Skip to content

Migrate content from portfolio-template-sdlc #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
williambrady wants to merge 1 commit into
base: main
Choose a base branch
from

Migrate content from portfolio-template-sdlc

7393daf
Select commit
Loading
Failed to load commit list.
Open

Migrate content from portfolio-template-sdlc #2

Migrate content from portfolio-template-sdlc
7393daf
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / SDLC Code Scanner (tfsec) failed Jan 11, 2026 in 6s

5 new alerts including 3 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 3 high
  • 1 medium
  • 1 low

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 63 in terraform/main.tf

See this annotation in the file changed.

Code scanning / SDLC Code Scanner (tfsec)

S3 encryption should use Customer Managed Keys High

S3 encryption should use Customer Managed Keys | Bucket does not encrypt data with a customer managed key. | Resource: aws_s3_bucket_server_side_encryption_configuration.data_bucket_encryption

Check failure on line 138 in terraform/main.tf

See this annotation in the file changed.

Code scanning / SDLC Code Scanner (tfsec)

IAM policy should avoid use of wildcards and instead apply the principle of least privilege High

IAM policy should avoid use of wildcards and instead apply the principle of least privilege | IAM policy document uses sensitive action 'logs:CreateLogGroup' on wildcarded resource '0c5ed373-2321-44aa-89cf-94eaf272808a:*' | Resource: aws_iam_role_policy.cloudwatch_logs_policy

Check failure on line 160 in terraform/main.tf

See this annotation in the file changed.

Code scanning / SDLC Code Scanner (tfsec)

IAM policy should avoid use of wildcards and instead apply the principle of least privilege High

IAM policy should avoid use of wildcards and instead apply the principle of least privilege | IAM policy document uses sensitive action 's3:GetObject' on wildcarded resource 'c23e01a7-0fde-4d4e-9fe9-ba5a49bbdaf4' | Resource: aws_iam_role_policy.s3_access_policy

Check warning on line 45 in terraform/main.tf

See this annotation in the file changed.

Code scanning / SDLC Code Scanner (tfsec)

S3 Bucket does not have logging enabled. Medium

S3 Bucket does not have logging enabled. | Bucket does not have logging enabled | Resource: aws_s3_bucket.data_bucket

Check notice on line 35 in terraform/main.tf

See this annotation in the file changed.

Code scanning / SDLC Code Scanner (tfsec)

CloudWatch log groups should be encrypted using CMK Low

CloudWatch log groups should be encrypted using CMK | Log group is not encrypted. | Resource: aws_cloudwatch_log_group.app_logs