support checkov rules, version 2.0.359

Author: pethers

src/main/resources/cloudformation-checkov-rules.xml

@@ -1,6 +1,6 @@
 <cloudformation-rules>
 
-<rule>
+    <rule>
 		<key>serverless-CKV_AWS_1</key>
 		<name>Ensure IAM policies that allow full &quot;*-*&quot; administrative privileges are not created</name>
 		<internalKey>serverless-CKV_AWS_1</internalKey>
@@ -4248,6 +4248,36 @@
 		<remediationFunction>CONSTANT_ISSUE</remediationFunction>
 		<remediationFunctionBaseEffort>10min</remediationFunctionBaseEffort>
     </rule>
+    <rule>
+		<key>terraform-CKV_AWS_172</key>
+		<name>Ensure QLDB ledger has deletion protection enabled</name>
+		<internalKey>terraform-CKV_AWS_172</internalKey>
+		<description>Ensure QLDB ledger has deletion protection enabled</description>
+		<severity>CRITICAL</severity>
+		<cardinality>SINGLE</cardinality>
+		<status>READY</status>
+		<type>VULNERABILITY</type>
+		<tag>security</tag>
+		<tag>checkov</tag>
+		<tag>terraform</tag>
+		<remediationFunction>CONSTANT_ISSUE</remediationFunction>
+		<remediationFunctionBaseEffort>10min</remediationFunctionBaseEffort>
+    </rule>
+    <rule>
+		<key>cloudformation-CKV_AWS_172</key>
+		<name>Ensure QLDB ledger has deletion protection enabled</name>
+		<internalKey>cloudformation-CKV_AWS_172</internalKey>
+		<description>Ensure QLDB ledger has deletion protection enabled</description>
+		<severity>CRITICAL</severity>
+		<cardinality>SINGLE</cardinality>
+		<status>READY</status>
+		<type>VULNERABILITY</type>
+		<tag>security</tag>
+		<tag>checkov</tag>
+		<tag>cloudformation</tag>
+		<remediationFunction>CONSTANT_ISSUE</remediationFunction>
+		<remediationFunctionBaseEffort>10min</remediationFunctionBaseEffort>
+    </rule>
     <rule>
 		<key>terraform-CKV2_AWS_1</key>
 		<name>Ensure that all NACL are attached to subnets</name>
@@ -7196,9 +7226,9 @@
     </rule>
     <rule>
 		<key>terraform-CKV_AZURE_125</key>
-		<name>Ensures that Active Directory is used for authentication for Service Fabric</name>
+		<name>Ensures that Service Fabric use three levels of protection available</name>
 		<internalKey>terraform-CKV_AZURE_125</internalKey>
-		<description>Ensures that Active Directory is used for authentication for Service Fabric</description>
+		<description>Ensures that Service Fabric use three levels of protection available</description>
 		<severity>CRITICAL</severity>
 		<cardinality>SINGLE</cardinality>
 		<status>READY</status>
@@ -10448,4 +10478,5 @@
 
 
 
+
 </cloudformation-rules>

src/test/java/com/hack23/sonar/cloudformation/CloudformationQualityProfileTest.java

@@ -45,27 +45,27 @@ public void defineTest() {
 		final BuiltInQualityProfile qualityProfile = context.profile("yaml","Cloudformation Rules");
 		assertNotNull(qualityProfile);
 		assertFalse(qualityProfile.isDefault());
-		assertEquals(268,qualityProfile.rules().size());
+		assertEquals(269,qualityProfile.rules().size());
 		}
 		{
 		final BuiltInQualityProfile qualityProfile = context.profile("yaml","IAC Rules");
 		assertNotNull(qualityProfile);
 		assertFalse(qualityProfile.isDefault());
-		assertEquals(829,qualityProfile.rules().size());
+		assertEquals(831,qualityProfile.rules().size());
 		}
 
 
 		{
 		final BuiltInQualityProfile qualityProfile = context.profile("json","Cloudformation Rules");
 		assertNotNull(qualityProfile);
 		assertFalse(qualityProfile.isDefault());
-		assertEquals(268,qualityProfile.rules().size());
+		assertEquals(269,qualityProfile.rules().size());
 		}
 		{
 		final BuiltInQualityProfile qualityProfile = context.profile("json","IAC Rules");
 		assertNotNull(qualityProfile);
 		assertFalse(qualityProfile.isDefault());
-		assertEquals(829,qualityProfile.rules().size());
+		assertEquals(831,qualityProfile.rules().size());
 		}
 
 	}

src/test/resources/checkov/azuredeploy.checkov-report

@@ -1202,6 +1202,6 @@
         "skipped": 0,
         "parsing_errors": 0,
         "resource_count": 2,
-        "checkov_version": "2.0.337"
+        "checkov_version": "2.0.359"
     }
 }