You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Reduces risk of security issues etc. being introduced into the CloudFormation templates
Description
Currently, the cfn-lint tool is ran against each of the templates with in the project during the CI pipeline to ensure that the templates are valid and meet coding standards.
However, this tool does not identify any security issues introduced by the template changes or any improvements that could be made. Therefore, the following tools should be considered for use within the project:
cfn-nag
checkov
cfripper
Acceptance Criteria
AC01
An appropriate static analysis tool should be chosen based on its features
Must be able to identify security issues with cloud formation templates
AC02
Any static analysis tools introduced should be added to CI pipeline
Any errors/warnings reported by the static analysis tool should fail the pipeline
AC03
Any existing failures should have tickets raised to fix them
The text was updated successfully, but these errors were encountered:
Value Added
Reduces risk of security issues etc. being introduced into the CloudFormation templates
Description
Currently, the
cfn-linttool is ran against each of the templates with in the project during the CI pipeline to ensure that the templates are valid and meet coding standards.However, this tool does not identify any security issues introduced by the template changes or any improvements that could be made. Therefore, the following tools should be considered for use within the project:
cfn-nagcheckovcfripperAcceptance Criteria
AC01
AC02
AC03
The text was updated successfully, but these errors were encountered: