iac security pipeline installation #337
Merged
Annotations
10 errors and 1 warning
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/vpc.tf#L56
CKV_TF_1: "Ensure Terraform module sources use a commit hash"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L46
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L46
CKV_GCP_49: "Ensure roles do not impersonate or manage Service Accounts used at project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L39
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L32
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L25
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L18
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L11
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/gcp/iam.tf#L4
CKV_GCP_46: "Ensure Default Service account is not used at a project level"
|
|
Run Checkov (SARIF, soft fail):
account-setup/aws/main.tf#L47
CKV_AWS_130: "Ensure VPC subnets do not assign public IP by default"
|
|
Upload SARIF file
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
Loading