search

bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
https://www.checkov.io/
Apache License 2.0
7.04k stars 1.11k forks source link

CKV_AWS_312 - Incorrect check values #6007

Open stevec1980 opened 8 months ago

stevec1980 commented 8 months ago

Describe the issue If it is related to an existing check, please note the relevant check ID. Also, explain the logic for this addition / change.

Examples Correct seeting in TF:

setting { name = "HealthStreamingEnabled" namespace = "aws:elasticbeanstalk:cloudwatch:logs:health" value = "true" }

Check is looking for:

setting { namespace = "aws:elasticbeanstalk:healthreporting:system" name = "HealthStreamingEnabled" value = "true" }

The combination that checkov expects is not possible, see here: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-elasticbeanstalkhealthreporting

Version (please complete the following information):

Additional context none

avazula commented 7 months ago

Reported this in the primacloud docs and proposed a PR, I will attempt to make a PR for this code too.

timomeinen commented 6 months ago

Any updates? Facing the same issue.

avazula commented 6 months ago

Still waiting for Bridgecrew to review my PR ...

stale[bot] commented 3 days ago

Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at codifiedsecurity.slack.com Thanks!