Amazon Q
Detector Library
Sign in to Amazon Q
AWS
Documentation
Amazon Q
Detector Library
Terraform
Unencryted Codebuild projects
Feedback
Q
Detector Library
Terraform detectors
(58/58)
Unsecured encryption of SageMaker data at rest
Disabled AWS Glue security encryption
Restrict IAM asterisk action
Disabled AWS RDS Encryption
Exposed secrets in EC2 user data
Disabled block public acls
Disabled Glue Data Catalog encryption
S3 bucket restrict public bucket not true
nonhttps viewer protocol policy
Restrict log4j2 message lookup
Restrict overly permissive VPC peering routes
Restrict overly permissive access by AWS EKS to all traffic
Secure AWS Database Migration Service endpoints
Disabled logging for aws document db
Unencrypted code build project
Sns Topic Uses CMK
Enabled RDS public access
Unsecure encryption of DAX at rest
Public READ bucket ACL
disabled detailed monitoring for EC2
Disabled iam authentication
Unecrypted AWS Redshift using CMK
Implicit SSH for AWS EKS node group
Restrict IAM asterisk action
Disabled encryption on Aurora at rest
Restrict assumed IAM role access
Restrict AWS IAM policy with full administrative privileges
Restrict actions with any Principal for S3 buckets
Disabled ALB drops HTTP headers
Restrict IAM policies with full 'asterisk-asterisk' administrative privileges
Disabled athena database encryption
Use AWS certificate manager SSL certificate with Elastic Load Balancer
Unencrypted backup vault
Avoid hardcoded AWS access keys and secrets credentials
Restrict IAM password reuse
Disabled document db encryption
Configure TLS 1.2 in AWS Load balancer
Misconfigured data encryption at rest for AWS SageMaker instance
Disabled AWS S3 object versioning
Configure HTTPS for CloudFront distribution ViewerProtocolPolicy
Unsecured Encryption in transit for EFS volumes
Unencrypted EBS Volumes
Exposed secrets in Lambda function environment variables
RDS postgresql file read vulnerability
Undefined lambda function urls authtype
Associate AWS Glue component with a security component
Restrict public access on DMS replication instance
S3 bucket ignore public acls not true
DynamoDB Table Autoscaling Enabled
Restrict Neptune cluster instance public access
Restrict the use of asterisk actions for SQS policy documents
Disabled Neptune logging
nonhttps load balancer terraform
Unencryted Codebuild projects
Unencrypted Secrets Manager using CMK
AWS S3 public WRITE permission
Restrict public IP association on EC2 instance
Disabled DynamoDB Point-In-Time Recovery
Unencryted Codebuild projects
Medium
Unencrypted CodeBuild projects is detected. Make sure to provide encryption key.
Detector ID
terraform/unencryted-codebuild-projects-terraform@v1.0
Category
Security
Common Weakness Enumeration (CWE)
CWE-311
Tags
#
aws-terraform