Skip to content

Perm bound #824

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Perm bound #824

wants to merge 4 commits into from

Conversation

pankajgoyal2
Copy link
Contributor

Description

Please include a summary of the changes and the related issue. List any dependencies that are required for this change.

Fixes # (issue)

Any Newly Introduced Dependencies

Please describe any newly introduced 3rd party dependencies in this change. List their name, license information and how they are used in the project.

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

Checklist:

  • I agree to use the APACHE-2.0 license for my code changes
  • I have not introduced any 3rd party dependency changes
  • I have performed a self-review of my code

@pankajgoyal2 pankajgoyal2 marked this pull request as draft September 26, 2025 06:25
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 26, 2025
View reviewed changes
pod-configs/module/kms/main.tf
Comment on lines +78 to +88
resource "aws_kms_key" "vault" {
description = "Vault unseal key for ${var.cluster_name}"
deletion_window_in_days = 10

tags = {
Name = "vault-kms-unseal-${var.cluster_name}"
Cluster = var.cluster_name
Purpose = "vault-unseal"
Application = "vault"
}
}

Check warning

Code scanning / Trivy

A KMS key is not configured to auto-rotate. Medium

Artifact: pod-configs/module/kms/main.tf
Type: terraform
Vulnerability AVD-AWS-0065
Severity: MEDIUM
Message: Key does not have rotation enabled.
Link: AVD-AWS-0065
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@johnoloughlin johnoloughlin Awaiting requested review from johnoloughlin johnoloughlin is a code owner

@garyloug garyloug Awaiting requested review from garyloug garyloug is a code owner

@palade palade Awaiting requested review from palade palade is a code owner

@rranjan3 rranjan3 Awaiting requested review from rranjan3 rranjan3 is a code owner

@krishnajs krishnajs Awaiting requested review from krishnajs krishnajs is a code owner

@hyunsun hyunsun Awaiting requested review from hyunsun hyunsun is a code owner

@scottmbaker scottmbaker Awaiting requested review from scottmbaker scottmbaker is a code owner

@damiankopyto damiankopyto Awaiting requested review from damiankopyto damiankopyto is a code owner

@cjnolan cjnolan Awaiting requested review from cjnolan cjnolan is a code owner

@SushilLakra SushilLakra Awaiting requested review from SushilLakra SushilLakra is a code owner

@soniabha-intc soniabha-intc Awaiting requested review from soniabha-intc soniabha-intc is a code owner

@guptagunjan guptagunjan Awaiting requested review from guptagunjan guptagunjan is a code owner

@sys-orch-approve sys-orch-approve Awaiting requested review from sys-orch-approve sys-orch-approve is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pankajgoyal2