ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-09 22:35:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
terraform-foundation/.trivy.yaml
Greg Hendrickson 6136cde9bb feat: Terraform Foundation - AWS Landing Zone 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
2026-02-02 02:57:23 +00:00

38 lines
620 B
YAML
Raw Permalink Blame History

# Trivy Configuration
# Security and misconfiguration scanning
# https://aquasecurity.github.io/trivy/
# Scan severity levels
severity:
- CRITICAL
- HIGH
- MEDIUM
# Exit code (0 = warn only, 1 = fail on findings)
exit-code: 0
# Output format
format: table
# Ignore unfixed vulnerabilities
ignore-unfixed: true
# Skip directories
skip-dirs:
- .terraform
- .git
- node_modules
# Custom policy paths
# policy:
# - ./policies
# Misconfiguration scanning
misconfiguration:
# Terraform-specific checks
terraform:
exclude-downloaded-modules: true
# Ignore specific checks
ignorefile: .trivyignore
Reference in New Issue View Git Blame Copy Permalink