Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Passed checks: 1, Failed checks: 1, Skipped checks: 0
Check: CKV_AWS_70: "Ensure S3 bucket does not allow an action with any Principal"
FAILED for resource: module.mybucket.module.bucket[0].aws_s3_bucket.s3_bucket
File: /plan.json:0-0
@blue-tornado Hi, can you please try to update Checkov and see if that helps, since the the latest Checkov version is 3.2.90 and you're on a much older version.
CKV_AWS70 is returning false positive when scanning terraform plan that is changing principal value from *_ to a specific principal.
Examples
Terraform plan example:
relevant part of terraform plan
checkov output:
Version