Skip to content

v1.1.1
Compare
Choose a tag to compare
@github-actions github-actions released this 31 May 10:03
· 29 commits to main since this release
1.1.1
99453cc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
tfsec ignores added @davenicoll (#136)

what

  • added tfsec ignores to false positives

why

  • the terraform aws_s3_bucket resource was updated some time ago to deprecate access policies, encryption and logging as arguments, instead preferring separate terraform resources. tfsec incorrectly highlights the aws_s3_bucket resource are CRITICALly vulnerable.

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#argument-reference

Sync github @max-lobur (#138)

Rebuild github dir from the template

🐛 Bug Fixes

Always require TLS connection to S3 bucket @Nuru (#139)

what

  • Always require TLS connection to S3 bucket

why

  • Restores intended behavior
  • Fixes crash. Supersedes and closes #135. Thank you @dod38fr

Contributors

davenicoll, dod38fr, and 2 other contributors
Assets 2
Loading