The security scanning is missing cfn_nag_scan. Please add the tool to security toolset and enable user to configure the scans.
e.g. cfn_nag_scan -i . --template-pattern yaml
Use Case
CDK apps that use new services that don't have full cdk support have to rely cfn templates from certain deployments. However, cfn templates are not scanned for security vulnerabilities by the pipeline.
Proposed Solution
Please add the tool to security toolset and enable user to configure the scans.
e.g. cfn_nag_scan -i . --template-pattern yaml
Other Information
No response
Acknowledgements
[X] I may be able to implement this feature request
Describe the feature
The security scanning is missing cfn_nag_scan. Please add the tool to security toolset and enable user to configure the scans.
e.g.
cfn_nag_scan -i . --template-pattern yamlUse Case
CDK apps that use new services that don't have full cdk support have to rely cfn templates from certain deployments. However, cfn templates are not scanned for security vulnerabilities by the pipeline.
Proposed Solution
Please add the tool to security toolset and enable user to configure the scans.
e.g.
cfn_nag_scan -i . --template-pattern yamlOther Information
No response
Acknowledgements
Environment details (OS name and version, etc.)
cfn