 4 0

🚨 Violations Analysis

FAIL - sample-configs/ecr.tf - main - ECR repository `scrooge_ecr` does not have image tag mutability set

4 tests, 3 passed, 0 warnings, 1 failure, 0 exceptions

🕒 Timing

  • Start: 2025-11-15T06:30:38.696725Z
  • End: 2025-11-15T06:30:51.844069Z
  • Duration: 13.15 seconds

🧾 Patched Content

provider "aws" {
  region = "ap-southeast-1"
}
resource "aws_ecr_repository" "scrooge_ecr" {
  name                 = "scrooge-ecr"

  image_scanning_configuration {
    scan_on_push = true
  }

  image_tag_mutability = "IMMUTABLE"
}

@mrchoc mrchoc closed this Nov 17, 2025
@mrchoc mrchoc deleted the remediation-20251115063052 branch November 17, 2025 09:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mrchoc