Closed robg-test closed 1 year ago
Security Scan Assesment:
Result 1 HIGH Bucket does not encrypt data with a customer managed key. Result 2 HIGH Table encryption is not enabled. Result 3 MEDIUM Bucket does not have logging enabled Result 4 MEDIUM Point-in-time recovery is not enabled. Result 5 LOW Table encryption does not use a customer-managed KMS key.
Think we need 3,
1,2,5 are not necessary as we don't need to encrypt the storage here. 4 might be useful, to recover accidental deletion of the TF State, I presume this comes with cost but would be definitely be helpful in this instance.
Note on Key: You can redirect the outputted private_key to your own private_key.
And run to retrieve the key >
terraform output -raw private_key
In a future PR we should probably allow the user to provide their own SSH Key.
I'd like to take a bit more time reviewing this, but I do want to use the required_providers
change a bit sooner, so I'll create a separate PR for that using some of the commits above