James Pether Sörling
James Pether Sörling
To get better coverage of encryption and make sure no public instances is created by mistake. Encryption https://asecure.cloud/a/cfgrule_eks-secrets-encrypted/ (Done) https://asecure.cloud/a/cfgrule_dax-encryption-enabled/ (Done) https://asecure.cloud/a/cfgrule_cloudwatch-log-group-encrypted/ (Done) https://asecure.cloud/a/cfgrule_api-gw-cache-enabled-and-encrypted/ (adjusted to only check for encryption...
In the sonar-cloudformation-plugin https://github.com/Hack23/sonar-cloudformation-plugin/blob/master/src/main/resources/cloudformation-rules.xml , I have added cwe information for each rule. Useful since sonarqube have a view for viewing violation based on cwe rules, but guess a grouping/category...
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-storageencrypted
Good summary at https://matthewdf10.medium.com/how-to-enable-logging-on-every-aws-service-in-existence-circa-2021-5b9105b87c9 and https://docs.google.com/spreadsheets/d/1DBmCXX1irJvxdewa85p5nSsYEf3tpSKWBbwp700mbzs/edit#gid=0 Amazon Aurora https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-enablecloudwatchlogsexports AWS AppSync https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-graphqlapi-logconfig.html DocumentDB https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-enablecloudwatchlogsexports Kafka https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-logginginfo.html Some more missing as well.
Not supported in cloudformation yet, in preparation for https://github.com/aws-cloudformation/aws-cloudformation-coverage-roadmap/issues/349
Some people still use classic loadbalancer so would be nice with same type of rules W55 Elastic Load Balancer V2 Listener SslPolicy should use TLS 1.2 W56 Elastic Load Balancer...
Hi, Would be nice with an alternative implementation of https://github.com/javamelody/javamelody/blob/master/javamelody-core/src/main/java/net/bull/javamelody/internal/publish/CloudWatch.java using https://github.com/aws/aws-sdk-java-v2 . Currently have to include sdk v1/v2 and only use v1 to get javamelody metrics into cloudwatch. Happy...
**Is your feature request related to a problem? Please describe.** https://aws.amazon.com/resilience-hub/ **Describe the solution you'd like** https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-resiliencehub-app.html **Describe alternatives you've considered** A clear and concise description of any alternative solutions...
at https://deps.dev/maven/com.hack23.cia%3Acitizen-intelligence-agency OpenSSF scorecard The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open...