14011401 <remediationFunction >CONSTANT_ISSUE</remediationFunction >
14021402 <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
14031403 </rule >
1404+ <rule >
1405+ <key >cloudformation-CKV_AWS_115</key >
1406+ <name >Ensure that AWS Lambda function is configured for function-level concurrent execution limit</name >
1407+ <internalKey >cloudformation-CKV_AWS_115</internalKey >
1408+ <description >Ensure that AWS Lambda function is configured for function-level concurrent execution limit</description >
1409+ <severity >CRITICAL</severity >
1410+ <cardinality >SINGLE</cardinality >
1411+ <status >READY</status >
1412+ <type >VULNERABILITY</type >
1413+ <tag >security</tag >
1414+ <tag >checkov</tag >
1415+ <tag >cloudformation</tag >
1416+ <remediationFunction >CONSTANT_ISSUE</remediationFunction >
1417+ <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
1418+ </rule >
14041419 <rule >
14051420 <key >cloudformation-CKV_AWS_116</key >
14061421 <name >Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ)</name >
14161431 <remediationFunction >CONSTANT_ISSUE</remediationFunction >
14171432 <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
14181433 </rule >
1434+ <rule >
1435+ <key >cloudformation-CKV_AWS_117</key >
1436+ <name >Ensure that AWS Lambda function is configured inside a VPC</name >
1437+ <internalKey >cloudformation-CKV_AWS_117</internalKey >
1438+ <description >Ensure that AWS Lambda function is configured inside a VPC</description >
1439+ <severity >CRITICAL</severity >
1440+ <cardinality >SINGLE</cardinality >
1441+ <status >READY</status >
1442+ <type >VULNERABILITY</type >
1443+ <tag >security</tag >
1444+ <tag >checkov</tag >
1445+ <tag >cloudformation</tag >
1446+ <remediationFunction >CONSTANT_ISSUE</remediationFunction >
1447+ <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
1448+ </rule >
1449+ <rule >
1450+ <key >cloudformation-CKV_AWS_118</key >
1451+ <name >Ensure that enhanced monitoring is enabled for Amazon RDS instances</name >
1452+ <internalKey >cloudformation-CKV_AWS_118</internalKey >
1453+ <description >Ensure that enhanced monitoring is enabled for Amazon RDS instances</description >
1454+ <severity >CRITICAL</severity >
1455+ <cardinality >SINGLE</cardinality >
1456+ <status >READY</status >
1457+ <type >VULNERABILITY</type >
1458+ <tag >security</tag >
1459+ <tag >checkov</tag >
1460+ <tag >cloudformation</tag >
1461+ <remediationFunction >CONSTANT_ISSUE</remediationFunction >
1462+ <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
1463+ </rule >
14191464 <rule >
14201465 <key >cloudformation-CKV_AWS_119</key >
14211466 <name >Ensure DynamoDB Tables are encrypted using a KMS Customer Managed CMK</name >
18301875 <remediationFunction >CONSTANT_ISSUE</remediationFunction >
18311876 <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
18321877 </rule >
1878+ <rule >
1879+ <key >cloudformation-CKV_AWS_260</key >
1880+ <name >Ensure no security groups allow ingress from 0.0.0.0:0 to port 80</name >
1881+ <internalKey >cloudformation-CKV_AWS_260</internalKey >
1882+ <description >Ensure no security groups allow ingress from 0.0.0.0:0 to port 80</description >
1883+ <severity >CRITICAL</severity >
1884+ <cardinality >SINGLE</cardinality >
1885+ <status >READY</status >
1886+ <type >VULNERABILITY</type >
1887+ <tag >security</tag >
1888+ <tag >checkov</tag >
1889+ <tag >cloudformation</tag >
1890+ <tag >owasp-a6</tag >
1891+ <tag >cweid-732</tag >
1892+ <tag >800-53-ac-4</tag >
1893+ <remediationFunction >CONSTANT_ISSUE</remediationFunction >
1894+ <remediationFunctionBaseEffort >10min</remediationFunctionBaseEffort >
1895+ </rule >
1896+
18331897
18341898</rules >
0 commit comments