forked from iacsecurity/tool-compare
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloudrail_results.txt
38 lines (27 loc) · 1.39 KB
/
cloudrail_results.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
WARNINGs found:
Rule: Ensure rotation for customer created CMKs is enabled
- 1 Resources Exposed:
-----------------------------------------------
- Exposed Resource: [aws_kms_key.a] (main.tf:1)
Violating Resource: [aws_kms_key.a] (main.tf:1)
Evidence:
| This rule evaluated aws_kms_key.a's configuration
-----------------------------------------------
Rule: Ensure all resources that can be tagged have at least one tag
- 1 Resources Exposed:
-----------------------------------------------
- Exposed Resource: [aws_kms_key.a] (main.tf:1)
Violating Resource: [aws_kms_key.a] (main.tf:1)
Evidence:
| Resource KMS key aws_kms_key.a does not have any tags set
-----------------------------------------------
Rule: Ensure use of KMS key policy, and no action wildcards are being used
- 1 Resources Exposed:
-----------------------------------------------
- Exposed Resource: [aws_kms_key.a] (main.tf:1)
Violating Resource: [aws_kms_key.a] (main.tf:1)
Evidence:
| The policy attached to the KMS key aws_kms_key.a is using wildcard action kms:*, and principal AWS: *, without any condition
-----------------------------------------------
Cloudrail ran this assessment without any policies and so all rule violations show as warnings.
You can increase a rule's enforcement level by creating a Policy in the Web UI and adding the rule to it.