Create ec2.tf #2
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments below.
Code Comments
ec2.tf
- [High]Sensitive data exposure
The AWS Secret Access Key is exposed in clear text in user data. Store sensitive configuration data securely in environment variables or other secrets management tools. - [High]Unencrypted volume
The EBS volume is unencrypted. Set the encrypted attribute of aws_ebs_volume resource to 'true'. - [Medium]Security group vulnerabilities
The security group allows SSH traffic from anywhere in the world. Restrict traffic to allow SSH traffic to specific IP ranges or even better, specific IPs that require access. - [Medium]Security group vulnerabilities
The security group allows traffic to anywhere in the world on port 80. Restrict traffic to allow HTTP traffic from specific IP ranges or even better, specific IPs that require access. - [Low]Using plain text secrets in Terraform code is a bad practice
AWS Secret Access Key and Access Key Id are stored as plain text in the variables tf file. Use the following syntax to store AWS Secret Access Key and Access Key Id: https://www.terraform.io/docs/language/values/variables.html#sensitive-values
Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find the comments helpful, give them a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This file is from Terragoat.