Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(cloudformation): false positive for "ECS Cluster Not Encrypted At Rest" when using task definition ref #7203

Open
Cerisabeth opened this issue Jul 18, 2024 · 1 comment
Open

bug(cloudformation): false positive for "ECS Cluster Not Encrypted At Rest" when using task definition ref #7203

Cerisabeth opened this issue Jul 18, 2024 · 1 comment
Labels
aws PR related with AWS Cloud bug Something isn't working cloudformation CloudFormation query community Community contribution docker Docker query query New query feature

Comments

@Cerisabeth
Copy link

Expected Behavior

The ref-template.json (modified from test/negative2.json) to return negative for the ECS Cluster Not Encrypted At Rest query.

Actual Behavior

Query returns a positive for ECS Cluster Not Encrypted At Rest, even with the correct EFS volume configuration, due to this section of the above code:

          "TaskDefinition": {
            "Ref": "taskdefinition"
          },

It return negative when using the following syntax to reference the task definition:

          "TaskDefinition": "taskdefinition",

We are using AWS CDK to generate our template and it always generates a Ref block to refer to a resource.

Steps to Reproduce the Problem

  1. Scan ref-template.json for query ECS Cluster Not Encrypted At Rest query (id: 6c131358-c54d-419b-9dd6-1f7dd41d180c)
docker run -t -v $PWD/test:/path checkmarx/kics:latest scan -p /path/ref-template.json -o "/path/" --log-level "DEBUG" -i "6c131358-c54d-419b-9dd6-1f7dd41d180c" -v

debug-log.txt

Specifications

  • Version: v2.1.1
  • Platform: CloudFormation
  • Subsystem:
@Cerisabeth Cerisabeth added bug Something isn't working community Community contribution labels Jul 18, 2024
@github-actions github-actions bot added query New query feature cloudformation CloudFormation query docker Docker query aws PR related with AWS Cloud labels Jul 18, 2024
@cx-monicac
Copy link
Collaborator

Hi @Cerisabeth
Thanks for your input!

We asked our internal AppSec team to provide you feedback on this.
We will keep you updated.
(APPSEC-2916)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
aws PR related with AWS Cloud bug Something isn't working cloudformation CloudFormation query community Community contribution docker Docker query query New query feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Cerisabeth @cx-monicac