generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathcra-tf-validate-ignore-rules.json
34 lines (34 loc) · 2.23 KB
/
cra-tf-validate-ignore-rules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
"scc_rules": [
{
"scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
"description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
"ignore_reason": "In order for this rule to pass, Context Based Restrictions (CBRs) support needs to be added to the module (tracking in https://github.ibm.com/GoldenEye/issues/issues/5626). Even after that is added, there is still a dependency on SCC to support scanning for CBR rules. SCC CBR support is being tracked in https://github.ibm.com/project-fortress/pm/issues/11800.",
"is_valid": true
},
{
"scc_rule_id": "rule-4d86c074-097e-4ff3-a763-ccff128388e2",
"description": "Check whether multifactor authentication (MFA) is enabled at the account level",
"ignore_reason": "In order for this rule to pass, multifactor authentication (MFA) is enabled at the account level (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
"is_valid": true
},
{
"scc_rule_id": "rule-0704e840-e443-4781-b9be-ec57469d09c1",
"description": "Check whether permissions for API key creation are limited and configured in IAM settings for the account owner",
"ignore_reason": "Need more exploration (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
"is_valid": true
},
{
"scc_rule_id": "rule-0244c010-fde6-4db3-95aa-8952bd292ac3",
"description": "Check whether permissions for service ID creation are limited and configured in IAM settings for the account owner",
"ignore_reason": "Need more exploration (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
"is_valid": true
},
{
"scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
"description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
"ignore_reason": "Need more exploration (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
"is_valid": true
}
]
}