Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update workgroup #8604

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

update workgroup #8604

wants to merge 4 commits into from

Conversation

matt-heery
Copy link
Contributor

  • adding am role
  • change default workgroup

@matt-heery matt-heery requested review from a team as code owners November 7, 2024 15:55
@github-actions github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Nov 7, 2024
@matt-heery matt-heery requested a deployment to electronic-monitoring-data-test November 7, 2024 15:58 — with GitHub Actions Waiting
@matt-heery matt-heery requested a deployment to electronic-monitoring-data-development November 7, 2024 15:58 — with GitHub Actions Waiting
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 7, 2024

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role

Running Trivy in terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role
2024-11-07T15:58:51Z INFO [vulndb] Need to update DB
2024-11-07T15:58:51Z INFO [vulndb] Downloading vulnerability DB...
2024-11-07T15:58:51Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-07T15:58:54Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-07T15:58:54Z INFO [vuln] Vulnerability scanning is enabled
2024-11-07T15:58:54Z INFO [misconfig] Misconfiguration scanning is enabled
2024-11-07T15:58:54Z INFO [misconfig] Need to update the built-in checks
2024-11-07T15:58:54Z INFO [misconfig] Downloading the built-in checks...
2024-11-07T15:58:54Z ERROR [misconfig] Falling back to embedded checks err="failed to download built-in policies: download error: oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-checks/blobs/sha256:c2b4fe1cd51083ede5606a38fb24e7fafb06fd2632c9cf6d9c63f5a80a6c67dc: TOOMANYREQUESTS: retry-after: 799.745µs, allowed: 44000/minute"
2024-11-07T15:58:54Z INFO [secret] Secret scanning is enabled
2024-11-07T15:58:54Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-11-07T15:58:54Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-11-07T15:58:55Z INFO [terraform scanner] Scanning root module file_path="."
2024-11-07T15:58:55Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="athena_dump_bucket, database_name, environment, name, oidc_arn, secret_code, source_data_bucket"
2024-11-07T15:58:55Z INFO Number of language-specific files num=0
2024-11-07T15:58:55Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-11-07 15:58:57,740 [MainThread  ] [WARNI]  [ArmLocalGraph] created 0 vertices
2024-11-07 15:58:57,740 [MainThread  ] [WARNI]  [ArmLocalGraph] created 0 edges
terraform scan results:

Passed checks: 26, Failed checks: 0, Skipped checks: 2


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/ap_airflow_load_data_iam_role
2024-11-07T15:58:51Z	INFO	[vulndb] Need to update DB
2024-11-07T15:58:51Z	INFO	[vulndb] Downloading vulnerability DB...
2024-11-07T15:58:51Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-07T15:58:54Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-11-07T15:58:54Z	INFO	[vuln] Vulnerability scanning is enabled
2024-11-07T15:58:54Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-11-07T15:58:54Z	INFO	[misconfig] Need to update the built-in checks
2024-11-07T15:58:54Z	INFO	[misconfig] Downloading the built-in checks...
2024-11-07T15:58:54Z	ERROR	[misconfig] Falling back to embedded checks	err="failed to download built-in policies: download error: oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-checks/blobs/sha256:c2b4fe1cd51083ede5606a38fb24e7fafb06fd2632c9cf6d9c63f5a80a6c67dc: TOOMANYREQUESTS: retry-after: 799.745µs, allowed: 44000/minute"
2024-11-07T15:58:54Z	INFO	[secret] Secret scanning is enabled
2024-11-07T15:58:54Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-11-07T15:58:54Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-11-07T15:58:55Z	INFO	[terraform scanner] Scanning root module	file_path="."
2024-11-07T15:58:55Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="athena_dump_bucket, database_name, environment, name, oidc_arn, secret_code, source_data_bucket"
2024-11-07T15:58:55Z	INFO	Number of language-specific files	num=0
2024-11-07T15:58:55Z	INFO	Detected config files	num=1
trivy_exitcode=0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
environments-repository Used to exclude PRs from this repo in our Slack PR update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@matt-heery