diff --git a/docs/queries/all-queries.md b/docs/queries/all-queries.md
index f76dcb77995..0a4368bd2fb 100644
--- a/docs/queries/all-queries.md
+++ b/docs/queries/all-queries.md
@@ -3,1778 +3,1778 @@ This page contains all queries.
 
  |            Query            |Platform|Severity|Category|More info|
 |-----------------------------|---|---|---|---|
-|ECR Repository Is Publicly Accessible<br/><sup><sub>fb5a5df7-6d74-4243-ab82-ff779a958bfd</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html#parameter-policy">Documentation</a><br/>|
-|S3 Bucket Access to Any Principal<br/><sup><sub>3ab1f27d-52cc-4943-af1d-43c1939e739a</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#ansible-collections-amazon-aws-s3-bucket-module">Documentation</a><br/>|
-|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>6fa44721-ef21-41c6-8665-330d59461163</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>a0f1bfe0-741e-473f-b3b2-13e66f856fab</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|S3 Bucket With All Permissions<br/><sup><sub>6a6d7e56-c913-4549-b5c5-5221e624d2ec</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-policy">Documentation</a><br/>|
-|S3 Bucket With Public Access<br/><sup><sub>c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>c09e3ca5-f08a-4717-9c87-3919c5e6d209</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
-|DB Security Group With Public Scope<br/><sup><sub>0956aedf-6a7a-478b-ab56-63e2b19923ad</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|RDS Associated with Public Subnet<br/><sup><sub>16732649-4ff6-4cd2-8746-e72c13fae4b8</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-db_subnet_group_name">Documentation</a><br/>|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>af167837-9636-4086-b815-c239186b9dda</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_role_module.html#parameter-assume_role_policy_document">Documentation</a><br/>|
-|ECS Service Admin Role Is Present<br/><sup><sub>7db727c1-1720-468e-b80e-06697f71e09e</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html">Documentation</a><br/>|
-|IAM Policy Grants Full Permissions<br/><sup><sub>b5ed026d-a772-4f07-97f9-664ba0b116f8</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>a1ef9d2e-4163-40cb-bd92-04f0d602a15d</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>75480b31-f349-4b9a-861f-bce19588e674</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
-|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>53bce6a8-5492-4b1b-81cf-664385f0c4bf</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|S3 Bucket Allows List Action From All Principals<br/><sup><sub>d395a950-12ce-4314-a742-ac5a785ab44e</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|SNS Topic is Publicly Accessible<br/><sup><sub>905f4741-f965-45c1-98db-f7a00a0e5c73</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sns_topic_module.html">Documentation</a><br/>|
-|SQS Policy Allows All Actions<br/><sup><sub>ed9b3beb-92cf-44d9-a9d2-171eeba569d4</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
-|SQS Queue Exposed<br/><sup><sub>86b0efa7-4901-4edd-a37a-c034bec6645a</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#parameter-policy">Documentation</a><br/>|
-|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>7674a686-e4b1-4a95-83d4-1fd53c623d84</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_rule_module.html#parameter-source/identifier">Documentation</a><br/>|
-|DB Instance Storage Not Encrypted<br/><sup><sub>7dfb316c-a6c2-454d-b8a2-97f147b0c0ff</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
-|EBS Volume Encryption Disabled<br/><sup><sub>4b6012e7-7176-46e4-8108-e441785eae57</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_vol_module.html#parameter-encrypted">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>727c4fd4-d604-4df6-a179-7713d3c85e20</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-encrypt">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>2034fb37-bc23-4ca0-8d95-2b9f15829ab5</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
-|Kinesis Not Encrypted With KMS<br/><sup><sub>f2ea6481-1d31-4d40-946a-520dc6321dd7</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/kinesis_stream_module.html">Documentation</a><br/>|
-|Launch Configuration Is Not Encrypted<br/><sup><sub>66477506-6abb-49ed-803d-3fa174cd5f6a</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
-|Redis Not Compliant<br/><sup><sub>9f34885e-c08f-4d13-a7d1-cf190c5bd268</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_engine_version">Documentation</a><br/>|
-|Redshift Not Encrypted<br/><sup><sub>6a647814-def5-4b85-88f5-897c19f509cd</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
-|S3 Bucket Without Server-side-encryption<br/><sup><sub>594f54e7-f744-45ab-93e4-c6dbaf6cd571</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|User Data Contains Encoded Private Key<br/><sup><sub>c09f4d3e-27d2-4d46-9453-abbe9687a64e</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
-|Batch Job Definition With Privileged Container Properties<br/><sup><sub>defe5b18-978d-4722-9325-4d1975d3699f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_batch_job_definition_module.html">Documentation</a><br/>|
-|EC2 Group Has Public Interface<br/><sup><sub>5330b503-3319-44ff-9b1c-00ee873f728a</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|KMS Key With Vulnerable Policy<br/><sup><sub>5b9d237a-57d5-4177-be0e-71434b0fef47</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html">Documentation</a><br/>|
-|Redshift Publicly Accessible<br/><sup><sub>5c6b727b-1382-4629-8ba9-abd1365e5610</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html">Documentation</a><br/>|
-|Root Account Has Active Access Keys<br/><sup><sub>e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
-|DB Security Group Open To Large Scope<br/><sup><sub>ea0ed1c7-9aef-4464-b7c7-94c762da3640</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
-|Default Security Groups With Unrestricted Traffic<br/><sup><sub>8010e17a-00e9-4635-a692-90d6bcec68bd</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Public Port Wide<br/><sup><sub>71ea648a-d31a-4b5a-a589-5674243f1c33</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Remote Desktop Port Open To Internet<br/><sup><sub>eda7301d-1f3e-47cf-8d4e-976debc64341</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
-|Route53 Record Undefined<br/><sup><sub>445dce51-7e53-4e50-80ef-7f94f14169e4</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/route53_module.html#parameter-value">Documentation</a><br/>|
-|Security Group Ingress Not Restricted<br/><sup><sub>ea6bc7a6-d696-4dcf-a788-17fa03c17c81</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Unknown Port Exposed To Internet<br/><sup><sub>722b0f24-5a64-4cca-aa96-cfc26b7e3a5b</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Unrestricted Security Group Ingress<br/><sup><sub>83c5fa4c-e098-48fc-84ee-0a537287ddd2</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Hardcoded AWS Access Key<br/><sup><sub>c2f15af3-66a0-4176-a56e-e4711e502e5c</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_instance_module.html">Documentation</a><br/>|
-|Hardcoded AWS Access Key In Lambda<br/><sup><sub>f34508b9-f574-4330-b42d-88c44cced645</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
-|AMI Shared With Multiple Accounts<br/><sup><sub>a19b2942-142e-4e2b-93b7-6cf6a6c8d90f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
-|API Gateway Without Configured Authorizer<br/><sup><sub>b16cdb37-ce15-4ab2-8401-d42b05d123fc</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
-|Certificate Has Expired<br/><sup><sub>5a443297-19d4-4381-9e5b-24faf947ec22</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
-|EC2 Instance Using Default Security Group<br/><sup><sub>8d03993b-8384-419b-a681-d1f55149397c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-group">Documentation</a><br/>|
-|IAM Access Key Is Exposed<br/><sup><sub>7f79f858-fbe8-4186-8a2c-dfd0d958a40f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
-|IAM Group Without Users<br/><sup><sub>f509931b-bbb0-443c-bd9b-10e92ecf2193</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_group_module.html">Documentation</a><br/>|
-|IAM Policies Attached To User<br/><sup><sub>eafe4bc3-1042-4f88-b988-1939e64bf060</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_policy_module.html">Documentation</a><br/>|
-|IAM Policies With Full Privileges<br/><sup><sub>e401d614-8026-4f4b-9af9-75d1197461ba</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>12a7a7ce-39d6-49dd-923d-aeb4564eb66c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|IAM Role Allows All Principals To Assume<br/><sup><sub>babdedcf-d859-43da-9a7b-6d72e661a8fd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d972c56-8ec2-48c1-a578-887adb09c57a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
-|Public Lambda via API Gateway<br/><sup><sub>5e92d816-2177-4083-85b4-f61b4f7176d9</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.4/lambda_policy_module.html">Documentation</a><br/>|
-|SES Policy With Allowed IAM Actions<br/><sup><sub>8ed0bfce-f780-46d4-b086-21c3628f09ad</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_ses_identity_policy_module.html#parameter-policy">Documentation</a><br/>|
-|SQS Policy With Public Access<br/><sup><sub>d994585f-defb-4b51-b6d2-c70f020ceb10</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
-|Auto Scaling Group With No Associated ELB<br/><sup><sub>050f085f-a8db-4072-9010-2cca235cc02f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_asg_module.html#parameter-load_balancers">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>133fee21-37ef-45df-a563-4d07edc169f4</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enabled">Documentation</a><br/>|
-|RDS With Backup Disabled<br/><sup><sub>e69890e6-fce5-461d-98ad-cb98318dfc96</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-backup_retention_period">Documentation</a><br/>|
-|S3 Bucket Without Versioning<br/><sup><sub>9232306a-f839-40aa-b3ef-b352001da9a5</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-versioning">Documentation</a><br/>|
-|Stack Retention Disabled<br/><sup><sub>17d5ba1d-7667-4729-b1a6-b11fde3db7f7</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudformation_stack_set_module.html#parameter-purge_stacks">Documentation</a><br/>|
-|AMI Not Encrypted<br/><sup><sub>97707503-a22c-4cd7-b7c0-f088fa7cf830</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
-|CA Certificate Identifier Is Outdated<br/><sup><sub>5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-ca_certificate_identifier">Documentation</a><br/>|
-|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>a6d27cf7-61dc-4bde-ae08-3b353b609f76</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|CodeBuild Not Encrypted<br/><sup><sub>a1423864-2fbc-4f46-bfe1-fbbf125c71c9</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_codebuild_module.html">Documentation</a><br/>|
-|ELB Using Insecure Protocols<br/><sup><sub>730a5951-2760-407a-b032-dd629b55c23a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
-|IAM Database Auth Not Enabled<br/><sup><sub>0ed012a4-9199-43d2-b9e4-9bd049a48aa4</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
-|Secure Ciphers Disabled<br/><sup><sub>218413a0-c716-4b94-9e08-0bb70d854709</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>e1e7b278-2a8b-49bd-a26e-66a7f70b17eb</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#ansible-collections-community-aws-sqs-queue-module">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>b47b98ab-e481-4a82-8bb1-1ab39fd36e33</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.8/modules/aws_api_gateway_module.html">Documentation</a><br/>|
-|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>d5ec2080-340a-4259-b885-f833c4ea6a31</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>d0c13053-d2c8-44a6-95da-d592996e9e67</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html#parameter-viewer_certificate/minimum_protocol_version">Documentation</a><br/>|
-|ECR Image Tag Not Immutable<br/><sup><sub>60bfbb8a-c72f-467f-a6dd-a46b7d612789</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html">Documentation</a><br/>|
-|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>01aec7c2-3e4d-4274-ae47-2b8fea22fd1f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-network_mode">Documentation</a><br/>|
-|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>3505094c-f77c-4ba0-95da-f83db712f86c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_s3_cors_module.html#parameter-rules">Documentation</a><br/>|
-|Vulnerable Default SSL Certificate<br/><sup><sub>fb8f8929-afeb-4c46-99f0-a6cf410f7df4</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>f81d63d2-c5d7-43a4-a5b5-66717a41c895</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
-|API Gateway Endpoint Config is Not Private<br/><sup><sub>559439b2-3e9c-4739-ac46-17e3b24ec215</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
-|API Gateway without WAF<br/><sup><sub>f5f38943-664b-4acc-ab11-f292fa10ed0b</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/wafv2_resources_module.html#parameter-arn">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>22c80725-e390-4055-8d14-a872230f6607</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|EC2 Instance Has Public IP<br/><sup><sub>a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-assign_public_ip">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>d6c2d06f-43c1-488a-9ba1-8d75b40fc62d</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/devel/collections/community/aws/opensearch_module.html">Documentation</a><br/>|
-|HTTP Port Open To Internet<br/><sup><sub>a14ad534-acbe-4a8e-9404-2f7e1045646e</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
-|Security Group With Unrestricted Access To SSH<br/><sup><sub>57ced4b9-6ba4-487b-8843-b65562b90c77</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>7af1c447-c014-4f05-bd8b-ebe3a15734ac</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>72a931c2-12f5-40d1-93cc-47bff2f7aa2a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html#ansible-collections-community-aws-cloudwatchlogs-log-group-module">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>d31cb911-bf5b-4eb6-9fc3-16780c77c7bd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|CloudTrail Logging Disabled<br/><sup><sub>d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-enable_logging">Documentation</a><br/>|
-|S3 Bucket Logging Disabled<br/><sup><sub>c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-debug_botocore_endpoint_logs">Documentation</a><br/>|
-|No Stack Policy<br/><sup><sub>ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
-|Authentication Without MFA<br/><sup><sub>eee107f9-b3d8-45d3-b9c6-43b5a7263ce1</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Access Control|<a href="../ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_mfa_device_info_module.html">Documentation</a><br/>|
-|ECS Service Without Running Tasks<br/><sup><sub>f5c45127-1d28-4b49-a692-0b97da1c3a84</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Availability|<a href="../ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html#ansible-collections-community-aws-ecs-service-module">Documentation</a><br/>|
-|Automatic Minor Upgrades Disabled<br/><sup><sub>857f8808-e96a-4ba8-a9b7-f2d4ec6cad94</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
-|CDN Configuration Is Missing<br/><sup><sub>b25398a2-0625-4e61-8e4d-a1bb23905bf6</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
-|Lambda Permission Misconfigured<br/><sup><sub>3ddf3417-424d-420d-8275-0724dc426520</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
-|Misconfigured Password Policy Expiration<br/><sup><sub>3f2cf811-88fa-4eda-be45-7a191a18aba9</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
-|Password Without Reuse Prevention<br/><sup><sub>6f5f5444-1422-495f-81ef-24cefd61ed2c</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html#parameter-pw_reuse_prevent">Documentation</a><br/>|
-|EFS Without Tags<br/><sup><sub>b8a9852c-9943-4973-b8d5-77dae9352851</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html">Documentation</a><br/>|
-|Stack Without Template<br/><sup><sub>32d31f1f-0f83-4721-b7ec-1e6948c60145</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
-|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>f5587077-3f57-4370-9b4e-4eb5b1bac85b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>bd77554e-f138-40c5-91b2-2a09f878608e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-kms_key_id">Documentation</a><br/>|
-|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>e28ceb92-d588-4166-aac5-766c8f5b7472</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
-|Instance With No VPC<br/><sup><sub>61d1a2d0-4db8-405a-913d-5d2ce49dff6f</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html">Documentation</a><br/>|
-|Lambda Function Without Tags<br/><sup><sub>265d9725-2fb8-42a2-bc57-3279c5db82d5</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
-|EC2 Instance Using Default VPC<br/><sup><sub>8833f180-96f1-46f4-9147-849aafa56029</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-vpc_subnet_id">Documentation</a><br/>|
-|ElastiCache Using Default Port<br/><sup><sub>7cc6c791-5f68-4816-a564-b9b699f9d26e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_port">Documentation</a><br/>|
-|ElastiCache Without VPC<br/><sup><sub>5527dcfc-94f9-4bf6-b7d4-1b78850cf41f</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_subnet_group">Documentation</a><br/>|
-|RDS Using Default Port<br/><sup><sub>2cb674f6-32f9-40be-97f2-62c0dc38f0d5</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-port">Documentation</a><br/>|
-|Redshift Using Default Port<br/><sup><sub>e01de151-a7bd-4db4-b49b-3c4775a5e881</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html#parameter-port">Documentation</a><br/>|
-|API Gateway X-Ray Disabled<br/><sup><sub>2059155b-27fd-441e-b616-6966c468561f</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html#parameter-tracing_enabled">Documentation</a><br/>|
-|CloudTrail Log File Validation Disabled<br/><sup><sub>4d8681a2-3d30-4c89-8070-08acd142748e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|CloudTrail Multi Region Disabled<br/><sup><sub>6ad087d7-a509-4b20-b853-9ef6f5ebaa98</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-is_multi_region_trail">Documentation</a><br/>|
-|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>ebb2118a-03bc-4d53-ab43-d8750f5cb8d3</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|CloudTrail SNS Topic Name Undefined<br/><sup><sub>5ba316a9-c466-4ec1-8d5b-bc6107dc9a92</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|CMK Rotation Disabled<br/><sup><sub>af96d737-0818-4162-8c41-40d969bd65d1</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enable_key_rotation">Documentation</a><br/>|
-|Configuration Aggregator to All Regions Disabled<br/><sup><sub>a2fdf451-89dd-451e-af92-bf6c0f4bab96</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_aggregator_module.html#parameter-organization_source">Documentation</a><br/>|
-|Lambda Functions Without X-Ray Tracing<br/><sup><sub>71397b34-1d50-4ee1-97cb-c96c34676f74</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
-|Stack Notifications Disabled<br/><sup><sub>d39761d7-94ab-45b0-ab5e-27c44e381d58</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html#parameter-notification_arns">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>338b6cab-961d-4998-bb49-e5b6a11c9a5c</sub></sup>|Ansible|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-ebs_optimized">Documentation</a><br/>|
-|CloudWatch Without Retention Period Specified<br/><sup><sub>e24e18d9-4c2b-4649-b3d0-18c088145e24</sub></sup>|Ansible|<span style="color:#5bc0de">Info</span>|Observability|<a href="../ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html">Documentation</a><br/>|
-|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>e8c80448-31d8-4755-85fc-6dbab69c2717</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html#parameter-ip_range_filter">Documentation</a><br/>|
-|Redis Entirely Accessible<br/><sup><sub>0d0c12b9-edce-4510-9065-13f6a758750c</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
-|Redis Publicly Accessible<br/><sup><sub>0632d0db-9190-450a-8bb3-c283bffea445</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
-|SQLServer Ingress From Any IP<br/><sup><sub>f4e9ff70-0f3b-4c50-a713-26cbe7ec4039</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
-|Unrestricted SQL Server Access<br/><sup><sub>3f23c96c-f9f5-488d-9b17-605b8da5842f</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
-|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>ca4df748-613a-4fbf-9c76-f02cbd580307</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-public_network_access">Documentation</a><br/>|
-|Public Storage Account<br/><sup><sub>35e2f133-a395-40de-a79d-b260d973d1bd</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls">Documentation</a><br/>|
-|Storage Container Is Publicly Accessible<br/><sup><sub>4d3817db-dd35-4de4-a80d-3867157e7f7f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageblob_module.html#parameter-public_access">Documentation</a><br/>|
-|Azure Container Registry With No Locks<br/><sup><sub>581dae78-307d-45d5-aae4-fe2b0db267a5</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_lock_module.html">Documentation</a><br/>|
-|Security Group is Not Configured<br/><sup><sub>da4f2739-174f-4cdd-b9ef-dc3f14b5931f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_subnet_module.html">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_securitygroup_module.html#parameter-rules">Documentation</a><br/>|
-|Admin User Enabled For Container Registry<br/><sup><sub>29f35127-98e6-43af-8ec1-201b79f99604</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_containerregistry_module.html">Documentation</a><br/>|
-|AKS RBAC Disabled<br/><sup><sub>149fa56c-4404-4f90-9e25-d34b676d5b39</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
-|Role Definition Allows Custom Role Creation<br/><sup><sub>5c80db8e-03f5-43a2-b4af-1f3f87018157</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_roledefinition_module.html#parameter-permissions/actions">Documentation</a><br/>|
-|Key Vault Soft Delete Is Disabled<br/><sup><sub>881696a8-68c5-4073-85bc-7c38a3deb854</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_keyvault_module.html#parameter-enable_soft_delete">Documentation</a><br/>|
-|Azure Instance Using Basic Authentication<br/><sup><sub>e2d834b7-8b25-4935-af53-4a60668dcbe0</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-linux_config/disable_password_authentication">Documentation</a><br/>|
-|MySQL SSL Connection Disabled<br/><sup><sub>2a901825-0f3b-4655-a0fe-e0470e50f8e6</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_mysqlserver_module.html">Documentation</a><br/>|
-|SSL Enforce Disabled<br/><sup><sub>961ce567-a16d-4d7d-9027-f0ec2628a555</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlserver_module.html#parameter-enforce_ssl">Documentation</a><br/>|
-|Storage Account Not Forcing HTTPS<br/><sup><sub>2c99a474-2a3c-4c17-8294-53ffa5ed0522</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-https_only">Documentation</a><br/>|
-|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>c62746cf-92d5-4649-9acf-7d48d086f2ee</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-minimum_tls_version">Documentation</a><br/>|
-|AD Admin Not Configured For SQL Server<br/><sup><sub>b176e927-bbe2-44a6-a9c3-041417137e5f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html#parameter-ad_user">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>869e7fb4-30f0-4bdb-b360-ad548f337f2f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscache_module.html">Documentation</a><br/>|
-|VM Not Attached To Network<br/><sup><sub>1e5f5307-3e01-438d-8da6-985307ed25ce</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-network_interface_names">Documentation</a><br/>|
-|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>eb8c2560-8bee-4248-9d0d-e80c8641dd91</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_webapp_module.html#parameter-https_only">Documentation</a><br/>|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>69f72007-502e-457b-bd2d-5012e31ac049</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html">Documentation</a><br/>|
-|Trusted Microsoft Services Not Enabled<br/><sup><sub>1bc398a8-d274-47de-a4c8-6ac867b353de</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls/bypass">Documentation</a><br/>|
-|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_appgateway_module.html">Documentation</a><br/>|
-|AKS Monitoring Logging Disabled<br/><sup><sub>d5e83b32-56dd-4247-8c2e-074f43b38a5e</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
-|Log Retention Is Not Set<br/><sup><sub>0461b4fd-21ef-4687-929e-484ee4796785</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|Monitoring Log Profile Without All Activities<br/><sup><sub>89f84a1e-75f8-47c5-83b5-bee8e2de4168</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
-|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>7ab33ac0-e4a3-418f-a673-50da4e34df21</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Log Connections Not Set<br/><sup><sub>7b47138f-ec0e-47dc-8516-e7728fe3cc17</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Log Disconnections Not Set<br/><sup><sub>054d07b5-941b-4c28-8eef-18989dc62323</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Log Duration Not Set<br/><sup><sub>729ebb15-8060-40f7-9017-cb72676a5487</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Server Without Connection Throttling<br/><sup><sub>a9becca7-892a-4af7-b9e1-44bf20a4cd9a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|SQL Server Predictable Active Directory Account Name<br/><sup><sub>530e8291-2f22-4bab-b7ea-306f1bc2a308</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_adserviceprincipal_module.html">Documentation</a><br/>|
-|SQL Server Predictable Admin Account Name<br/><sup><sub>663062e9-473d-4e87-99bc-6f3684b3df40</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html">Documentation</a><br/>|
-|Cosmos DB Account Without Tags<br/><sup><sub>23a4dc83-4959-4d99-8056-8e051a82bc1e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html">Documentation</a><br/>|
-|AKS Network Policy Misconfigured<br/><sup><sub>8c3bedf1-c570-4c3b-b414-d068cd39a00c</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html#parameter-network_profile/network_policy">Documentation</a><br/>|
-|Small Activity Log Retention Period<br/><sup><sub>37fafbea-dedb-4e0d-852e-d16ee0589326</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
-|Allow Unsafe Lookups Enabled<br/><sup><sub>86b97bb4-85c9-462d-8635-cbc057c5c8c5</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/config.html#default-allow-unsafe-lookups">Documentation</a><br/>|
-|Privilege Escalation Using Become Plugin<br/><sup><sub>404908b6-4954-4611-98f0-e8ceacdabcb1</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/become.html">Documentation</a><br/>|
-|Communication over HTTP<br/><sup><sub>d7dc9350-74bc-485b-8c85-fed22d276c43</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/httpapi.html">Documentation</a><br/>|
-|Logging of Sensitive Data<br/><sup><sub>c6473dae-8477-4119-88b7-b909b435ce7b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/logging.html#protecting-sensitive-data-with-no-log">Documentation</a><br/>|
-|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>086031e1-9d4a-4249-acb3-5bfe4c363db2</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html">Documentation</a><br/>|
-|SQL DB Instance Publicly Accessible<br/><sup><sub>7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html">Documentation</a><br/>|
-|BigQuery Dataset Is Public<br/><sup><sub>2263b286-2fe9-4747-a0ae-8b4768a2bbd2</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_bigquery_dataset_module.html#parameter-access/special_group">Documentation</a><br/>|
-|SQL DB Instance With SSL Disabled<br/><sup><sub>d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/ip_configuration/require_ssl">Documentation</a><br/>|
-|Client Certificate Disabled<br/><sup><sub>20180133-a0d0-4745-bfe0-94049fbb12a9</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Cloud SQL Instance With Contained Database Authentication On<br/><sup><sub>6d34aff3-fdd2-460c-8190-756a3b4969e8</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Cloud SQL Instance With Cross DB Ownership Chaining On<br/><sup><sub>9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|GKE Legacy Authorization Enabled<br/><sup><sub>300a9964-b086-41f7-9378-b6de3ba1c32b</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|MySQL Instance With Local Infile On<br/><sup><sub>a7b520bb-2509-4fb0-be05-bc38f54c7a4c</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|RDP Access Is Not Restricted<br/><sup><sub>75418eb9-39ec-465f-913c-6f2b6a80dc77</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
-|VM With Full Cloud Access<br/><sup><sub>bc20bbc6-0697-4568-9a73-85af1dd97bdd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-service_accounts/scopes">Documentation</a><br/>|
-|SQL DB Instance Backup Disabled<br/><sup><sub>0c82eae2-aca0-401f-93e4-fb37a0f9e5e8</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/backup_configuration/enabled">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>092bae86-6105-4802-99d2-99cd7e7431f3</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_disk_module.html">Documentation</a><br/>|
-|DNSSEC Using RSASHA1<br/><sup><sub>6cf4c3a7-ceb0-4475-8892-3745b84be24a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/defaultKeySpecs/algorithm">Documentation</a><br/>|
-|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>b28bcd2f-c309-490e-ab7c-35fc4023eb26</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_ssl_policy_module.html">Documentation</a><br/>|
-|Cloud DNS Without DNSSEC<br/><sup><sub>80b15fb1-6207-40f4-a803-6915ae619a03</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/state">Documentation</a><br/>|
-|Cluster Master Authentication Disabled<br/><sup><sub>9df7f78f-ebe3-432e-ac3b-b67189c15518</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|GKE Basic Authentication Enabled<br/><sup><sub>344bf8ab-9308-462b-a6b2-697432e40ba1</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>d58c6f24-3763-4269-9f5b-86b2569a003b</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html">Documentation</a><br/>|
-|IP Aliasing Disabled<br/><sup><sub>ed672a9f-fbf0-44d8-a47d-779501b0db05</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Network Policy Disabled<br/><sup><sub>98e04ca0-34f5-4c74-8fec-d2e611ce2790</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|OSLogin Is Disabled In VM Instance<br/><sup><sub>66dae697-507b-4aef-be18-eec5bd707f33</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Private Cluster Disabled<br/><sup><sub>3b30e3d6-c99b-4318-b38f-b99db74578b5</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Shielded VM Disabled<br/><sup><sub>18d3a83d-4414-49dc-90ea-f0387b2856cc</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Using Default Service Account<br/><sup><sub>2775e169-e708-42a9-9305-b58aadd2c4dd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|GKE Using Default Service Account<br/><sup><sub>dc126833-125a-40fb-905a-ce5f2afde240</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-node_config/service_account">Documentation</a><br/>|
-|Compute Instance Is Publicly Accessible<br/><sup><sub>829f1c60-2bab-44c6-8a21-5cd9d39a2c82</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-network_interfaces/access_configs">Documentation</a><br/>|
-|GKE Master Authorized Networks Disabled<br/><sup><sub>d43366c5-80b0-45de-bbe8-2338f4ab0a83</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-master_authorized_networks_config/enabled">Documentation</a><br/>|
-|Google Compute Network Using Default Firewall Rule<br/><sup><sub>29b8224a-60e9-4011-8ac2-7916a659841f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-name">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>3602d273-3290-47b2-80fa-720162b1a8af</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
-|IP Forwarding Enabled<br/><sup><sub>11bd3554-cd56-4257-8e25-7aaf30cf8f5f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Serial Ports Are Enabled For VM Instances<br/><sup><sub>c6fc6f29-dc04-46b6-99ba-683c01aff350</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|SSH Access Is Not Restricted<br/><sup><sub>b2fbf1df-76dd-4d78-a6c0-e538f4a9b016</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>507df964-ad97-4035-ab14-94a82eabdfdd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-logging">Documentation</a><br/>|
-|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>7814ddda-e758-4a56-8be3-289a81ded929</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-versioning">Documentation</a><br/>|
-|PostgreSQL Log Connections Disabled<br/><sup><sub>d7a5616f-0a3f-4d43-bc2b-29d1a183e317</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|PostgreSQL log_checkpoints Flag Not Set To ON<br/><sup><sub>89afe3f0-4681-4ce3-89ed-896cebd4277c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Stackdriver Logging Disabled<br/><sup><sub>19c9e2a0-fc33-4264-bba1-e3682661e8f7</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Stackdriver Monitoring Disabled<br/><sup><sub>20dcd953-a8b8-4892-9026-9afa6d05a525</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Node Auto Upgrade Disabled<br/><sup><sub>d6e10477-2e19-4bcd-b8a8-19c65b89ccdf</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-management/auto_upgrade">Documentation</a><br/>|
-|High Google KMS Crypto Key Rotation Period<br/><sup><sub>f9b7086b-deb8-4034-9330-d7fd38f1b8de</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_kms_crypto_key_module.html">Documentation</a><br/>|
-|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>099b4411-d11e-4537-a0fc-146b19762a79</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Cluster Labels Disabled<br/><sup><sub>fbe9b2d0-a2b7-47a1-a534-03775f3013f7</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|COS Node Image Not Used<br/><sup><sub>be41f891-96b1-4b9d-b74f-b922a918c778</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-config/image_type">Documentation</a><br/>|
-|PostgreSQL Misconfigured Logging Duration Flag<br/><sup><sub>aed98a2a-e680-497a-8886-277cea0f4514</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>7289eebd-a477-4064-8ad4-3c044bd70b00</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
-|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>6a4080ae-79bd-42f6-a924-8f534c1c018b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_subnetwork_module.html#parameter-private_ip_google_access">Documentation</a><br/>|
-|PostgreSQL Logging Of Temporary Files Disabled<br/><sup><sub>d6fae5b6-ada9-46c0-8b36-3108a2a2f77b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|PostgreSQL Misconfigured Log Messages Flag<br/><sup><sub>28a757fc-3d8f-424a-90c0-4233363b2711</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Ansible Tower Exposed To Internet<br/><sup><sub>1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible-tower/latest/html/administration/security_best_practices.html#understand-the-architecture-of-ansible-and-tower">Documentation</a><br/>|
-|Privilege Escalation Using Become Plugin<br/><sup><sub>0e75052f-cc02-41b8-ac39-a78017527e95</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/partial-become/#problematic-code">Documentation</a><br/>|
-|Communication Over HTTP<br/><sup><sub>2e8d4922-8362-4606-8c14-aa10466a1ce3</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/ansible/builtin/uri_module.html#parameter-url">Documentation</a><br/>|
-|Insecure Relative Path Resolution<br/><sup><sub>8d22ae91-6ac1-459f-95be-d37bd373f244</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-relative-paths/">Documentation</a><br/>|
-|Logging of Sensitive Data<br/><sup><sub>59029ddf-e651-412b-ae7b-ff6d403184bc</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-log-password/">Documentation</a><br/>|
-|Unpinned Package Version<br/><sup><sub>c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/package-latest/">Documentation</a><br/>|
-|Risky File Permissions<br/><sup><sub>88841d5c-d22d-4b7e-a6a0-89ca50e44b9f</sub></sup>|Ansible|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/risky-file-permissions/">Documentation</a><br/>|
-|SQL Database Server Firewall Allows All IPS<br/><sup><sub>6a3201a5-1630-494b-b294-3129d06b0eca</sub></sup>|AzureResourceManager|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2014-04-01/servers/firewallrules?tabs=json">Documentation</a><br/>|
-|AKS Cluster RBAC Disabled<br/><sup><sub>9307a2ed-35c2-413d-94de-a1a0682c2158</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json">Documentation</a><br/>|
-|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>d855ced8-6157-448f-9f1d-f05a41d046f7</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7" target="_blank">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts">Documentation</a><br/>|
-|Role Definitions Allow Custom Subscription Role Creation<br/><sup><sub>8fa9ceea-881f-4ef0-b0b8-728f589699a7</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.authorization/roledefinitions?tabs=json#permission-object">Documentation</a><br/>|
-|Key Vault Not Recoverable<br/><sup><sub>7c25f361-7c66-44bf-9b69-022acd5eb4bd</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Backup|<a href="../azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/2019-09-01/vaults?tabs=json#vaultproperties-object">Documentation</a><br/>|
-|Azure Managed Disk Without Encryption<br/><sup><sub>350f3955-b5be-436f-afaa-3d2be2fa6cdd</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Encryption|<a href="../azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/disks?tabs=json#encryptionsettingscollection-object">Documentation</a><br/>|
-|Network Security Group With Unrestricted Access To RDP<br/><sup><sub>59cb3da7-f206-4ae6-b827-7abf0a9cab9d</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2020-07-01/networksecuritygroups?tabs=json#securityrulepropertiesformat-object">Documentation</a><br/>|
-|Storage Blob Service Container With Public Access<br/><sup><sub>a0ab985d-660b-41f7-ac81-70957ee8e627</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts/blobservices/containers?tabs=json#containerproperties-object">Documentation</a><br/>|
-|Hardcoded SecureString Parameter Default Value<br/><sup><sub>4d2cf896-c053-4be5-9c95-8b4771112f29</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Secret Management|<a href="../azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-test-cases#secure-parameters-cant-have-hardcoded-default">Documentation</a><br/>|
-|App Service Authentication Is Not Set<br/><sup><sub>83130a07-235b-4a80-918b-a370e53f0bd9</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites/config-web?tabs=json">Documentation</a><br/>|
-|Azure Instance Using Basic Authentication<br/><sup><sub>6797f581-0433-4768-ae3e-7ceb2f8b138e</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/virtualmachines?tabs=json#linuxconfiguration-object">Documentation</a><br/>|
-|Secret Without Expiration Date<br/><sup><sub>cff9c3f7-e8f0-455f-9fb4-5f72326da96e</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults/secrets?tabs=json#SecretAttributes">Documentation</a><br/>|
-|SQL Server Database With Alerts Disabled<br/><sup><sub>574e8d82-1db2-4b9c-b526-e320ede9a9ff</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
-|Storage Account Allows Unsecure Transfer<br/><sup><sub>1367dd13-2c90-4020-80b7-e4339a3dc2c4</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
-|Web App Not Using TLS Last Version<br/><sup><sub>b5c851d5-00f1-43dc-a8de-3218fd6f71be</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteconfig-object">Documentation</a><br/>|
-|AKS Cluster Network Policy Not Configured<br/><sup><sub>25c0228e-4444-459b-a2df-93c7df40b7ed</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#containerservicenetworkprofile-object">Documentation</a><br/>|
-|Website Not Forcing HTTPS<br/><sup><sub>488847ff-6031-487c-bf42-98fd6ac5c9a0</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
-|MySQL Server SSL Enforcement Disabled<br/><sup><sub>90120147-f2e7-4fda-bb21-6fa9109afd63</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbformysql/servers?tabs=json#serverpropertiesforcreate-object">Documentation</a><br/>|
-|Network Security Group With Unrestricted Access To SSH<br/><sup><sub>2ade1579-4b2c-4590-bebb-f99bf597f612</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612" target="_blank">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.network/networksecuritygroups?pivots=deployment-language-bicep#securityrulepropertiesformat">Documentation</a><br/>|
-|PostgreSQL Database Server Log Checkpoints Disabled<br/><sup><sub>f9112910-c7bb-4864-9f5e-2059ba413bb7</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers/configurations?tabs=json">Documentation</a><br/>|
-|PostgreSQL Database Server Log Connections Disabled<br/><sup><sub>e69bda39-e1e2-47ca-b9ee-b6531b23aedd</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json#configurationproperties-object">Documentation</a><br/>|
-|PostgreSQL Database Server SSL Disabled<br/><sup><sub>bf500309-da53-4dd3-bcf7-95f7974545a5</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers?tabs=json">Documentation</a><br/>|
-|PostgresSQL Database Server Connection Throttling Disabled<br/><sup><sub>a6d774b6-d9ea-4bf4-8433-217bf15d2fb8</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json">Documentation</a><br/>|
-|Trusted Microsoft Services Not Enabled<br/><sup><sub>e25b56cd-a4d6-498f-ab92-e6296a082097</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#networkruleset">Documentation</a><br/>|
-|Website with Client Certificate Auth Disabled<br/><sup><sub>92302b47-b0cc-46cb-a28f-5610ecda140b</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
-|AKS Logging To Azure Monitoring Is Disabled<br/><sup><sub>9b09dee1-f09b-4013-91d2-158fa4695f4b</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
-|SQL Server Database Without Auditing<br/><sup><sub>e055285c-bc01-48b4-8aa5-8a54acdd29df</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings">Documentation</a><br/>|
-|Storage Logging For Read Write And Delete Requests Disabled<br/><sup><sub>43f6e60c-9cdb-4e77-864d-a66595d26518</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/pt-pt/azure/azure-monitor/essentials/resource-manager-diagnostic-settings#diagnostic-setting-for-azure-storage">Documentation</a><br/>|
-|Website Azure Active Directory Disabled<br/><sup><sub>e9c133e5-c2dd-4b7b-8fff-40f2de367b56</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Access Control|<a href="../azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites?tabs=json#ManagedServiceIdentity">Documentation</a><br/>|
-|Phone Number Not Set For Security Contacts<br/><sup><sub>3e9fcc67-1f64-405f-b2f9-0a6be17598f0</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts?tabs=json">Documentation</a><br/>|
-|AKS Dashboard Is Enabled<br/><sup><sub>c62d3b92-9a11-4ffd-b7b7-6faaae83faed</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
-|AKS With Authorized IP Ranges Disabled<br/><sup><sub>2583fab1-953b-4fae-bd02-4a136a6c21f9</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusterapiserveraccessprofile-object">Documentation</a><br/>|
-|Storage Account Allows Default Network Access<br/><sup><sub>9073f073-5d60-4b46-b569-0d6baa80ed95</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
-|Website with 'Http20Enabled' Disabled<br/><sup><sub>70111098-7f85-48f0-b1b4-e4261cf5f61b</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
-|Log Profile Incorrect Category<br/><sup><sub>4d522e7b-f938-4d51-a3b1-974ada528bd3</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#logprofileproperties-object">Documentation</a><br/>|
-|SQL Server Database With Unrecommended Retention Days<br/><sup><sub>c09cdac2-7670-458a-bf6c-efad6880973a</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings?tabs=json">Documentation</a><br/>|
-|Unrecommended Log Profile Retention Policy<br/><sup><sub>25684eac-daaa-4c2c-94b4-8d2dbb627909</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#retentionpolicy-object">Documentation</a><br/>|
-|Unrecommended Network Watcher Flow Log Retention Policy<br/><sup><sub>564b70f8-41cd-4690-aff8-bb53add86bc9</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2019-11-01/networkwatchers/flowlogs?tabs=json#retentionpolicyparameters-object">Documentation</a><br/>|
-|Standard Price Is Not Selected<br/><sup><sub>2081c7d6-2851-4cce-bda5-cb49d462da42</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/pricings?tabs=json#pricingproperties-object">Documentation</a><br/>|
-|Account Admins Not Notified By Email<br/><sup><sub>a8852cc0-fd4b-4fc7-9372-1e43fad0732e</sub></sup>|AzureResourceManager|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2017-03-01-preview/servers/securityalertpolicies?tabs=json">Documentation</a><br/>|
-|SQL Alert Policy Without Emails<br/><sup><sub>89b79fe5-49bd-4d39-84ce-55f5fc6f7764</sub></sup>|AzureResourceManager|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
-|Email Notifications Disabled<br/><sup><sub>79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92</sub></sup>|AzureResourceManager|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts">Documentation</a><br/>|
-|Run Using apt<br/><sup><sub>a1bc27c6-7115-48d8-bf9d-5a7e836845ba</sub></sup>|Buildah|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba" target="_blank">Query details</a><br><a href="https://github.com/containers/buildah/blob/main/docs/buildah-run.1.md">Documentation</a><br/>|
-|Script Block Injection<br/><sup><sub>62ff6823-927a-427f-acf9-f1ea2932d616</sub></sup>|CICD|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616" target="_blank">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
-|Run Block Injection<br/><sup><sub>20f14e1a-a899-4e79-9f09-b6a84cd4649b</sub></sup>|CICD|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b" target="_blank">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
-|Unsecured Commands<br/><sup><sub>60fd272d-15f4-4d8f-afe4-77d9c6cc0453</sub></sup>|CICD|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453" target="_blank">Query details</a><br><a href="https://0xn3va.gitbook.io/cheat-sheets/ci-cd/github/actions#misuse-of-the-events-related-to-incoming-prs">Documentation</a><br/>|
-|Unpinned Actions Full Length Commit SHA<br/><sup><sub>555ab8f9-2001-455e-a077-f2d0f41e2fb9</sub></sup>|CICD|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9" target="_blank">Query details</a><br><a href="https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions">Documentation</a><br/>|
-|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>5864fb39-d719-4182-80e2-89dbe627be63</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-replicationinstance.html">Documentation</a><br/>|
-|ECR Repository Is Publicly Accessible<br/><sup><sub>75be209d-1948-41f6-a8c8-e22dd0121134</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
-|S3 Bucket Access to Any Principal<br/><sup><sub>7772bb8c-c0f3-42d4-8e4e-f1b8939ad085</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>07dda8de-d90d-469e-9b37-1aca53526ced</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>acc78859-765e-4011-a229-a65ea57db252</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>f6397a20-4cf1-4540-a997-1d363c25ef58</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket With All Permissions<br/><sup><sub>4ae8af91-5108-42cb-9471-3bdbe596eac9</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|SNS Topic is Publicly Accessible<br/><sup><sub>ae53ce91-42b5-46bf-a84f-9a13366a4f13</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-policy.html">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>de38e1d5-54cb-4111-a868-6f7722695007</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|DB Security Group With Public Scope<br/><sup><sub>9564406d-e761-4e61-b8d7-5926e3ab8e79</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|RDS Associated with Public Subnet<br/><sup><sub>4e88adee-a8eb-4605-a78d-9fb1096e3091</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsubnetgroupname">Documentation</a><br/>|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
-|ECS Service Admin Role Is Present<br/><sup><sub>01986452-bdd8-4aaa-b5df-d6bf61d616ff</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|IAM Policy Grants Full Permissions<br/><sup><sub>f62aa827-4ade-4dc4-89e4-1433d384a368</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|Lambda Functions With Full Privileges<br/><sup><sub>a0ae0a4e-712b-4115-8112-51b9eeed9d69</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
-|MSK Broker Is Publicly Accessible<br/><sup><sub>0ce1ba20-8ba8-4364-836f-40c24b8cb0ab</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-publicaccess.html">Documentation</a><br/>|
-|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>a3aa0087-8228-4e7e-b202-dc9036972d02</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html#cfn-neptune-dbcluster-iamauthenabled">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>219f4c95-aa50-44e0-97de-cf71f4641170</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>835d5497-a526-4aea-a23f-98a9afd1635f</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>f97b7d23-568f-4bcc-9ac9-02df0d57fbba</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows List Action From All Principals<br/><sup><sub>faa8fddf-c0aa-4b2d-84ff-e993e233ebe9</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Public Policy<br/><sup><sub>860ba89b-b8de-4e72-af54-d6aee4138a69</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|S3 Bucket Allows Restore Actions From All Principals<br/><sup><sub>456b00a3-1072-4149-9740-6b8bb60251b0</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|AmazonMQ Broker Encryption Disabled<br/><sup><sub>316278b3-87ac-444c-8f8f-a733a28da60f</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-encryptionoptions">Documentation</a><br/>|
-|API Gateway Cache Encrypted Disabled<br/><sup><sub>37cca703-b74c-48ba-ac81-595b53398e9b</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html">Documentation</a><br/>|
-|CMK Unencrypted Storage<br/><sup><sub>ffee2785-c347-451e-89f3-11aeb08e5c84</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>1b6322d9-c755-4f8c-b804-32c19250f2d9</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configrule.html#cfn-config-configrule-source">Documentation</a><br/>|
-|DynamoDB Table Not Encrypted<br/><sup><sub>4bd21e68-38c1-4d58-acdc-6a14b203237f</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
-|DynamoDB With Aws Owned CMK<br/><sup><sub>c8dee387-a2e6-4a73-a942-183c975549ac</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
-|EBS Volume Encryption Disabled<br/><sup><sub>80b7ac3f-d2b7-4577-9b10-df7913497162</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
-|ECS Cluster Not Encrypted At Rest<br/><sup><sub>6c131358-c54d-419b-9dd6-1f7dd41d180c</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>2ff8e83c-90e1-4d68-a300-6d652112e622</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
-|ElastiCache With Disabled at Rest Encryption<br/><sup><sub>e4ee3903-9225-4b6a-bdfb-e62dbadef821</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-atrestencryptionenabled">Documentation</a><br/>|
-|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>d926aa95-0a04-4abc-b20c-acf54afe38a1</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
-|ElasticSearch Not Encrypted At Rest<br/><sup><sub>86a248ab-0e01-4564-a82a-878303e253bb</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>809f77f8-d10e-4842-a84f-3be7b6ff1190</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|Kinesis SSE Not Configured<br/><sup><sub>7f65be75-90ab-4036-8c2a-410aef7bb650</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesis-stream.html">Documentation</a><br/>|
-|MSK Cluster Encryption Disabled<br/><sup><sub>a976d63f-af0e-46e8-b714-8c1a9c4bf768</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
-|Neptune Database Cluster Encryption Disabled<br/><sup><sub>bf4473f1-c8a2-4b1b-8134-bd32efabab93</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html">Documentation</a><br/>|
-|RDS Storage Encryption Disabled<br/><sup><sub>65844ba3-03a1-40a8-b3dd-919f122e8c95</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-storageencrypted">Documentation</a><br/>|
-|RDS Storage Not Encrypted<br/><sup><sub>5beacce3-4020-4a3d-9e1d-a36f953df630</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|Redshift Not Encrypted<br/><sup><sub>3b316b05-564c-44a7-9c3f-405bb95e211e</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
-|S3 Bucket Without Server-side-encryption<br/><sup><sub>b2e8752c-3497-4255-98d2-e4ae5b46bbf5</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonS3/latest/user-guide/default-bucket-encryption.html">Documentation</a><br/>|
-|SageMaker Data Encryption Disabled<br/><sup><sub>709e6da6-fa1f-44cc-8f17-7f25f96dadbe</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-notebookinstance.html">Documentation</a><br/>|
-|User Data Contains Encoded Private Key<br/><sup><sub>568cc372-ca64-420d-9015-ee347d00d288</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html">Documentation</a><br/>|
-|Workspace Without Encryption<br/><sup><sub>89827c57-5a8a-49eb-9731-976a606d70db</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspaces-workspace.html">Documentation</a><br/>|
-|Batch Job Definition With Privileged Container Properties<br/><sup><sub>76ddf32c-85b1-4808-8935-7eef8030ab36</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-batch-jobdefinition.html">Documentation</a><br/>|
-|KMS Key With Vulnerable Policy<br/><sup><sub>da905474-7454-43c0-b8d2-5756ab951aba</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keypolicy">Documentation</a><br/>|
-|Lambda Functions Without Unique IAM Roles<br/><sup><sub>ae03f542-1423-402f-9cef-c834e7ee9583</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
-|MQ Broker Is Publicly Accessible<br/><sup><sub>68b6a789-82f8-4cfd-85de-e95332fe6a61</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-publiclyaccessible">Documentation</a><br/>|
-|Root Account Has Active Access Keys<br/><sup><sub>4c137350-7307-4803-8c04-17c09a7a9fcf</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
-|S3 Static Website Host Enabled<br/><sup><sub>90501b1b-cded-4cc1-9e8b-206b85cda317</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration.html">Documentation</a><br/>|
-|Permissive Web ACL Default Action<br/><sup><sub>6d64f311-3da6-45f3-80f1-14db9771ea40</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-waf-webacl.html">Documentation</a><br/>|
-|DB Security Group Open To Large Scope<br/><sup><sub>0104165b-02d5-426f-abc9-91fb48189899</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|Default Security Groups With Unrestricted Traffic<br/><sup><sub>ea33fcf7-394b-4d11-a228-985c5d08f205</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|EC2 Sensitive Port Is Publicly Exposed<br/><sup><sub>494b03d3-bf40-4464-8524-7c56ad0700ed</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|ELB Sensitive Port Is Exposed To Entire Network<br/><sup><sub>78055456-f670-4d2e-94d5-392d1cf4f5e4</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|Fully Open Ingress<br/><sup><sub>e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group">Documentation</a><br/>|
-|Remote Desktop Port Open To Internet<br/><sup><sub>c9846969-d066-431f-9b34-8c4abafe422a</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Route53 Record Undefined<br/><sup><sub>24d932e1-91f0-46ea-836f-fdbd81694151</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html">Documentation</a><br/>|
-|Security Group Unrestricted Access To RDP<br/><sup><sub>3ae83918-7ec7-4cb8-80db-b91ef0f94002</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Security Groups With Exposed Admin Ports<br/><sup><sub>cdbb0467-2957-4a77-9992-7b55b29df7b7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Security Groups With Meta IP<br/><sup><sub>adcd0082-e90b-4b63-862b-21899f6e6a48</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Unknown Port Exposed To Internet<br/><sup><sub>829ce3b8-065c-41a3-ad57-e0accfea82d2</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Unrestricted Security Group Ingress<br/><sup><sub>4a1e6b34-1008-4e61-a5f2-1f7c276f8d14</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|Amplify App Access Token Exposed<br/><sup><sub>73980e43-f399-4fcc-a373-658228f7adf7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.html">Documentation</a><br/>|
-|Amplify App Basic Auth Config Password Exposed<br/><sup><sub>71493c8b-3014-404c-9802-078b74496fb7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
-|Amplify App OAuth Token Exposed<br/><sup><sub>03b38885-8f4e-480c-a0e4-12c1affd15db</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
-|Amplify Branch Basic Auth Config Password Exposed<br/><sup><sub>dfb56e5d-ee68-446e-b32a-657b62befe69</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-branch.html#cfn-amplify-branch-basicauthconfig">Documentation</a><br/>|
-|Directory Service Microsoft AD Password Set to Plaintext or Default Ref<br/><sup><sub>06b9f52a-8cd5-459b-bdc6-21a22521e1be</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-microsoftad.html">Documentation</a><br/>|
-|Directory Service Simple AD Password Exposed<br/><sup><sub>6685d912-d81f-4cfa-95ad-e316ea31c989</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-simplead.html">Documentation</a><br/>|
-|DMS Endpoint MongoDB Settings Password Exposed<br/><sup><sub>f988a17f-1139-46a3-8928-f27eafd8b024</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-mongodbsettings.html">Documentation</a><br/>|
-|DMS Endpoint Password Exposed<br/><sup><sub>5f700072-b7ce-4e84-b3f3-497bf1c24a4d</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-endpoint.html">Documentation</a><br/>|
-|DocDB Cluster Master Password In Plaintext<br/><sup><sub>39423ce4-9011-46cd-b6b1-009edcd9385d</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html">Documentation</a><br/>|
-|Hardcoded AWS Access Key In Lambda<br/><sup><sub>2564172f-c92b-4261-9acd-464aed511696</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-environment">Documentation</a><br/>|
-|IAM User LoginProfile Password Is In Plaintext<br/><sup><sub>06adef8c-c284-4de7-aad2-af43b07a8ca1</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html">Documentation</a><br/>|
-|RefreshToken Is Exposed<br/><sup><sub>5b48c507-0d1f-41b0-a630-76817c6b4189</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
-|API Gateway Method Does Not Contains An API Key<br/><sup><sub>3641d5b4-d339-4bc2-bfb9-208fe8d3477f</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
-|API Gateway Without Configured Authorizer<br/><sup><sub>7fd0d461-5b8c-4815-898c-f2b4b117eb28</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-authorizer.html">Documentation</a><br/>|
-|EC2 Instance Has No IAM Role<br/><sup><sub>f914357d-8386-4d56-9ba6-456e5723f9a6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html">Documentation</a><br/>|
-|EC2 Instance Using Default Security Group<br/><sup><sub>08b81bb3-0985-4023-8602-b606ad81d279</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-securitygroups">Documentation</a><br/>|
-|EC2 Network ACL Ineffective Denied Traffic<br/><sup><sub>2623d682-dccb-44cd-99d0-54d9fd62f8f2</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
-|Elasticsearch Without IAM Authentication<br/><sup><sub>5c666ed9-b586-49ab-9873-c495a833b705</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-accesspolicies">Documentation</a><br/>|
-|Empty Roles For ECS Cluster Task Definitions<br/><sup><sub>7f384a5f-b5a2-4d84-8ca3-ee0a5247becb</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|IAM Group Inline Policies<br/><sup><sub>a58d1a2d-4078-4b80-855b-84cc3f7f4540</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
-|IAM Group Without Users<br/><sup><sub>8f957abd-9703-413d-87d3-c578950a753c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
-|IAM Policies Attached To User<br/><sup><sub>edc95c10-7366-4f30-9b4b-f995c84eceb5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html">Documentation</a><br/>|
-|IAM Policies With Full Privileges<br/><sup><sub>953b3cdb-ce13-428a-aa12-318726506661</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>e835bd0d-65da-49f7-b6d1-b646da8727e6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|IAM Policy On User<br/><sup><sub>e4239438-e639-44aa-adb8-866e400e3ade</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|IAM Role Allows All Principals To Assume<br/><sup><sub>f80e3aa7-7b34-4185-954e-440a6894dde6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
-|IoT Policy Allows Action as Wildcard<br/><sup><sub>4d32780f-43a4-424a-a06d-943c543576a5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
-|IoT Policy Allows Wildcard Resource<br/><sup><sub>be5b230d-4371-4a28-a441-85dc760e2aa3</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
-|KMS Allows Wildcard Principal<br/><sup><sub>f6049677-ec4a-43af-8779-5190b6d03cba</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
-|Public Lambda via API Gateway<br/><sup><sub>57b12981-3816-4c31-b190-a1e614361dd2</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
-|S3 Bucket Allows Public ACL<br/><sup><sub>48f100d9-f499-4c6d-b2b8-deafe47ffb26</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>818f38ed-8446-4132-9c03-474d49e10195</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-sns-policy">Documentation</a><br/>|
-|SQS Policy With Public Access<br/><sup><sub>9b6a3f5b-5fd6-40ee-9bc0-ed604911212d</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html">Documentation</a><br/>|
-|Auto Scaling Group With No Associated ELB<br/><sup><sub>ad21e616-5026-4b9d-990d-5b007bfe679c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>2844c749-bd78-4cd1-90e8-b179df827602</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>cfdef2e5-1fe4-4ef4-bea8-c56e08963150</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html">Documentation</a><br/>|
-|RDS Multi-AZ Deployment Disabled<br/><sup><sub>2b1d4935-9acf-48a7-8466-10d18bf51a69</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|RDS With Backup Disabled<br/><sup><sub>8c415f6f-7b90-4a27-a44a-51047e1506f9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|S3 Bucket Without Versioning<br/><sup><sub>a227ec01-f97a-4084-91a4-47b350c1db54</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|Stack Retention Disabled<br/><sup><sub>fe974ae9-858e-4991-bbd5-e040a834679f</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-autodeployment.html#cfn-cloudformation-stackset-autodeployment-retainstacksonaccountremoval">Documentation</a><br/>|
-|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>0f04217d-488f-4e7a-bec8-f16159686cd6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html">Documentation</a><br/>|
-|ECS No Load Balancer Attached<br/><sup><sub>fb2b0ecf-1492-491a-a70d-ba1df579175d</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|IAM Managed Policy Applied to a User<br/><sup><sub>0e5872b4-19a0-4165-8b2f-56d9e14b909f</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-groups">Documentation</a><br/>|
-|IAM User Without Password Reset<br/><sup><sub>a964d6e3-8e1e-4d93-8120-61fa640dd55a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html">Documentation</a><br/>|
-|Alexa Skill Plaintext Client Secret Exposed<br/><sup><sub>3c3b7a58-b018-4d07-9444-d9ee7156e111</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
-|CloudFormation Specifying Credentials Not Safe<br/><sup><sub>9ecb6b21-18bc-4aa7-bd07-db20f1c746db</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-authentication.html">Documentation</a><br/>|
-|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>31733ee2-fef0-4e87-9778-65da22a8ecf1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|CodeBuild Not Encrypted<br/><sup><sub>d7467bb6-3ed1-4c82-8095-5e7a818d0aad</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html">Documentation</a><br/>|
-|Connection Between CloudFront Origin Not Encrypted<br/><sup><sub>a5366a50-932f-4085-896b-41402714a388</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|Default KMS Key Usage<br/><sup><sub>e52395b4-250b-4c60-81d5-2e58c1d37abc</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|EFS Volume With Disabled Transit Encryption<br/><sup><sub>c1282e03-b285-4637-aee7-eefe3a7bb658</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html">Documentation</a><br/>|
-|ElastiCache With Disabled Transit Encryption<br/><sup><sub>3b02569b-fc6f-4153-b3a3-ba91022fed68</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html">Documentation</a><br/>|
-|ELB Using Insecure Protocols<br/><sup><sub>61a94903-3cd3-4780-88ec-fc918819b9c8</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|ELB Without Secure Protocol<br/><sup><sub>80908a75-586b-4c61-ab04-490f4f4525b8</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|EMR Security Configuration Encryption Disabled<br/><sup><sub>5b033ec8-f079-4323-b5c8-99d4620433a9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html">Documentation</a><br/>|
-|IAM Database Auth Not Enabled<br/><sup><sub>9fcd0a0a-9b6f-4670-a215-d94e6bf3f184</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableiamdatabaseauthentication">Documentation</a><br/>|
-|KMS Key Rotation Disabled<br/><sup><sub>235ca980-eb71-48f4-9030-df0c371029eb</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|Redshift Cluster Without KMS CMK<br/><sup><sub>de76a0d6-66d5-45c9-9022-f05545b85c78</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
-|S3 Bucket Without SSL In Write Actions<br/><sup><sub>38c64e76-c71e-4d92-a337-60174d1de1c9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|SageMaker EndPoint Config Should Specify KmsKeyId Attribute<br/><sup><sub>44034eda-1c3f-486a-831d-e09a7dd94354</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html">Documentation</a><br/>|
-|Secure Ciphers Disabled<br/><sup><sub>be96849c-3df6-49c2-bc16-778a7be2519c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-viewercertificate.html">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>12726829-93ed-4d51-9cbe-13423f4299e1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html#aws-sqs-queue-kmsmasterkeyid">Documentation</a><br/>|
-|API Gateway With Open Access<br/><sup><sub>1056dfbb-5802-4762-bf2b-8b9b9684b1b0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
-|API Gateway Without Security Policy<br/><sup><sub>8275fab0-68ec-4705-bbf4-86975edb170e</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-securitypolicy">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>ed4c48b8-eccc-4881-95c1-09fdae23db25</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>dc17ee4b-ddf2-4e23-96e8-7a36abad1303</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|ECR Image Tag Not Immutable<br/><sup><sub>33f41d31-86b1-46a4-81f7-9c9a671f59ac</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
-|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>027a4b7a-8a59-4938-a04f-ed532512cf45</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-networkmode">Documentation</a><br/>|
-|EMR Cluster Without Security Configuration<br/><sup><sub>48af92a5-c89b-4936-bc62-1086fe2bab23</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticmapreduce-cluster.html#cfn-elasticmapreduce-cluster-securityconfiguration">Documentation</a><br/>|
-|GitHub Repository Set To Public<br/><sup><sub>5906092d-5f74-490d-9a03-78febe0f65e1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codestar-githubrepository.html">Documentation</a><br/>|
-|IAM User Has Too Many Access Keys<br/><sup><sub>48677914-6fdf-40ec-80c4-2b0e94079f54</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
-|Redshift Publicly Accessible<br/><sup><sub>bdf8dcb4-75df-4370-92c4-606e4ae6c4d3</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
-|S3 Bucket With Unsecured CORS Rule<br/><sup><sub>3609d27c-3698-483a-9402-13af6ae80583</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html">Documentation</a><br/>|
-|S3 Bucket Without Ignore Public ACL<br/><sup><sub>6c8d51af-218d-4bfb-94a9-94eabaa0703a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>350cd468-0e2c-44ef-9d22-cfb73a62523c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|SageMaker Enabling Internet Access<br/><sup><sub>88d55d94-315d-4564-beee-d2d725feab11</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
-|Vulnerable Default SSL Certificate<br/><sup><sub>b4d9c12b-bfba-4aeb-9cb8-2358546d8041</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|ALB Is Not Integrated With WAF<br/><sup><sub>105ba098-1e34-48cd-b0f2-a8a43a51bf9b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>275a3217-ca37-40c1-a6cf-bb57d245ab32</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html#cfn-ec2-elb-listener-protocol">Documentation</a><br/>|
-|API Gateway Endpoint Config is Not Private<br/><sup><sub>4a8daf95-709d-4a36-9132-d3e19878fa34</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-endpointconfiguration.html#cfn-apigateway-restapi-endpointconfiguration-types">Documentation</a><br/>|
-|API Gateway without WAF<br/><sup><sub>fcbf9019-566c-4832-a65c-af00d8137d2b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webaclassociation.html#cfn-wafv2-webaclassociation-resourcearn">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>0f139403-303f-467c-96bd-e717e6cfd62d</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-webaclid">Documentation</a><br/>|
-|EC2 Instance Subnet Has Public IP Mapping On Launch<br/><sup><sub>b3de4e4c-14be-4159-b99d-9ad194365e4c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html#cfn-ec2-subnet-mappubliciponlaunch">Documentation</a><br/>|
-|EC2 Network ACL Overlapping Ports<br/><sup><sub>77b6f1e2-bde4-4a6a-ae7e-a40659ff1576</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-portrange.html">Documentation</a><br/>|
-|EC2 Permissive Network ACL Protocols<br/><sup><sub>03879981-efa2-47a0-a818-c843e1441b88</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
-|EC2 Public Instance Exposed Through Subnet<br/><sup><sub>c44c95fc-ae92-4bb8-bdf8-bb9bc412004a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route.html">Documentation</a><br/>|
-|EKS node group remote access<br/><sup><sub>73d59e76-a12c-4b74-a3d8-d3e1e19c25b3</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-nodegroup.html">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>4cdc88e6-c0c8-4081-a639-bb3a557cbedf</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticsearch-domain-domainendpointoptions.html">Documentation</a><br/>|
-|ELB With Security Group Without Inbound Rules<br/><sup><sub>e200a6f3-c589-49ec-9143-7421d4a2c845</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupingress">Documentation</a><br/>|
-|ELB With Security Group Without Outbound Rules<br/><sup><sub>01d5a458-a6c4-452a-ac50-054d59275b7c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupegress">Documentation</a><br/>|
-|GameLift Fleet EC2 InboundPermissions With Port Range<br/><sup><sub>43356255-495d-4148-ad8d-f6af5eac09dd</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-fleet.html">Documentation</a><br/>|
-|HTTP Port Open To Internet<br/><sup><sub>ddfc4eaa-af23-409f-b96c-bf5c45dc4daa</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|SageMaker Notebook Not Placed In VPC<br/><sup><sub>9c7028d9-04c2-45be-b8b2-1188ccaefb36</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
-|Security Group Egress CIDR Open To World<br/><sup><sub>1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
-|Security Group Egress With All Protocols<br/><sup><sub>ee464fc2-54a6-4e22-b10a-c6dcd2474d0c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
-|Security Group Egress With Port Range<br/><sup><sub>dae9c373-8287-462f-8746-6f93dad93610</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
-|Security Group Ingress With All Protocols<br/><sup><sub>1a427b25-2e9e-4298-9530-0499a55e736b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|Security Group Ingress With Port Range<br/><sup><sub>87482183-a8e7-4e42-a566-7a23ec231c16</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|Security Group With Unrestricted Access To SSH<br/><sup><sub>6e856af2-62d7-4ba2-adc1-73b62cef9cc1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Security Groups Allows Unrestricted Outbound Traffic<br/><sup><sub>66f2d8f9-a911-4ced-ae27-34f09690bb2c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|TCP UDP Protocol Network ACL Entry Allows All Ports<br/><sup><sub>f57f849c-883b-4cb7-85e7-f7b199dff163</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-portrange">Documentation</a><br/>|
-|VPC Without Network Firewall<br/><sup><sub>3e293410-d5b8-411f-85fd-7d26294f20c9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-vpcid">Documentation</a><br/>|
-|API Gateway Deployment Without Access Log Setting<br/><sup><sub>06ec63e3-9f72-4fe2-a218-2eb9200b8db5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
-|API Gateway V2 Stage Access Logging Settings Not Defined<br/><sup><sub>80d45af4-4920-4236-a56e-b7ef419d1941</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>de77cd9f-0e8b-46cc-b4a4-b6b436838642</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/logging-and-monitoring.html">Documentation</a><br/>|
-|CloudTrail Logging Disabled<br/><sup><sub>5c0b06d5-b7a4-484c-aeb0-75a836269ff0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-islogging">Documentation</a><br/>|
-|CloudWatch Logging Disabled<br/><sup><sub>0f0fb06b-0f2f-4374-8588-f2c7c348c7a0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-queryloggingconfig">Documentation</a><br/>|
-|CloudWatch Metrics Disabled<br/><sup><sub>5d3c1807-acb3-4bb0-be4e-0440230feeaf</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-alarm.html">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>1bf3b3d4-f373-4d7c-afbb-7d85948a67a5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-enablecloudwatchlogsexports">Documentation</a><br/>|
-|EC2 Instance Monitoring Disabled<br/><sup><sub>0264093f-6791-4475-af34-4b8102dcbcd0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-monitoring">Documentation</a><br/>|
-|Elasticsearch Logs Disabled<br/><sup><sub>edbd62d4-8700-41de-b000-b3cfebb5e996</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
-|ELB Access Log Disabled<br/><sup><sub>ee12ad32-2863-4c0f-b13f-28272d115028</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-accessloggingpolicy.html">Documentation</a><br/>|
-|ELBv2 ALB Access Log Disabled<br/><sup><sub>c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattributes.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattributes-key">Documentation</a><br/>|
-|GuardDuty Detector Disabled<br/><sup><sub>a25cd877-375c-4121-a640-730929936fac</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html">Documentation</a><br/>|
-|MQ Broker Logging Disabled<br/><sup><sub>e519ed6a-8328-4b69-8eb7-8fa549ac3050</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-logs">Documentation</a><br/>|
-|MSK Cluster Logging Disabled<br/><sup><sub>fc7c2c15-f5d0-4b80-adb2-c89019f8f62b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
-|Redshift Cluster Logging Disabled<br/><sup><sub>3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-loggingproperties">Documentation</a><br/>|
-|S3 Bucket CloudTrail Logging Disabled<br/><sup><sub>c3ce69fd-e3df-49c6-be78-1db3f802261c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
-|S3 Bucket Logging Disabled<br/><sup><sub>4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
-|VPC FlowLogs Disabled<br/><sup><sub>f6d299d2-21eb-41cc-b1e1-fe12d857500b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html">Documentation</a><br/>|
-|High Access Key Rotation Period<br/><sup><sub>800fa019-49dd-421b-9042-7331fdd83fa2</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2" target="_blank">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/config/latest/developerguide/access-keys-rotated.html">Documentation</a><br/>|
-|IAM User With No Group<br/><sup><sub>06933df4-0ea7-461c-b9b5-104d27390e0e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
-|Support Has No Role Associated<br/><sup><sub>d71b5fd7-9020-4b2d-9ec8-b3839faa2744</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|EBS Volume Not Attached To Instances<br/><sup><sub>1819ac03-542b-4026-976b-f37addd59f3b</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volumeattachment.html">Documentation</a><br/>|
-|ECS Service Without Running Tasks<br/><sup><sub>79d745f0-d5f3-46db-9504-bef73e9fd528</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-deploymentconfiguration">Documentation</a><br/>|
-|VPC Attached With Too Many Gateways<br/><sup><sub>97e94d17-e2c7-4109-a53b-6536ac1bb64e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html">Documentation</a><br/>|
-|Low RDS Backup Retention Period<br/><sup><sub>e649a218-d099-4550-86a4-1231e1fcb60d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html">Documentation</a><br/>|
-|RDS DB Instance With Deletion Protection Disabled<br/><sup><sub>2c161e58-cb52-454f-abea-6470c37b5e6e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-deletionprotection">Documentation</a><br/>|
-|Automatic Minor Upgrades Disabled<br/><sup><sub>f0104061-8bfc-4b45-8a7d-630eb502f281</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|CDN Configuration Is Missing<br/><sup><sub>e4f54ff4-d352-40e8-a096-5141073c37a2</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html">Documentation</a><br/>|
-|Cognito UserPool Without MFA<br/><sup><sub>74a18d1a-cf02-4a31-8791-ed0967ad7fdc</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html">Documentation</a><br/>|
-|Geo Restriction Disabled<br/><sup><sub>7f8843f0-9ea5-42b4-a02b-753055113195</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html">Documentation</a><br/>|
-|IAM Access Analyzer Not Enabled<br/><sup><sub>8d29754a-2a18-460d-a1ba-9509f8d359da</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da" target="_blank">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>b1b20ae3-8fa7-4af5-a74d-a2145920fcb1</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user">Documentation</a><br/>|
-|IAM Policies Without Groups<br/><sup><sub>5e7acff5-095b-40ac-9073-ac2e4ad8a512</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
-|Lambda Permission Misconfigured<br/><sup><sub>9b83114b-b2a1-4534-990d-06da015e47aa</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/pt_br/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
-|Security Group Ingress Has CIDR Not Recommended<br/><sup><sub>a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|DynamoDB With Not Recommented Table Billing Mode<br/><sup><sub>c333e906-8d8b-4275-b999-78b6318f8dc6</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-attributedef">Documentation</a><br/>|
-|EFS Without Tags<br/><sup><sub>08e39832-5e42-4304-98a0-aa5b43393162</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
-|API Gateway With Invalid Compression<br/><sup><sub>d6653eee-2d4d-4e6a-976f-6794a497999a</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html">Documentation</a><br/>|
-|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>050a9ba8-d1cb-4c61-a5e8-8805a70d3b85</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-kmskeyid">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>6d087495-2a42-4735-abf7-02ef5660a7e6</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
-|API Gateway Cache Cluster Disabled<br/><sup><sub>52790cad-d60d-41d5-8483-146f9f21208d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclusterenabled">Documentation</a><br/>|
-|Inline Policies Are Attached To ECS Service<br/><sup><sub>9e8c89b3-7997-4d15-93e4-7911b9db99fd</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|Instance With No VPC<br/><sup><sub>8a6d36cd-0bc6-42b7-92c4-67acc8576861</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html">Documentation</a><br/>|
-|Lambda Function Without Dead Letter Queue<br/><sup><sub>c2eae442-d3ba-4cb1-84ca-1db4f80eae3d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-deadletterconfig">Documentation</a><br/>|
-|Lambda Function Without Tags<br/><sup><sub>8df8e857-bd59-44fa-9f4c-d77594b95b46</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
-|Wildcard In ACM Certificate Domain Name<br/><sup><sub>cc8b294f-006f-4f8f-b5bb-0a9140c33131</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html">Documentation</a><br/>|
-|RouterTable with Default Routing<br/><sup><sub>4f0908b9-eb66-433f-9145-134274e1e944</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route-table.html">Documentation</a><br/>|
-|S3 Bucket Should Have Bucket Policy<br/><sup><sub>37fa8188-738b-42c8-bf82-6334ea567738</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|EC2 Instance Using Default VPC<br/><sup><sub>e42a3ef0-5325-4667-84bf-075ba1c9d58e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-subnetid">Documentation</a><br/>|
-|ElastiCache Using Default Port<br/><sup><sub>323db967-c68e-44e6-916c-a777f95af34b</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-port">Documentation</a><br/>|
-|ElastiCache Without VPC<br/><sup><sub>ba766c53-fe71-4bbb-be35-b6803f2ef13e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html#cfn-elasticache-cachecluster-cachesubnetgroupname">Documentation</a><br/>|
-|EMR Without VPC<br/><sup><sub>bf89373a-be40-4c04-99f5-746742dfd7f3</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-jobflowinstancesconfig.html#cfn-elasticmapreduce-cluster-jobflowinstancesconfig-ec2subnetid">Documentation</a><br/>|
-|RDS Using Default Port<br/><sup><sub>1fe9d958-ddce-4228-a124-05265a959a8b</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port">Documentation</a><br/>|
-|Redshift Using Default Port<br/><sup><sub>a478af30-8c3a-404d-aa64-0b673cee509a</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-port">Documentation</a><br/>|
-|Security Groups Without VPC Attached<br/><sup><sub>493d9591-6249-47bf-8dc0-5c10161cc558</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Shield Advanced Not In Use<br/><sup><sub>ad7444cf-817a-4765-a79e-2145f7981faf</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html">Documentation</a><br/>|
-|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>783860a3-6dca-4c8b-81d0-7b62769ccbca</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
-|API Gateway X-Ray Disabled<br/><sup><sub>4ab10c48-bedb-4deb-8f3b-ff12783b61de</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tracingenabled">Documentation</a><br/>|
-|CloudTrail Log File Validation Disabled<br/><sup><sub>2a3560fe-52ca-4443-b34f-bf0ed5eb74c8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-enablelogfilevalidation">Documentation</a><br/>|
-|CloudTrail Multi Region Disabled<br/><sup><sub>058ac855-989f-4378-ba4d-52d004020da7</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-ismultiregiontrail">Documentation</a><br/>|
-|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>65d07da5-9af5-44df-8983-52d2e6f24c44</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html">Documentation</a><br/>|
-|CloudTrail SNS Topic Name Undefined<br/><sup><sub>3e09413f-471e-40f3-8626-990c79ae63f3</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-snstopicname">Documentation</a><br/>|
-|CMK Rotation Disabled<br/><sup><sub>1c07bfaf-663c-4f6f-b22b-8e2d481e4df5</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|Configuration Aggregator to All Regions Disabled<br/><sup><sub>9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configurationaggregator.html">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>ab759fde-e1e8-4b0e-ad73-ba856e490ed8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-cluster.html#cfn-ecs-cluster-clustersettings">Documentation</a><br/>|
-|ECS Task Definition HealthCheck Missing<br/><sup><sub>d24389b4-b209-4ff0-8345-dc7a4569dcdd</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html">Documentation</a><br/>|
-|ElasticSearch Without Slow Logs<br/><sup><sub>086ea2eb-14a6-4fd4-914b-38e0bc8703e8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
-|Lambda Functions Without X-Ray Tracing<br/><sup><sub>9488c451-074e-4cd3-aee3-7db6104f542c</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-tracingconfig.html">Documentation</a><br/>|
-|Stack Notifications Disabled<br/><sup><sub>837e033c-4717-40bd-807e-6abaa30161b7</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html">Documentation</a><br/>|
-|Unscanned ECR Image<br/><sup><sub>9025b2b3-e554-4842-ba87-db7aeec36d35</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagescanningconfiguration">Documentation</a><br/>|
-|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>7f8f1b60-43df-4c28-aa21-fb836dbd8071</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
-|ECS Task Definition Invalid CPU or Memory<br/><sup><sub>f4c9b5f5-68b8-491f-9e48-4f96644a1d51</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html">Documentation</a><br/>|
-|SDB Domain Declared As A Resource<br/><sup><sub>6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-simpledb.html">Documentation</a><br/>|
-|VPC Without Attached Subnet<br/><sup><sub>3b3b4411-ad1f-40e7-b257-a78a6bb9673a</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html">Documentation</a><br/>|
-|EBS Volume Without KmsKeyId<br/><sup><sub>b7063015-6c31-4658-a8e7-14f98f37fd42</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
-|Secrets Manager Should Specify KmsKeyId<br/><sup><sub>c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html">Documentation</a><br/>|
-|SNS Topic Without KmsMasterKeyId<br/><sup><sub>9d13b150-a2ab-42a1-b6f4-142e41f81e52</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>8dd0ff1f-0da4-48df-9bb3-7f338ae36a40</sub></sup>|CloudFormation|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-ebsoptimized">Documentation</a><br/>|
-|Security Group Rule Without Description<br/><sup><sub>5e6c9c68-8a82-408e-8749-ddad78cbb9c5</sub></sup>|CloudFormation|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|EC2 Network ACL Duplicate Rule<br/><sup><sub>045ddb54-cfc5-4abb-9e05-e427b2bc96fe</sub></sup>|CloudFormation|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-rulenumber">Documentation</a><br/>|
-|BOM - AWS Cassandra<br/><sup><sub>124b173b-e06d-48a6-8acd-f889443d97a4</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS DynamoDB<br/><sup><sub>4e67c0ae-38a0-47f4-a50c-f0c9b75826df</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EBS<br/><sup><sub>0b0556ea-9cd9-476f-862e-20679dda752b</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EFS<br/><sup><sub>ef05a925-8568-4054-8ff1-f5ba82631c16</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Elasticache<br/><sup><sub>c689f51b-9203-43b3-9d8b-caed123f706c</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Kinesis<br/><sup><sub>d53323be-dde6-4457-9a43-42df737e71d2</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MQ<br/><sup><sub>209189f3-c879-48a7-9703-fbcfa96d0cef</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MSK<br/><sup><sub>2730c169-51d7-4ae7-99b5-584379eff1bb</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS RDS<br/><sup><sub>6ef03ff6-a2bd-483c-851f-631f248bc0ea</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS S3 Buckets<br/><sup><sub>b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SNS<br/><sup><sub>42e7dca3-8cce-4325-8df0-108888259136</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SQS<br/><sup><sub>59a849c2-1127-4023-85a5-ef906dcd458c</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|Serverless Function Without Unique IAM Role<br/><sup><sub>4ba74f01-aba5-4be2-83bc-be79ff1a3b92</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-role">Documentation</a><br/>|
-|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>a7f8ac28-eed1-483d-87c8-4c325f022572</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-kmskeyarn">Documentation</a><br/>|
-|Serverless API Endpoint Config Not Private<br/><sup><sub>6b5b0313-771b-4319-ad7a-122ee78700ef</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-endpointconfiguration">Documentation</a><br/>|
-|Serverless API Access Logging Setting Undefined<br/><sup><sub>0a994e04-c6dc-471d-817e-d37451d18a3b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-stage-accesslogsetting.html">Documentation</a><br/>|
-|Serverless API X-Ray Tracing Disabled<br/><sup><sub>c757c6a3-ac87-4b9d-b28d-e5a5add6a315</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-tracingenabled">Documentation</a><br/>|
-|Serverless API Without Content Encoding<br/><sup><sub>a2f2800e-614b-4bc8-89e6-fec8afd24800</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-minimumcompressionsize">Documentation</a><br/>|
-|Serverless API Cache Cluster Disabled<br/><sup><sub>60a05ede-0a68-4d0d-a58f-f538cf55ff79</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-cacheclusterenabled">Documentation</a><br/>|
-|Serverless Function Without Dead Letter Queue<br/><sup><sub>cb2f612b-ed42-4ff5-9fb9-255c73d39a18</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-deadletterqueue">Documentation</a><br/>|
-|Serverless Function Without Tags<br/><sup><sub>a71ecabe-03b6-456a-b3bc-d1a39aa20c98</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tags">Documentation</a><br/>|
-|Serverless Function Without X-Ray Tracing<br/><sup><sub>dc1ab429-1481-4540-9b1d-280e3f15f1f8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tracing">Documentation</a><br/>|
-|Passwords And Secrets<br/><sup><sub>a88baa34-e2ad-44ea-ad6f-8cac87bc7c71</sub></sup>|Common|<span style="color:#bb2124">High</span>|Secret Management|<a href="../common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71" target="_blank">Query details</a><br><a href="https://docs.kics.io/latest/secrets/">Documentation</a><br/>|
-|DB Instance Storage Not Encrypted<br/><sup><sub>e50eb68a-a4af-4048-8bbe-8ec324421469</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>72840c35-3876-48be-900d-f21b2f0c2ea1</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-encrypted">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>a507daa5-0795-4380-960b-dd7bb7c56661</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/elbv2.aws.crossplane.io/Listener/v1alpha1@v0.29.0#spec-forProvider-sslPolicy">Documentation</a><br/>|
-|Neptune Database Cluster Encryption Disabled<br/><sup><sub>83bf5aca-138a-498e-b9cd-ad5bc5e117b4</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/neptune.aws.crossplane.io/DBCluster/v1alpha1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
-|DB Security Group Has Public Interface<br/><sup><sub>dd667399-8d9d-4a8d-bbb4-e49ab53b2f52</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ec2.aws.crossplane.io/SecurityGroup/v1beta1@v0.29.0#spec-forProvider-ingress-ipRanges-cidrIp">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>9296f1cc-7a40-45de-bd41-f31745488a0e</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/sqs.aws.crossplane.io/Queue/v1beta1@v0.29.0#spec-forProvider-kmsMasterKeyId">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>255b0fcc-9f82-41fe-9229-01b163e3376b</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-viewerCertificate-minimumProtocolVersion">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>d9dc6429-5140-498a-8f55-a10daac5f000</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.17.0">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>6d19ce0f-b3d8-4128-ac3d-1064e0f00494</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-webACLID">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>7b590235-1ff4-421b-b9ff-5227134be9bb</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-logging">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>e6cd49ba-77ed-417f-9bca-4f5303554308</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/docdb.aws.crossplane.io/DBCluster/v1alpha1@v0.21.1#status-atProvider-enabledCloudwatchLogsExports">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>bdecd6db-2600-47dd-a10c-72c97cf17ae9</sub></sup>|Crossplane|<span style="color:#edd57e">Low</span>|Encryption|<a href="../crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-kmsKeyID">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>0c7a76d9-7dc5-499e-81ac-9245839177cb</sub></sup>|Crossplane|<span style="color:#edd57e">Low</span>|Observability|<a href="../crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ecs.aws.crossplane.io/Cluster/v1alpha1@v0.42.0#spec-forProvider-settings">Documentation</a><br/>|
-|CloudWatch Without Retention Period Specified<br/><sup><sub>934613fe-b12c-4e5a-95f5-c1dcdffac1ff</sub></sup>|Crossplane|<span style="color:#5bc0de">Info</span>|Observability|<a href="../crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudwatchlogs.aws.crossplane.io/LogGroup/v1alpha1@v0.29.0#spec-forProvider-retentionInDays">Documentation</a><br/>|
-|AKS RBAC Disabled<br/><sup><sub>b2418936-cd47-4ea2-8346-623c0bdb87bd</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/compute.azure.crossplane.io/AKSCluster/v1alpha3@v0.19.0#spec-disableRBAC">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>6c7cfec3-c686-4ed2-bf58-a1ec054b63fc</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/cache.azure.crossplane.io/Redis/v1beta1@v0.19.0#spec-forProvider-enableNonSslPort">Documentation</a><br/>|
-|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>b4f65d13-a609-4dc1-af7c-63d2e08bffe9</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/container.gcp.crossplane.io/NodePool/v1beta1@v0.21.0#spec-forProvider-management-autoRepair">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>6c2d627c-de0f-45fb-b33d-dad9bffbb421</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/storage.gcp.crossplane.io/Bucket/v1alpha3@v0.21.0#spec-logging">Documentation</a><br/>|
-|Docker Socket Mounted In Container<br/><sup><sub>d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#volumes">Documentation</a><br/>|
-|Volume Has Sensitive Host Directory<br/><sup><sub>1c1325ff-831d-43a1-973e-839ae57dfcc0</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference">Documentation</a><br/>|
-|Volume Mounted In Multiple Containers<br/><sup><sub>baa452f0-1f21-4a25-ace5-844e7a5f410d</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
-|No New Privileges Not Set<br/><sup><sub>27fcc7d6-c49b-46e0-98f1-6c082a6a2750</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/run/#security-configuration">Documentation</a><br/>|
-|Privileged Containers Enabled<br/><sup><sub>ae5b6871-7f45-42e0-bb4c-ab300c4d2026</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#privileged">Documentation</a><br/>|
-|Healthcheck Not Set<br/><sup><sub>698ed579-b239-4f8f-a388-baa4bcb13ef8</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Availability|<a href="../dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck">Documentation</a><br/>|
-|Cgroup Not Default<br/><sup><sub>4d9f44c6-2f4a-4317-9bb5-267adbea0232</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cgroup_parent">Documentation</a><br/>|
-|Restart Policy On Failure Not Set To 5<br/><sup><sub>2fc99041-ddad-49d5-853f-e35e70a48391</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391" target="_blank">Query details</a><br><a href="https://docs.docker.com/config/containers/start-containers-automatically/#use-a-restart-policy">Documentation</a><br/>|
-|Container Traffic Not Bound To Host Interface<br/><sup><sub>451d79dc-0588-476a-ad03-3c7f0320abb3</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#ports">Documentation</a><br/>|
-|Privileged Ports Mapped In Container<br/><sup><sub>bc2908f3-f73c-40a9-8793-c1b7d5544f79</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
-|Container Capabilities Unrestricted<br/><sup><sub>ce76b7d0-9e77-464d-b86f-c5c48e03e22d</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
-|Default Seccomp Profile Disabled<br/><sup><sub>404fde2c-bc4b-4371-9747-7054132ac953</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
-|Host Namespace is Shared<br/><sup><sub>4f31dd9f-2cc3-4751-9b53-67e4af83dac0</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#pid">Documentation</a><br/>|
-|Memory Not Limited<br/><sup><sub>bb9ac4f7-e13b-423d-a010-c74a1bfbe492</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
-|Pids Limit Not Set<br/><sup><sub>221e0658-cb2a-44e3-b08a-db96a341d6fa</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
-|Security Opt Not Set<br/><sup><sub>610e266e-6c12-4bca-9925-1ed0cd29742b</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
-|Shared Host IPC Namespace<br/><sup><sub>baa3890f-bed7-46f5-ab8f-1da8fc91c729</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
-|Shared Host Network Namespace<br/><sup><sub>071a71ff-f868-47a4-ac0b-3c59e4ab5443</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode">Documentation</a><br/>|
-|Shared Host User Namespace<br/><sup><sub>8af7162d-6c98-482f-868e-0d33fb675ca8</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#userns_mode">Documentation</a><br/>|
-|Cpus Not Limited<br/><sup><sub>6b610c50-99fb-4ef0-a5f3-e312fd945bc3</sub></sup>|DockerCompose|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
-|Shared Volumes Between Containers<br/><sup><sub>8c978947-0ff6-485c-b0c2-0bfca6026466</sub></sup>|DockerCompose|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
-|Last User Is 'root'<br/><sup><sub>67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae</sub></sup>|Dockerfile|<span style="color:#bb2124">High</span>|Best Practices|<a href="../dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
-|Missing User Instruction<br/><sup><sub>fd54f200-402c-4333-a5a4-36ef6709af2f</sub></sup>|Dockerfile|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
-|Changing Default Shell Using RUN Command<br/><sup><sub>8a301064-c291-4b20-adcb-403fe7fd95fd</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#shell">Documentation</a><br/>|
-|Image Version Using 'latest'<br/><sup><sub>f45ea400-6bbe-4501-9fc7-1c3d75c32067</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/dev-best-practices/">Documentation</a><br/>|
-|Not Using JSON In CMD And ENTRYPOINT Arguments<br/><sup><sub>b86987e1-6397-4619-81d5-8807f2387c79</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
-|Run Using Sudo<br/><sup><sub>8ada6e80-0ade-439e-b176-0b28f6bce35a</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Add Instead of Copy<br/><sup><sub>9513a694-aa0d-41d8-be61-3271e056f36b</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#add">Documentation</a><br/>|
-|Apt Get Install Pin Version Not Defined<br/><sup><sub>965a08d7-ef86-4f14-8792-4a3b2098937e</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Gem Install Without Version<br/><sup><sub>22cd11f7-9c6c-4f6e-84c0-02058120b341</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Image Version Not Explicit<br/><sup><sub>9efb0b2d-89c9-41a3-91ca-dcc0aec911fd</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
-|Missing Version Specification In dnf install<br/><sup><sub>93d88cf7-f078-46a8-8ddc-178e03aeacf1</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Missing Zypper Non-interactive Switch<br/><sup><sub>45e1fca5-f90e-465d-825f-c2cb63fa3944</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|NPM Install Command Without Pinned Version<br/><sup><sub>e36d8880-3f78-4546-b9a1-12f0745ca0d5</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Unpinned Package Version in Apk Add<br/><sup><sub>d3499f6d-1651-41bb-a9a7-de925fea487b</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Unpinned Package Version in Pip Install<br/><sup><sub>02d9c71f-3ee8-4986-9c27-1a20d0d19bfc</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Yum install Without Version<br/><sup><sub>6452c424-1d92-4deb-bb18-a03e95d579c4</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Chown Flag Exists<br/><sup><sub>aa93e17f-b6db-4162-9334-c70334e7ac28</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Curl or Wget Instead of Add<br/><sup><sub>4b410d24-1cbe-4430-a632-62c9a931cf1c</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Exposing Port 22 (SSH)<br/><sup><sub>5907595b-5b6d-4142-b173-dbb0e73fbff8</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8" target="_blank">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
-|MAINTAINER Instruction Being Used<br/><sup><sub>99614418-f82b-4852-a9ae-5051402b741c</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#maintainer-deprecated">Documentation</a><br/>|
-|Missing Dnf Clean All<br/><sup><sub>295acb63-9246-4b21-b441-7c1f1fb62dc0</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Missing Zypper Clean<br/><sup><sub>38300d1a-feb2-4a48-936a-d1ef1cd24313</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Multiple RUN, ADD, COPY, Instructions Listed<br/><sup><sub>0008c003-79aa-42d8-95b8-1c2fe37dbfe6</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6" target="_blank">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
-|Pip install Keeping Cached Packages<br/><sup><sub>f2f903fb-b977-461e-98d7-b3e2185c6118</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Yum Clean All Missing<br/><sup><sub>00481784-25aa-4a55-8633-3136dfcf4f37</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|COPY '--from' References Current FROM Alias<br/><sup><sub>cdddb86f-95f6-4fc4-b5a1-483d9afceb2b</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
-|Copy With More Than Two Arguments Not Ending With Slash<br/><sup><sub>6db6e0c2-32a3-4a2e-93b5-72c35f4119db</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#copy">Documentation</a><br/>|
-|Multiple CMD Instructions Listed<br/><sup><sub>41c195f4-fc31-4a5c-8a1b-90605538d49f</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#cmd">Documentation</a><br/>|
-|Multiple ENTRYPOINT Instructions Listed<br/><sup><sub>6938958b-3f1a-451c-909b-baeee14bdc97</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
-|RUN Instruction Using 'cd' Instead of WORKDIR<br/><sup><sub>f4a6bcd3-e231-4acf-993c-aa027be50d2e</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
-|Same Alias In Different Froms<br/><sup><sub>f2daed12-c802-49cd-afed-fe41d0b82fed</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
-|Update Instruction Alone<br/><sup><sub>9bae49be-0aa3-4de5-bab2-4c3a069e40cd</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Using Unnamed Build Stages<br/><sup><sub>68a51e22-ae5a-4d48-8e87-b01a323605c9</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
-|WORKDIR Path Not Absolute<br/><sup><sub>6b376af8-cfe8-49ab-a08d-f32de23661a4</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
-|Healthcheck Instruction Missing<br/><sup><sub>b03a748a-542d-44f4-bb86-9199ab4fd2d5</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#healthcheck">Documentation</a><br/>|
-|Shell Running A Pipe Without Pipefail Flag<br/><sup><sub>efbf148a-67e9-42d2-ac47-02fa1c0d0b22</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|APT-GET Missing Flags To Avoid Manual Input<br/><sup><sub>77783205-c4ca-4f80-bb80-c777f267c547</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Missing Flag From Dnf Install<br/><sup><sub>7ebd323c-31b7-4e5b-b26f-de5e9e477af8</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Run Using 'wget' and 'curl'<br/><sup><sub>fc775e75-fcfb-4c98-b2f2-910c5858b359</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Run Using apt<br/><sup><sub>b84a0b47-2e99-4c9f-8933-98bcabe2b94d</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Yum Install Allows Manual Input<br/><sup><sub>6e19193a-8753-436d-8a09-76dcff91bb03</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Zypper Install Without Version<br/><sup><sub>562952e4-0348-4dea-9826-44f3a2c6117b</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Using Platform Flag with FROM Command<br/><sup><sub>b16e8501-ef3c-44e1-a543-a093238099c9</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
-|UNIX Ports Out Of Range<br/><sup><sub>71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#expose">Documentation</a><br/>|
-|Apk Add Using Local Cache Path<br/><sup><sub>ae9c56a6-3ed1-4ac0-9b54-31267f51151d</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Apt Get Install Lists Were Not Deleted<br/><sup><sub>df746b39-6564-4fed-bf85-e9c44382303c</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|APT-GET Not Avoiding Additional Packages<br/><sup><sub>7384dfb2-fcd1-4fbf-91cd-6c44c318c33c</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Run Utilities And POSIX Commands<br/><sup><sub>9b6b0f38-92a2-41f9-b881-3a1083d99f1b</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>63ae3638-a38c-4ff4-b616-6e1f72a31a6a</sub></sup>|GoogleDeploymentManager|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|BigQuery Dataset Is Public<br/><sup><sub>83103dff-d57f-42a8-bd81-40abab64c1a7</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7" target="_blank">Query details</a><br><a href="https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets">Documentation</a><br/>|
-|SQL DB Instance With SSL Disabled<br/><sup><sub>660360d3-9ca7-46d1-b147-3acc4002953f</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f" target="_blank">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
-|Client Certificate Disabled<br/><sup><sub>dd690686-2bf9-4012-a821-f61912dd77be</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|GKE Legacy Authorization Enabled<br/><sup><sub>df58d46c-783b-43e0-bdd0-d99164f712ee</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.LegacyAbac">Documentation</a><br/>|
-|Google Storage Bucket Level Access Disabled<br/><sup><sub>1239f54b-33de-482a-8132-faebe288e6a6</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|MySQL Instance With Local Infile On<br/><sup><sub>c759d6f2-4dd3-4160-82d3-89202ef10d87</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87" target="_blank">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
-|RDP Access Is Not Restricted<br/><sup><sub>50cb6c3b-c878-4b88-b50e-d1421bada9e8</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
-|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls">Documentation</a><br/>|
-|SQL DB Instance Backup Disabled<br/><sup><sub>a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Backup|<a href="../googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01" target="_blank">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>fc040fb6-4c23-4c0d-b12a-39edac35debb</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|DNSSEC Using RSASHA1<br/><sup><sub>6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35" target="_blank">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
-|Cloud DNS Without DNSSEC<br/><sup><sub>313d6deb-3b67-4948-b41d-35b699c2492e</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e" target="_blank">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
-|Cluster Master Authentication Disabled<br/><sup><sub>7ef7d141-9fbb-4679-a977-fd0883436906</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
-|IP Aliasing Disabled<br/><sup><sub>28727987-e398-49b8-aef1-8a3e7789d111</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
-|Network Policy Disabled<br/><sup><sub>c47f90e8-4a19-43f0-8413-cc434d286c4e</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|OSLogin Is Disabled In VM Instance<br/><sup><sub>e66e1b71-c810-4b4e-a737-0ab59e7f5e41</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|Private Cluster Disabled<br/><sup><sub>48c61fbd-09c9-46cc-a521-012e0c325412</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Shielded VM Disabled<br/><sup><sub>9038b526-4c19-4928-bca2-c03d503bdb79</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|Compute Instance Is Publicly Accessible<br/><sup><sub>8212e2d7-e683-49bc-bf78-d6799075c5a7</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|GKE Master Authorized Networks Disabled<br/><sup><sub>62c8cf50-87f0-4295-a974-8184ed78fe02</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|IP Forwarding Enabled<br/><sup><sub>7c98538a-81c6-444b-bf04-e60bc3ceeec0</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|SSH Access Is Not Restricted<br/><sup><sub>dee21308-2a7a-49de-8ff7-c9b87e188575</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
-|Bucket Without Versioning<br/><sup><sub>227c2f58-70c6-4432-8e9a-a89c1a548cf5</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>ad0875c1-0b39-4890-9149-173158ba3bba</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|Stackdriver Logging Disabled<br/><sup><sub>95601b9a-7fe8-4aee-9b58-d36fd9382dfc</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Stackdriver Monitoring Disabled<br/><sup><sub>bbfc97ab-e92a-4a7b-954c-e88cec815011</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Node Auto Upgrade Disabled<br/><sup><sub>dc5c5fee-6c53-43b0-ab11-4c660e064aaf</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>6e2b1ec1-1eca-4eb7-9d4d-2882680b4811</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|Cluster Labels Disabled<br/><sup><sub>8810968b-4b15-421d-918b-d91eb4bb8d1d</sub></sup>|GoogleDeploymentManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|COS Node Image Not Used<br/><sup><sub>dbe058d7-b82e-430b-8426-992b2e4677e7</sub></sup>|GoogleDeploymentManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters.nodePools">Documentation</a><br/>|
-|Not Proper Email Account In Use<br/><sup><sub>a21b8df3-c840-4b3d-a41a-10fb2afda171</sub></sup>|GoogleDeploymentManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171" target="_blank">Query details</a><br><a href="https://cloud.google.com/deployment-manager/docs/configuration/set-access-control-resources">Documentation</a><br/>|
-|BOM - GCP PD<br/><sup><sub>268c65a8-58ad-43e4-9019-1a9bbc56749f</sub></sup>|GoogleDeploymentManager|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP PST<br/><sup><sub>9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8</sub></sup>|GoogleDeploymentManager|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP SB<br/><sup><sub>c7781feb-a955-4f9f-b9cf-0d7c6f54bb59</sub></sup>|GoogleDeploymentManager|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|Enum Name Not CamelCase<br/><sup><sub>daaace5f-c0dc-4835-b526-7a116b7f4b4e</sub></sup>|GRPC|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e" target="_blank">Query details</a><br><a href="https://developers.google.com/protocol-buffers/docs/reference/proto3-spec#enum_definition">Documentation</a><br/>|
-|Serving Revision Spec Without Timeout Seconds<br/><sup><sub>e8bb41e4-2f24-4e84-8bea-8c7c070cf93d</sub></sup>|Knative|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d" target="_blank">Query details</a><br><a href="https://knative.dev/docs/reference/api/serving-api/#serving.knative.dev/v1.RevisionSpec">Documentation</a><br/>|
-|Authorization Mode Set To Always Allow<br/><sup><sub>f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Basic Auth File Is Set<br/><sup><sub>5da47109-f8d6-4585-9e2b-96a8958a12f5</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Client Certificate Authentication Not Setup Properly<br/><sup><sub>e0e00aba-5f1c-4981-a542-9a9563c0ee20</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Non Kube System Pod With Host Mount<br/><sup><sub>aa8f7a35-9923-4cad-bd61-a19b7f6aac91</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
-|RBAC Wildcard In Rule<br/><sup><sub>6b896afb-ca07-467a-b256-1a0077a1c08e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|Service Account Lookup Set To False<br/><sup><sub>a5530bd7-225a-48f9-91bb-f40b04200165</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Token Auth File Is Set<br/><sup><sub>32ecd76e-7bbf-402e-bf48-8b9485749558</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Pod Security Policy Admission Control Plugin Not Set<br/><sup><sub>afa36afb-39fe-4d94-b9b6-afb236f7a03d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Build Process|<a href="../kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Cluster Allows Unsafe Sysctls<br/><sup><sub>9127f0d9-2310-42e7-866f-5fd9d20dcbad</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/">Documentation</a><br/>|
-|Container Is Privileged<br/><sup><sub>dd29336b-fe57-445b-a26e-e6aa867ae609</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/#privileged-mode-for-containers">Documentation</a><br/>|
-|Container Runs Unmasked<br/><sup><sub>f922827f-aab6-447c-832a-e1ff63312bd3</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#allowedprocmounttypes">Documentation</a><br/>|
-|Containers With Sys Admin Capabilities<br/><sup><sub>235236ee-ad78-4065-bd29-61b061f28ce0</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Privilege Escalation Allowed<br/><sup><sub>5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>a33e9173-b674-4dfb-9d82-cf3754816e4b</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|PSP Allows Privilege Escalation<br/><sup><sub>87554eef-154d-411d-bdce-9dbd91e56851</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|PSP Allows Sharing Host IPC<br/><sup><sub>80f93444-b240-4ebb-a4c6-5c40b76c04ea</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|PSP Set To Privileged<br/><sup><sub>c48e57d3-d642-4e0b-90db-37f807b41b91</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#privileged">Documentation</a><br/>|
-|PSP With Added Capabilities<br/><sup><sub>7307579a-3abb-46ad-9ce5-2a915634d5c8</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Shared Host PID Namespace<br/><sup><sub>302736f4-b16c-41b8-befe-c0baffa0bd9d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Tiller (Helm v2) Is Deployed<br/><sup><sub>6d173be7-545a-46c6-a81d-2ae52ed1605d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
-|Tiller Service Is Not Deleted<br/><sup><sub>8b862ca9-0fbd-4959-ad72-b6609bdaa22d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service">Documentation</a><br/>|
-|Workload Mounting With Sensitive OS Directory<br/><sup><sub>5308a7a8-06f8-45ac-bf10-791fe21de46e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Etcd Peer TLS Certificate Files Not Properly Set<br/><sup><sub>09bb9e96-8da3-4736-b89a-b36814acca60</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Insecure Bind Address Set<br/><sup><sub>b9380fd3-5ffe-4d10-9290-13e18e71eee1</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Insecure Port Not Properly Set<br/><sup><sub>fa4def8c-1898-4a35-a139-7b76b1acdef0</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Secure Port Set To Zero<br/><sup><sub>3d24b204-b73d-42cb-b0bf-1a5438c5f71e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Tiller Deployment Is Accessible From Within The Cluster<br/><sup><sub>e17fa86a-6222-4584-a914-56e8f6c87e06</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
-|PSP With Unrestricted Access to Host Path<br/><sup><sub>de4421f1-4e35-43b4-9783-737dd4e4a47e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems">Documentation</a><br/>|
-|Volume Mount With OS Directory Write Permissions<br/><sup><sub>b7652612-de4e-4466-a0bf-1cd81f0c6063</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
-|Always Admit Admission Control Plugin Set<br/><sup><sub>ce30e584-b33f-4c7d-b418-a3d7027f8f60</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Anonymous Auth Is Not Set To False<br/><sup><sub>1de5cc51-f376-4638-a940-20f2e85ae238</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Authorization Mode RBAC Not Set<br/><sup><sub>1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>a6f34658-fdfb-4154-9536-56d516f65828</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
-|Node Restriction Admission Control Plugin Not Set<br/><sup><sub>33fc6923-6553-4fe6-9d3a-4efa51eb874b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Permissive Access to Create Pods<br/><sup><sub>592ad21d-ad9b-46c6-8d2d-fad09d62a942</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#privilege-escalation-prevention-and-bootstrapping">Documentation</a><br/>|
-|RBAC Roles Allow Privilege Escalation<br/><sup><sub>8320826e-7a9c-4b0b-9535-578333193432</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#restrictions-on-role-binding-creation-or-update">Documentation</a><br/>|
-|RBAC Roles with Attach Permission<br/><sup><sub>d45330fd-f58d-45fb-a682-6481477a0f84</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|RBAC Roles with Exec Permission<br/><sup><sub>c589f42c-7924-4871-aee2-1cede9bc7cbc</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|RBAC Roles with Impersonate Permission<br/><sup><sub>9f85c3f6-26fd-4007-938a-2e0cb0100980</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation">Documentation</a><br/>|
-|RBAC Roles with Port-Forwarding Permission<br/><sup><sub>38fa11ef-dbcc-4da8-9680-7e1fd855b6fb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|RBAC Roles with Read Secrets Permissions<br/><sup><sub>b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|Service Account Admission Control Plugin Disabled<br/><sup><sub>9587c890-0524-40c2-9ce2-663af7c2f063</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Use Service Account Credentials Not Set To True<br/><sup><sub>1acd93f1-5a37-45c0-aaac-82ece818be7d</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Readiness Probe Is Not Configured<br/><sup><sub>a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes">Documentation</a><br/>|
-|Request Timeout Not Properly Set<br/><sup><sub>d89a15bb-8dba-4c71-9529-bef6729b9c09</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Terminated Pod Garbage Collector Threshold Not Properly Set<br/><sup><sub>49113af4-29ca-458e-b8d4-724c01a4a24f</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Container Running As Root<br/><sup><sub>cf34805e-3872-4c08-bf92-6ff7bb0cfadb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Container Running With Low UID<br/><sup><sub>02323c00-cdc3-4fdc-a310-4f2b3e7a1660</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Root Containers Admitted<br/><sup><sub>e3aa0612-4351-4a0d-983f-aefea25cf203</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Always Pull Images Admission Control Plugin Not Set<br/><sup><sub>a77f4d07-c6e0-4a48-8b35-0eeb51576f4f</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>3878dc92-8e5d-47cf-9cdd-7590f71d21b9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
-|Encryption Provider Config Is Not Defined<br/><sup><sub>cbd2db69-0b21-4c14-8a40-7710a50571a9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Encryption Provider Not Properly Configured<br/><sup><sub>10efce34-5af6-4d83-b414-9e096d5a06a9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#understanding-the-encryption-at-rest-configuration">Documentation</a><br/>|
-|Root CA File Not Defined<br/><sup><sub>05fb986f-ac73-4ebb-a5b2-7faafa93d882</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Service Account Private Key File Not Defined<br/><sup><sub>ccc98ff7-68a7-436e-9218-185cb0b0b780</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Weak TLS Cipher Suites<br/><sup><sub>510d5810-9a30-443a-817d-5c1fa527b110</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Authorization Mode Node Not Set<br/><sup><sub>4d7ee40f-fc5d-427d-8cac-dffbe22d42d1</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Containers With Added Capabilities<br/><sup><sub>19ebaa28-fc86-4a58-bcfa-015c9e22fe40</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Ingress Controller Exposes Workload<br/><sup><sub>69bbc5e3-0818-4150-89cc-1e989b48f23b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/">Documentation</a><br/>|
-|Kubelet Protect Kernel Defaults Set To False<br/><sup><sub>6cf42c97-facd-4fda-b8af-ea4529123355</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>2270987f-bb51-479f-b8be-3ca73e5ad648</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>dbbc6705-d541-43b0-b166-dd4be8208b54</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|PSP Allows Sharing Host PID<br/><sup><sub>91dacd0e-d189-4a9c-8272-5999a3cc32d9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Seccomp Profile Is Not Configured<br/><sup><sub>f377b83e-bd07-4f48-a591-60c82b14a78b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/security/seccomp/#create-pod-that-uses-the-container-runtime-default-seccomp-profile">Documentation</a><br/>|
-|Security Context Deny Admission Control Plugin Not Set<br/><sup><sub>6a68bebe-c021-492e-8ddb-55b0567fb768</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Using Unrecommended Namespace<br/><sup><sub>611ab018-c4aa-4ba2-b0f6-a448337509a6</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/">Documentation</a><br/>|
-|Role Binding To Default Service Account<br/><sup><sub>1e749bc9-fde8-471c-af0c-8254efd2dee5</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
-|Service Account Name Undefined Or Empty<br/><sup><sub>591ade62-d6b0-4580-b1ae-209f80ba1cd9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
-|Service Account Token Automount Not Disabled<br/><sup><sub>48471392-d4d0-47c0-b135-cdec95eb3eef</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server">Documentation</a><br/>|
-|Auto TLS Set To True<br/><sup><sub>98ce8b81-7707-4734-aa39-627c6db3d84b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|CNI Plugin Does Not Support Network Policies<br/><sup><sub>03aabc8c-35d6-481e-9c85-20139cf72d23</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/">Documentation</a><br/>|
-|Etcd TLS Certificate Files Not Properly Set<br/><sup><sub>075ca296-6768-4322-aea2-ba5063b969a9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Etcd TLS Certificate Not Properly Configured<br/><sup><sub>895a5a95-3756-4b04-9924-2f3bc93181bd</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet HTTPS Set To False<br/><sup><sub>cdc8b54e-6b16-4538-a1b0-35849dbe29cf</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet Not Managing Ip Tables<br/><sup><sub>5f89001f-6dd9-49ff-9b15-d8cd71b617f4</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Kubelet Read Only Port Is Not Set To Zero<br/><sup><sub>2940d48a-dc5e-4178-a3f8-bfbd80720b41</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Kubelet Streaming Connection Timeout Disabled<br/><sup><sub>ed89b97d-04e9-4fd4-919f-ee5b27e555e9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Peer Auto TLS Set To True<br/><sup><sub>ae8827e2-4af9-4baa-9998-87539ae0d6f0</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Pod Misconfigured Network Policy<br/><sup><sub>0401f71b-9c1e-4821-ab15-a955caa621be</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
-|Service With External Load Balancer<br/><sup><sub>26763a1c-5dda-4772-b507-5fca7fb5f165</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/">Documentation</a><br/>|
-|TSL Connection Certificate Not Setup<br/><sup><sub>fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Audit Log Path Not Set<br/><sup><sub>73e251f0-363d-4e53-86e2-0a93592437eb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Policy File Not Defined<br/><sup><sub>13a49a2e-488e-4309-a7c0-d6b05577a5fb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Memory Limits Not Defined<br/><sup><sub>b14d1bc4-a208-45db-92f0-e21f8e2588e9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
-|Memory Requests Not Defined<br/><sup><sub>229588ef-8fde-40c8-8756-f4f2b5825ded</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
-|Shared Host IPC Namespace<br/><sup><sub>cd290efd-6c82-4e9d-a698-be12ae31d536</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Shared Host Network Namespace<br/><sup><sub>6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Etcd Client Certificate Authentication Set To False<br/><sup><sub>9391103a-d8d7-4671-ac5d-606ba7ccb0ac</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Etcd Client Certificate File Not Defined<br/><sup><sub>3f5ff8a7-5ad6-4d02-86f5-666307da1b20</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Etcd Peer Client Certificate Authentication Set To False<br/><sup><sub>b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Kubelet Certificate Authority Not Set<br/><sup><sub>ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet Client Certificate Or Key Not Set<br/><sup><sub>36a27826-1bf5-49da-aeb0-a60a30c0e834</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet Client Periodic Certificate Switch Disabled<br/><sup><sub>52d70f2e-3257-474c-b3dc-8ad9ba6a061a</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Not Unique Certificate Authority<br/><sup><sub>cb7e695d-6a85-495c-b15f-23aed2519303</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Rotate Kubelet Server Certificate Not Active<br/><sup><sub>1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Service Account Key File Not Properly Set<br/><sup><sub>dab4ec72-ce2e-4732-b7c3-1757dcce01a1</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|ServiceAccount Allows Access Secrets<br/><sup><sub>056ac60e-fe07-4acc-9b34-8e1d51716ab9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|Shared Service Account<br/><sup><sub>c1032cf7-3628-44e2-bd53-38c17cf31b6b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
-|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>249328b8-5f0f-409f-b1dd-029f07882e11</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles">Documentation</a><br/>|
-|Missing AppArmor Profile<br/><sup><sub>8b36775e-183d-4d46-b0f7-96a6f34a723f</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/clusters/apparmor/">Documentation</a><br/>|
-|Deployment Without PodDisruptionBudget<br/><sup><sub>b23e9b98-0cb6-4fc9-b257-1f3270442678</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
-|Event Rate Limit Admission Control Plugin Not Set<br/><sup><sub>e0099af2-fe17-411f-9991-0de28fe15f3c</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|HPA Targets Invalid Object<br/><sup><sub>2f652c42-619d-4361-b361-9f599688f8ca</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
-|StatefulSet Without PodDisruptionBudget<br/><sup><sub>1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
-|StatefulSet Without Service Name<br/><sup><sub>bb241e61-77c3-4b97-9575-c0f8a1e008d0</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
-|Metadata Label Is Invalid<br/><sup><sub>1123031a-f921-4c5b-bd86-ef354ecfd37a</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/">Documentation</a><br/>|
-|No Drop Capabilities for Containers<br/><sup><sub>268ca686-7fb7-4ae9-b129-955a2a89064e</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/init-containers/">Documentation</a><br/>|
-|Object Is Using A Deprecated API Version<br/><sup><sub>94b76ea5-e074-4ca2-8a03-c5a606e30645</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/using-api/deprecation-guide/">Documentation</a><br/>|
-|Image Policy Webhook Admission Control Plugin Not Set<br/><sup><sub>14abda69-8e91-4acb-9931-76e2bee90284</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Namespace Lifecycle Admission Control Plugin Disabled<br/><sup><sub>1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Root Container Not Mounted Read-only<br/><sup><sub>a9c2f49d-0671-4fc9-9ece-f4e261e128d0</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|StatefulSet Requests Storage<br/><sup><sub>8cf4671a-cf3d-46fc-8389-21e7405063a2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
-|Dashboard Is Enabled<br/><sup><sub>d2ad057f-0928-41ef-a83c-f59203bb855b</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/">Documentation</a><br/>|
-|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>caa3479d-885d-4882-9aac-95e5e78ef5c2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
-|Image Without Digest<br/><sup><sub>7c81d34c-8e5a-402b-9798-9f442630e678</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
-|Kubelet Hostname Override Is Set<br/><sup><sub>bf36b900-b5ef-4828-adb7-70eb543b7cfb</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Pod or Container Without LimitRange<br/><sup><sub>4a20ebac-1060-4c81-95d1-1f7f620e983b</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/limit-range/">Documentation</a><br/>|
-|Pod or Container Without ResourceQuota<br/><sup><sub>48a5beba-e4c0-4584-a2aa-e6894e4cf424</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/resource-quotas/">Documentation</a><br/>|
-|Pod or Container Without Security Context<br/><sup><sub>a97a340a-0063-418e-b3a1-3028941d0995</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Service Does Not Target Pod<br/><sup><sub>3ca03a61-3249-4c16-8427-6f8e47dda729</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
-|Network Policy Is Not Targeting Any Pod<br/><sup><sub>85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
-|Service Type is NodePort<br/><sup><sub>845acfbe-3e10-4b8e-b656-3b404d36dfb2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
-|Workload Host Port Not Specified<br/><sup><sub>2b1836f1-dcce-416e-8e16-da8c71920633</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#exposing-the-service">Documentation</a><br/>|
-|Audit Log Maxage Not Properly Set<br/><sup><sub>da9f3aa8-fbfb-472f-b5a1-576127944218</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Log Maxbackup Not Properly Set<br/><sup><sub>768aab52-2504-4a2f-a3e3-329d5a679848</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Log Maxsize Not Properly Set<br/><sup><sub>35c0a471-f7c8-4993-aa2c-503a3c712a66</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Policy Not Cover Key Security Concerns<br/><sup><sub>1828a670-5957-4bc5-9974-47da228f75e2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/debug-application-cluster/audit/">Documentation</a><br/>|
-|Kubelet Event QPS Not Properly Set<br/><sup><sub>1a07a446-8e61-4e4d-bc16-b0781fcb8211</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Profiling Not Set To False<br/><sup><sub>2f491173-6375-4a84-b28e-a4e2b9a58a69</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|CPU Limits Not Set<br/><sup><sub>4ac0e2b7-d2d2-4af7-8799-e8de6721ccda</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/">Documentation</a><br/>|
-|CPU Requests Not Set<br/><sup><sub>ca469dd4-c736-448f-8ac1-30a642705e0a</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#">Documentation</a><br/>|
-|CronJob Deadline Not Configured<br/><sup><sub>192fe40b-b1c3-448a-aba2-6cc19a300fe3</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/">Documentation</a><br/>|
-|Deployment Has No PodAntiAffinity<br/><sup><sub>a31b7b82-d994-48c4-bd21-3bab6c31827a</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
-|StatefulSet Has No PodAntiAffinity<br/><sup><sub>d740d048-8ed3-49d3-b77b-6f072f3b669e</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
-|Secrets As Environment Variables<br/><sup><sub>3d658f8b-d988-41a0-a841-40043121de1e</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables">Documentation</a><br/>|
-|Invalid Image Tag<br/><sup><sub>583053b7-e632-46f0-b989-f81ff8045385</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
-|Ensure Administrative Boundaries Between Resources<br/><sup><sub>e84eaf4d-2f45-47b2-abe8-e581b06deb66</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/">Documentation</a><br/>|
-|HPA Targeted Deployments With Configured Replica Count<br/><sup><sub>5744cbb8-5946-4b75-a196-ade44449525b</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
-|Liveness Probe Is Not Defined<br/><sup><sub>ade74944-a674-4e00-859e-c6eab5bde441</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#when-should-you-use-a-liveness-probe">Documentation</a><br/>|
-|Not Limited Capabilities For Pod Security Policy<br/><sup><sub>caa93370-791f-4fc6-814b-ba6ce0cb4032</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Bind Address Not Properly Set<br/><sup><sub>46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Using Kubernetes Native Secret Management<br/><sup><sub>b9c83569-459b-4110-8f79-6305aa33cb37</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Secret Management|<a href="../kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/">Documentation</a><br/>|
-|Security Definitions Undefined or Empty<br/><sup><sub>e3f026e8-fdb4-4d5a-bcfd-bd94452073fe</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
-|Security Requirement Not Defined In Security Definition<br/><sup><sub>a599b0d1-ff89-4cb8-9ece-9951854c06f6</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Structure and Semantics|<a href="../openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Global Security Using Password Flow<br/><sup><sub>2da46be4-4317-4650-9285-56d7103c4f93</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Implicit Flow in OAuth2 (v2)<br/><sup><sub>e9817ad8-a8c9-4038-8a2f-db0e6e7b284b</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Invalid OAuth2 Authorization URL (v2)<br/><sup><sub>33d96c65-977d-4c33-943f-440baca49185</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/33d96c65-977d-4c33-943f-440baca49185" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Invalid OAuth2 Token URL (v2)<br/><sup><sub>274f910a-0665-4f08-b66d-7058fe927dba</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
-|Operation Using Basic Auth<br/><sup><sub>ceefb058-8065-418f-9c4c-584a78c7e104</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Operation Using Implicit Flow<br/><sup><sub>f42dfe7e-787d-4478-a75e-a5f3d8a2269e</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Operation Using Password Flow<br/><sup><sub>2e44e632-d617-43cb-b294-6bfe72a08938</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Security Definitions Allows Password Flow<br/><sup><sub>773116aa-2e6d-416f-bd85-f0301cc05d76</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Security Definitions Using Basic Auth<br/><sup><sub>221015a8-aa2a-43f5-b00b-ad7d2b1d47a8</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Global Schemes Uses HTTP<br/><sup><sub>f30ee711-0082-4480-85ab-31d922d9a2b2</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
-|Path Scheme Accepts HTTP (v2)<br/><sup><sub>a6847dc6-f4ea-45ac-a81f-93291ae6c573</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
-|Schemes Uses HTTP<br/><sup><sub>a46928f1-43d7-4671-94e0-2dd99746f389</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
-|Operation Object Without 'consumes'<br/><sup><sub>0c79e50e-b3cf-490c-b8f6-587c644d4d0c</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Operation Object Without 'produces'<br/><sup><sub>be3e170e-1572-461e-a8b6-d963def581ec</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Non OAuth2 Security Requirement Defining OAuth2 Scopes<br/><sup><sub>ba239cb9-f342-4c20-812d-7b5a2aa6969e</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Structure and Semantics|<a href="../openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Undefined Scope 'securityDefinition' On 'security' Field On Operations<br/><sup><sub>3847280c-9193-40bc-8009-76168e822ce2</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/3847280c-9193-40bc-8009-76168e822ce2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
-|Undefined Scope 'securityDefinition' On Global 'security' Field<br/><sup><sub>9aa6e95c-d964-4239-a3a8-9f37a3c5a31f</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
-|Constraining Enum Property<br/><sup><sub>be1d8733-3731-40c7-a845-734741c6871d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/be1d8733-3731-40c7-a845-734741c6871d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Global Parameter Definition Not Being Used<br/><sup><sub>b30981fa-a12e-49c7-a5bb-eeafb61d0f0f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parametersDefinitionsObject">Documentation</a><br/>|
-|Global Responses Definition Not Being Used<br/><sup><sub>0b76d993-ee52-43e0-8b39-3787d2ddabf1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
-|Global Schema Definition Not Being Used<br/><sup><sub>6d2e0790-cc3d-4c74-b973-d4e8b09f4455</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
-|Invalid Media Type Value (v2)<br/><sup><sub>f985a7d2-d404-4a7f-9814-f645f791e46e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Operation Summary Too Long<br/><sup><sub>d47940ca-5970-45cc-bdd1-4d81398cee1f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Schema with 'additionalProperties' set as Boolean<br/><sup><sub>3a01790c-ebee-4da6-8fd3-e78657383b75</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Unknown Prefix (v2)<br/><sup><sub>3b615f00-c443-4ba9-acc4-7c308716917d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
-|BasePath With Wrong Format<br/><sup><sub>b4803607-ed72-4d60-99e2-3fa6edf471c6</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schema">Documentation</a><br/>|
-|Body Parameter With Wrong Property<br/><sup><sub>c38d630d-a415-4e3e-bac2-65475979ba88</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Body Parameter Without Schema<br/><sup><sub>ed48229d-d43e-4da7-b453-5f98d964a57a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|File Parameter With Wrong Consumes Property<br/><sup><sub>7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Host With Invalid Pattern<br/><sup><sub>3d7d7b6c-fb0a-475e-8a28-c125e30d15f0</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
-|Multi 'collectionformat' Not Valid For 'in' Parameter<br/><sup><sub>750f6448-27c0-49f8-a153-b81735c1e19c</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Multiple Body Parameters In The Same Operation<br/><sup><sub>b90033cf-ad9f-4fb9-acd1-1b9d6d278c87</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Non Body Parameter Without Schema<br/><sup><sub>73c3bc54-3cc6-4c0a-b30a-e19f2abfc951</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Object Without Required Property (v2)<br/><sup><sub>5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
-|Operation Example Mismatch Produces MimeType<br/><sup><sub>2cf35b40-ded3-43d6-9633-c8dcc8bcc822</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#exampleObject">Documentation</a><br/>|
-|Operation Object Parameters With 'body' And 'formatData' locations<br/><sup><sub>eb3f9744-d24e-4614-b1ff-2a9514eca21c</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter File Type Not In 'formData'<br/><sup><sub>c3cab8c4-6c52-47a9-942b-c27f26fbd7d2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter JSON Reference Does Not Exists (v2)<br/><sup><sub>fb889ae9-2d16-40b5-b41f-9da716c5abc1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter Object With Incorrect Ref (v2)<br/><sup><sub>2596545e-1757-4ff7-a15a-8a9a180a42f3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameter-object">Documentation</a><br/>|
-|Property Not Unique<br/><sup><sub>750b40be-4bac-4f59-bdc4-1ca0e6c3450e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Response Object With Incorrect Ref (v2)<br/><sup><sub>bccfa089-89e4-47e0-a0e5-185fe6902220</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
-|Responses JSON Reference Does Not Exists (v2)<br/><sup><sub>e9db5fb4-6a84-4abb-b4af-3b94fbdace6d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
-|Schema JSON Reference Does Not Exists (v2)<br/><sup><sub>98295b32-ec09-4b5b-89a9-39853197f914</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
-|Schema Object Incorrect Ref (v2)<br/><sup><sub>0220e1c5-65d1-49dd-b7c2-cef6d6cb5283</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Unknown Property (v2)<br/><sup><sub>429b2106-ba37-43ba-9727-7f699cc611e1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
-|Cleartext Credentials With Basic Authentication For Operation<br/><sup><sub>86b1fa30-9790-4980-994d-a27e0f6f27c1</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
-|Field 'securityScheme' On Components Is Undefined<br/><sup><sub>8db5544e-4874-4baa-9322-e9f75a2d219e</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Global Security Scheme Using Basic Authentication<br/><sup><sub>77276d82-4f45-4cf1-8e2b-4d345b936228</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Invalid OAuth2 Authorization URL (v3)<br/><sup><sub>52c0d841-60d6-4a81-88dd-c35fef36d315</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|Invalid OAuth2 Token URL (v3)<br/><sup><sub>3ba0cca1-b815-47bf-ac62-1e584eb64a05</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|OAuth2 With Implicit Flow<br/><sup><sub>39cb32f2-3a42-4af0-8037-82a7a9654b6c</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
-|OAuth2 With Password Flow<br/><sup><sub>3979b0a4-532c-4ea7-86e4-34c090eaa4f2</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
-|Security Scheme HTTP Unknown Scheme<br/><sup><sub>06764426-3c56-407e-981f-caa25db1c149</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/06764426-3c56-407e-981f-caa25db1c149" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Global Server Object Uses HTTP<br/><sup><sub>2d8c175a-6d90-412b-8b0e-e034ea49a1fe</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Path Server Object Uses HTTP (v3)<br/><sup><sub>9670f240-7b4d-4955-bd93-edaa9fa38b58</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Media Type Object Without Schema<br/><sup><sub>f79b9d26-e945-44e7-98a1-b93f0f7a68a0</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Parameter Object Without Schema<br/><sup><sub>8fe1846f-52cc-4413-ace9-1933d7d23672</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Header Object Without Schema<br/><sup><sub>50de3b5b-6465-4e06-a9b0-b4c2ba34326b</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#header-object">Documentation</a><br/>|
-|API Key Exposed In Global Security Scheme<br/><sup><sub>40e1d1bf-11a9-4f63-a3a2-a8b84c602839</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using HTTP Basic<br/><sup><sub>68e5fcac-390c-4939-a373-6074b7be7c71</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using HTTP Digest<br/><sup><sub>a4247b11-890b-45df-bf42-350a7a3af9be</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using HTTP Negotiate<br/><sup><sub>f525cc92-9050-4c41-a75c-890dc6f64449</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using Oauth 1.0<br/><sup><sub>1bc3205c-0d60-44e6-84f3-44fbf4dac5b3</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Undefined Scope 'securityScheme' On 'security' Field On Operations<br/><sup><sub>462d6a1d-fed9-4d75-bb9e-3de902f35e6e</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|Undefined Scope 'securityScheme' On Global 'security' Field<br/><sup><sub>23a9e2d9-8738-4556-a71c-2802b6ffa022</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|Additional Properties Too Permissive<br/><sup><sub>9f88c88d-824d-4d9a-b985-e22977046042</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Additional Properties Too Restrictive<br/><sup><sub>a19c3bbd-c056-40d7-9e1c-eeb0634e320d</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Success Response Code Undefined for Trace Operation<br/><sup><sub>105e20dd-8449-4d71-95c6-d5dac96639af</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
-|Components Callback Definition Is Unused<br/><sup><sub>d15db953-a553-4b8a-9a14-a3d62ea3d79d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Example Definition Is Unused<br/><sup><sub>b05bb927-2df5-43cc-8d7b-6825c0e71625</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Header Definition Is Unused<br/><sup><sub>a68da022-e95a-4bc2-97d3-481e0bd6d446</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Link Definition Is Unused<br/><sup><sub>c19779a9-5774-4d2f-a3a1-a99831730375</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Parameter Definition Is Unused<br/><sup><sub>698a464e-bb3e-4ba8-ab5e-e6599b7644a0</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Request Body Definition Is Unused<br/><sup><sub>6b76f589-9713-44ab-97f5-59a3dba1a285</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Response Definition Is Unused<br/><sup><sub>9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Schema Definition Is Unused<br/><sup><sub>962fa01e-b791-4dcc-b04a-4a3e7389be5e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Encoding Header 'Content-Type' Improperly Defined<br/><sup><sub>4cd8de87-b595-48b6-ab3c-1904567135ab</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Invalid Media Type Value (v3)<br/><sup><sub>cf4a5f45-a27b-49df-843a-9911dbfe71d4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Property 'allowEmptyValue' Ignored<br/><sup><sub>59c2f769-7cc2-49c8-a3de-4e211135cfab</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Property 'allowReserved' of Encoding Object Ignored<br/><sup><sub>4190dda7-af03-4cf0-a128-70ac1661ca09</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
-|Property 'explode' of Encoding Object Ignored<br/><sup><sub>a4dd69b8-49fa-45d2-a060-c76655405b05</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
-|Property 'style' of Encoding Object Ignored<br/><sup><sub>d3ea644a-9a5c-4fee-941f-f8a6786c0470</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
-|Unknown Prefix (v3)<br/><sup><sub>a5375be3-521c-43bb-9eab-e2432e368ee4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Callback JSON Reference Does Not Exists<br/><sup><sub>f29904c8-6041-4bca-b043-dfa0546b8079</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Callback Object With Incorrect Ref<br/><sup><sub>ba066cda-e808-450d-92b6-f29109754d45</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ba066cda-e808-450d-92b6-f29109754d45" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#callback-object">Documentation</a><br/>|
-|Components Object Fixed Field Key Improperly Named<br/><sup><sub>151331e2-11f4-4bb6-bd35-9a005e695087</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Empty Array<br/><sup><sub>5915c20f-dffa-4cee-b5d4-f457ddc0151a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
-|Encoding Map Key Mismatch Schema Defined Properties<br/><sup><sub>cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Example JSON Reference Does Not Exists<br/><sup><sub>6a2c219f-da5e-4745-941e-5ea8cde23356</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Example JSON Reference Outside Components Examples<br/><sup><sub>bac56e3c-1f71-4a74-8ae6-2fba07efcddb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
-|Header JSON Reference Does Not Exists<br/><sup><sub>376c9390-7e9e-4cb8-a067-fd31c05451fd</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Header Object With Incorrect Ref<br/><sup><sub>2d6646f4-2946-420f-8c14-3232d49ae0cb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
-|Invalid Content Type For Multiple Files Upload<br/><sup><sub>26f06397-36d8-4ce7-b993-17711261d777</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/26f06397-36d8-4ce7-b993-17711261d777" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/describing-request-body/file-upload/">Documentation</a><br/>|
-|Link JSON Reference Does Not Exists<br/><sup><sub>801f0c6a-a834-4467-89c6-ddecffb46b5a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Link Object Incorrect Ref<br/><sup><sub>b9db8a10-020c-49ca-88c6-780e5fdb4328</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
-|Link Object OperationId Does Not Target Operation Object<br/><sup><sub>c5bb7461-aa57-470b-a714-3bc3d74f4669</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
-|Link Object With Both 'operationId' And 'operationRef'<br/><sup><sub>60fb6621-9f02-473b-9424-ba9a825747d3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
-|Object Without Required Property (v3)<br/><sup><sub>d172a060-8569-4412-8045-3560ebd477e8</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d172a060-8569-4412-8045-3560ebd477e8" target="_blank">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
-|Parameter JSON Reference Does Not Exists (v3)<br/><sup><sub>2e275f16-b627-4d3f-ae73-a6153a23ae8f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Parameter Object Content With Multiple Entries<br/><sup><sub>8bfed1c6-2d59-4924-bc7f-9b9d793ed0df</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Parameter Object With Incorrect Ref (v3)<br/><sup><sub>d40f27e6-15fb-4b56-90f8-fc0ff0291c51</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Parameter Object With Schema And Content<br/><sup><sub>31dd6fc0-f274-493b-9614-e063086c19fc</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Parameter Object With Undefined Type<br/><sup><sub>46facedc-f243-4108-ab33-583b807d50b0</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/46facedc-f243-4108-ab33-583b807d50b0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Property 'allowReserved' Improperly Defined<br/><sup><sub>7f203940-39c4-4ea7-91ee-7aba16bca9e2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Request Body JSON Reference Does Not Exists<br/><sup><sub>ca02f4e8-d3ae-4832-b7db-bb037516d9e7</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Request Body Object With Incorrect Media Type<br/><sup><sub>58f06434-a88c-4f74-826c-db7e10cc7def</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Request Body With Incorrect Ref<br/><sup><sub>0f6cd0ab-c366-4595-84fc-fbd8b9901e4d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#request-body-object">Documentation</a><br/>|
-|Response JSON Reference Does Not Exists (v3)<br/><sup><sub>7a01dfbd-da62-4165-aed7-71349ad42ab4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Response Object With Incorrect Ref (v3)<br/><sup><sub>b3871dd8-9333-4d6c-bd52-67eb898b71ab</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
-|Schema JSON Reference Does Not Exists (v3)<br/><sup><sub>015eac96-6313-43c0-84e5-81b1374fa637</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Schema Object Incorrect Ref (v3)<br/><sup><sub>4cac7ace-b0fb-477d-830d-65395d9109d9</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Schema With Both ReadOnly And WriteOnly<br/><sup><sub>d2361d58-361c-49f0-9e50-b957fd608b29</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Security Field Undefined<br/><sup><sub>ab1263c2-81df-46f0-9f2c-0b62fdb68419</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
-|Security Operation Field Undefined<br/><sup><sub>20a482d5-c5d9-4a7a-b7a4-60d0805047b4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
-|Security Requirement Object With Wrong Scopes<br/><sup><sub>37140f7f-724a-4c87-a536-e9cee1d61533</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
-|Server Object Variable Not Used<br/><sup><sub>8aee4754-970d-4c5f-8142-a49dfe388b1a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-variable-object">Documentation</a><br/>|
-|Server URL Not Absolute<br/><sup><sub>a0bf7382-5d5a-4224-924c-3db8466026c9</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Server URL Uses Undefined Variables<br/><sup><sub>8d0921d6-4131-461f-a253-99e873f8f77e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Servers Array Undefined<br/><sup><sub>c66ebeaa-676c-40dc-a3ff-3e49395dcd5e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Unknown Property (v3)<br/><sup><sub>fb7d81e7-4150-48c4-b914-92fc05da6a2f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
+|ECR Repository Is Publicly Accessible<br/><sup><sub>fb5a5df7-6d74-4243-ab82-ff779a958bfd</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html#parameter-policy">Documentation</a><br/>|
+|S3 Bucket Access to Any Principal<br/><sup><sub>3ab1f27d-52cc-4943-af1d-43c1939e739a</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#ansible-collections-amazon-aws-s3-bucket-module">Documentation</a><br/>|
+|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>6fa44721-ef21-41c6-8665-330d59461163</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>a0f1bfe0-741e-473f-b3b2-13e66f856fab</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|S3 Bucket With All Permissions<br/><sup><sub>6a6d7e56-c913-4549-b5c5-5221e624d2ec</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-policy">Documentation</a><br/>|
+|S3 Bucket With Public Access<br/><sup><sub>c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>c09e3ca5-f08a-4717-9c87-3919c5e6d209</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
+|DB Security Group With Public Scope<br/><sup><sub>0956aedf-6a7a-478b-ab56-63e2b19923ad</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|RDS Associated with Public Subnet<br/><sup><sub>16732649-4ff6-4cd2-8746-e72c13fae4b8</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-db_subnet_group_name">Documentation</a><br/>|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>af167837-9636-4086-b815-c239186b9dda</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_role_module.html#parameter-assume_role_policy_document">Documentation</a><br/>|
+|ECS Service Admin Role Is Present<br/><sup><sub>7db727c1-1720-468e-b80e-06697f71e09e</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html">Documentation</a><br/>|
+|IAM Policy Grants Full Permissions<br/><sup><sub>b5ed026d-a772-4f07-97f9-664ba0b116f8</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>a1ef9d2e-4163-40cb-bd92-04f0d602a15d</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>75480b31-f349-4b9a-861f-bce19588e674</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
+|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>53bce6a8-5492-4b1b-81cf-664385f0c4bf</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|S3 Bucket Allows List Action From All Principals<br/><sup><sub>d395a950-12ce-4314-a742-ac5a785ab44e</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|SNS Topic is Publicly Accessible<br/><sup><sub>905f4741-f965-45c1-98db-f7a00a0e5c73</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sns_topic_module.html">Documentation</a><br/>|
+|SQS Policy Allows All Actions<br/><sup><sub>ed9b3beb-92cf-44d9-a9d2-171eeba569d4</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
+|SQS Queue Exposed<br/><sup><sub>86b0efa7-4901-4edd-a37a-c034bec6645a</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#parameter-policy">Documentation</a><br/>|
+|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>7674a686-e4b1-4a95-83d4-1fd53c623d84</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_rule_module.html#parameter-source/identifier">Documentation</a><br/>|
+|DB Instance Storage Not Encrypted<br/><sup><sub>7dfb316c-a6c2-454d-b8a2-97f147b0c0ff</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
+|EBS Volume Encryption Disabled<br/><sup><sub>4b6012e7-7176-46e4-8108-e441785eae57</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_vol_module.html#parameter-encrypted">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>727c4fd4-d604-4df6-a179-7713d3c85e20</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-encrypt">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>2034fb37-bc23-4ca0-8d95-2b9f15829ab5</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
+|Kinesis Not Encrypted With KMS<br/><sup><sub>f2ea6481-1d31-4d40-946a-520dc6321dd7</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/kinesis_stream_module.html">Documentation</a><br/>|
+|Launch Configuration Is Not Encrypted<br/><sup><sub>66477506-6abb-49ed-803d-3fa174cd5f6a</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
+|Redis Not Compliant<br/><sup><sub>9f34885e-c08f-4d13-a7d1-cf190c5bd268</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_engine_version">Documentation</a><br/>|
+|Redshift Not Encrypted<br/><sup><sub>6a647814-def5-4b85-88f5-897c19f509cd</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
+|S3 Bucket Without Server-side-encryption<br/><sup><sub>594f54e7-f744-45ab-93e4-c6dbaf6cd571</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|User Data Contains Encoded Private Key<br/><sup><sub>c09f4d3e-27d2-4d46-9453-abbe9687a64e</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
+|Batch Job Definition With Privileged Container Properties<br/><sup><sub>defe5b18-978d-4722-9325-4d1975d3699f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_batch_job_definition_module.html">Documentation</a><br/>|
+|EC2 Group Has Public Interface<br/><sup><sub>5330b503-3319-44ff-9b1c-00ee873f728a</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|KMS Key With Vulnerable Policy<br/><sup><sub>5b9d237a-57d5-4177-be0e-71434b0fef47</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html">Documentation</a><br/>|
+|Redshift Publicly Accessible<br/><sup><sub>5c6b727b-1382-4629-8ba9-abd1365e5610</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html">Documentation</a><br/>|
+|Root Account Has Active Access Keys<br/><sup><sub>e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
+|DB Security Group Open To Large Scope<br/><sup><sub>ea0ed1c7-9aef-4464-b7c7-94c762da3640</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
+|Default Security Groups With Unrestricted Traffic<br/><sup><sub>8010e17a-00e9-4635-a692-90d6bcec68bd</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Public Port Wide<br/><sup><sub>71ea648a-d31a-4b5a-a589-5674243f1c33</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Remote Desktop Port Open To Internet<br/><sup><sub>eda7301d-1f3e-47cf-8d4e-976debc64341</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
+|Route53 Record Undefined<br/><sup><sub>445dce51-7e53-4e50-80ef-7f94f14169e4</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/route53_module.html#parameter-value">Documentation</a><br/>|
+|Security Group Ingress Not Restricted<br/><sup><sub>ea6bc7a6-d696-4dcf-a788-17fa03c17c81</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Unknown Port Exposed To Internet<br/><sup><sub>722b0f24-5a64-4cca-aa96-cfc26b7e3a5b</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Unrestricted Security Group Ingress<br/><sup><sub>83c5fa4c-e098-48fc-84ee-0a537287ddd2</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Hardcoded AWS Access Key<br/><sup><sub>c2f15af3-66a0-4176-a56e-e4711e502e5c</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_instance_module.html">Documentation</a><br/>|
+|Hardcoded AWS Access Key In Lambda<br/><sup><sub>f34508b9-f574-4330-b42d-88c44cced645</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
+|AMI Shared With Multiple Accounts<br/><sup><sub>a19b2942-142e-4e2b-93b7-6cf6a6c8d90f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
+|API Gateway Without Configured Authorizer<br/><sup><sub>b16cdb37-ce15-4ab2-8401-d42b05d123fc</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
+|Certificate Has Expired<br/><sup><sub>5a443297-19d4-4381-9e5b-24faf947ec22</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
+|EC2 Instance Using Default Security Group<br/><sup><sub>8d03993b-8384-419b-a681-d1f55149397c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-group">Documentation</a><br/>|
+|IAM Access Key Is Exposed<br/><sup><sub>7f79f858-fbe8-4186-8a2c-dfd0d958a40f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
+|IAM Group Without Users<br/><sup><sub>f509931b-bbb0-443c-bd9b-10e92ecf2193</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_group_module.html">Documentation</a><br/>|
+|IAM Policies Attached To User<br/><sup><sub>eafe4bc3-1042-4f88-b988-1939e64bf060</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_policy_module.html">Documentation</a><br/>|
+|IAM Policies With Full Privileges<br/><sup><sub>e401d614-8026-4f4b-9af9-75d1197461ba</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>12a7a7ce-39d6-49dd-923d-aeb4564eb66c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|IAM Role Allows All Principals To Assume<br/><sup><sub>babdedcf-d859-43da-9a7b-6d72e661a8fd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d972c56-8ec2-48c1-a578-887adb09c57a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
+|Public Lambda via API Gateway<br/><sup><sub>5e92d816-2177-4083-85b4-f61b4f7176d9</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.4/lambda_policy_module.html">Documentation</a><br/>|
+|SES Policy With Allowed IAM Actions<br/><sup><sub>8ed0bfce-f780-46d4-b086-21c3628f09ad</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_ses_identity_policy_module.html#parameter-policy">Documentation</a><br/>|
+|SQS Policy With Public Access<br/><sup><sub>d994585f-defb-4b51-b6d2-c70f020ceb10</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
+|Auto Scaling Group With No Associated ELB<br/><sup><sub>050f085f-a8db-4072-9010-2cca235cc02f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_asg_module.html#parameter-load_balancers">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>133fee21-37ef-45df-a563-4d07edc169f4</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enabled">Documentation</a><br/>|
+|RDS With Backup Disabled<br/><sup><sub>e69890e6-fce5-461d-98ad-cb98318dfc96</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-backup_retention_period">Documentation</a><br/>|
+|S3 Bucket Without Versioning<br/><sup><sub>9232306a-f839-40aa-b3ef-b352001da9a5</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-versioning">Documentation</a><br/>|
+|Stack Retention Disabled<br/><sup><sub>17d5ba1d-7667-4729-b1a6-b11fde3db7f7</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudformation_stack_set_module.html#parameter-purge_stacks">Documentation</a><br/>|
+|AMI Not Encrypted<br/><sup><sub>97707503-a22c-4cd7-b7c0-f088fa7cf830</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
+|CA Certificate Identifier Is Outdated<br/><sup><sub>5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-ca_certificate_identifier">Documentation</a><br/>|
+|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>a6d27cf7-61dc-4bde-ae08-3b353b609f76</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|CodeBuild Not Encrypted<br/><sup><sub>a1423864-2fbc-4f46-bfe1-fbbf125c71c9</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_codebuild_module.html">Documentation</a><br/>|
+|ELB Using Insecure Protocols<br/><sup><sub>730a5951-2760-407a-b032-dd629b55c23a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
+|IAM Database Auth Not Enabled<br/><sup><sub>0ed012a4-9199-43d2-b9e4-9bd049a48aa4</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
+|Secure Ciphers Disabled<br/><sup><sub>218413a0-c716-4b94-9e08-0bb70d854709</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>e1e7b278-2a8b-49bd-a26e-66a7f70b17eb</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#ansible-collections-community-aws-sqs-queue-module">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>b47b98ab-e481-4a82-8bb1-1ab39fd36e33</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.8/modules/aws_api_gateway_module.html">Documentation</a><br/>|
+|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>d5ec2080-340a-4259-b885-f833c4ea6a31</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>d0c13053-d2c8-44a6-95da-d592996e9e67</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html#parameter-viewer_certificate/minimum_protocol_version">Documentation</a><br/>|
+|ECR Image Tag Not Immutable<br/><sup><sub>60bfbb8a-c72f-467f-a6dd-a46b7d612789</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html">Documentation</a><br/>|
+|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>01aec7c2-3e4d-4274-ae47-2b8fea22fd1f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-network_mode">Documentation</a><br/>|
+|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>3505094c-f77c-4ba0-95da-f83db712f86c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_s3_cors_module.html#parameter-rules">Documentation</a><br/>|
+|Vulnerable Default SSL Certificate<br/><sup><sub>fb8f8929-afeb-4c46-99f0-a6cf410f7df4</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>f81d63d2-c5d7-43a4-a5b5-66717a41c895</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
+|API Gateway Endpoint Config is Not Private<br/><sup><sub>559439b2-3e9c-4739-ac46-17e3b24ec215</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
+|API Gateway without WAF<br/><sup><sub>f5f38943-664b-4acc-ab11-f292fa10ed0b</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/wafv2_resources_module.html#parameter-arn">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>22c80725-e390-4055-8d14-a872230f6607</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|EC2 Instance Has Public IP<br/><sup><sub>a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-assign_public_ip">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>d6c2d06f-43c1-488a-9ba1-8d75b40fc62d</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d')">Query details</a><br><a href="https://docs.ansible.com/ansible/devel/collections/community/aws/opensearch_module.html">Documentation</a><br/>|
+|HTTP Port Open To Internet<br/><sup><sub>a14ad534-acbe-4a8e-9404-2f7e1045646e</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
+|Security Group With Unrestricted Access To SSH<br/><sup><sub>57ced4b9-6ba4-487b-8843-b65562b90c77</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>7af1c447-c014-4f05-bd8b-ebe3a15734ac</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>72a931c2-12f5-40d1-93cc-47bff2f7aa2a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html#ansible-collections-community-aws-cloudwatchlogs-log-group-module">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>d31cb911-bf5b-4eb6-9fc3-16780c77c7bd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|CloudTrail Logging Disabled<br/><sup><sub>d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-enable_logging">Documentation</a><br/>|
+|S3 Bucket Logging Disabled<br/><sup><sub>c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-debug_botocore_endpoint_logs">Documentation</a><br/>|
+|No Stack Policy<br/><sup><sub>ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
+|Authentication Without MFA<br/><sup><sub>eee107f9-b3d8-45d3-b9c6-43b5a7263ce1</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Access Control|<a href="../ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_mfa_device_info_module.html">Documentation</a><br/>|
+|ECS Service Without Running Tasks<br/><sup><sub>f5c45127-1d28-4b49-a692-0b97da1c3a84</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Availability|<a href="../ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html#ansible-collections-community-aws-ecs-service-module">Documentation</a><br/>|
+|Automatic Minor Upgrades Disabled<br/><sup><sub>857f8808-e96a-4ba8-a9b7-f2d4ec6cad94</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
+|CDN Configuration Is Missing<br/><sup><sub>b25398a2-0625-4e61-8e4d-a1bb23905bf6</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
+|Lambda Permission Misconfigured<br/><sup><sub>3ddf3417-424d-420d-8275-0724dc426520</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
+|Misconfigured Password Policy Expiration<br/><sup><sub>3f2cf811-88fa-4eda-be45-7a191a18aba9</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
+|Password Without Reuse Prevention<br/><sup><sub>6f5f5444-1422-495f-81ef-24cefd61ed2c</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html#parameter-pw_reuse_prevent">Documentation</a><br/>|
+|EFS Without Tags<br/><sup><sub>b8a9852c-9943-4973-b8d5-77dae9352851</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html">Documentation</a><br/>|
+|Stack Without Template<br/><sup><sub>32d31f1f-0f83-4721-b7ec-1e6948c60145</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
+|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>f5587077-3f57-4370-9b4e-4eb5b1bac85b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>bd77554e-f138-40c5-91b2-2a09f878608e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-kms_key_id">Documentation</a><br/>|
+|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>e28ceb92-d588-4166-aac5-766c8f5b7472</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
+|Instance With No VPC<br/><sup><sub>61d1a2d0-4db8-405a-913d-5d2ce49dff6f</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html">Documentation</a><br/>|
+|Lambda Function Without Tags<br/><sup><sub>265d9725-2fb8-42a2-bc57-3279c5db82d5</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
+|EC2 Instance Using Default VPC<br/><sup><sub>8833f180-96f1-46f4-9147-849aafa56029</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-vpc_subnet_id">Documentation</a><br/>|
+|ElastiCache Using Default Port<br/><sup><sub>7cc6c791-5f68-4816-a564-b9b699f9d26e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_port">Documentation</a><br/>|
+|ElastiCache Without VPC<br/><sup><sub>5527dcfc-94f9-4bf6-b7d4-1b78850cf41f</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_subnet_group">Documentation</a><br/>|
+|RDS Using Default Port<br/><sup><sub>2cb674f6-32f9-40be-97f2-62c0dc38f0d5</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-port">Documentation</a><br/>|
+|Redshift Using Default Port<br/><sup><sub>e01de151-a7bd-4db4-b49b-3c4775a5e881</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html#parameter-port">Documentation</a><br/>|
+|API Gateway X-Ray Disabled<br/><sup><sub>2059155b-27fd-441e-b616-6966c468561f</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html#parameter-tracing_enabled">Documentation</a><br/>|
+|CloudTrail Log File Validation Disabled<br/><sup><sub>4d8681a2-3d30-4c89-8070-08acd142748e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|CloudTrail Multi Region Disabled<br/><sup><sub>6ad087d7-a509-4b20-b853-9ef6f5ebaa98</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-is_multi_region_trail">Documentation</a><br/>|
+|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>ebb2118a-03bc-4d53-ab43-d8750f5cb8d3</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|CloudTrail SNS Topic Name Undefined<br/><sup><sub>5ba316a9-c466-4ec1-8d5b-bc6107dc9a92</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|CMK Rotation Disabled<br/><sup><sub>af96d737-0818-4162-8c41-40d969bd65d1</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enable_key_rotation">Documentation</a><br/>|
+|Configuration Aggregator to All Regions Disabled<br/><sup><sub>a2fdf451-89dd-451e-af92-bf6c0f4bab96</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_aggregator_module.html#parameter-organization_source">Documentation</a><br/>|
+|Lambda Functions Without X-Ray Tracing<br/><sup><sub>71397b34-1d50-4ee1-97cb-c96c34676f74</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
+|Stack Notifications Disabled<br/><sup><sub>d39761d7-94ab-45b0-ab5e-27c44e381d58</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html#parameter-notification_arns">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>338b6cab-961d-4998-bb49-e5b6a11c9a5c</sub></sup>|Ansible|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-ebs_optimized">Documentation</a><br/>|
+|CloudWatch Without Retention Period Specified<br/><sup><sub>e24e18d9-4c2b-4649-b3d0-18c088145e24</sub></sup>|Ansible|<span style="color:#5bc0de">Info</span>|Observability|<a href="../ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html">Documentation</a><br/>|
+|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>e8c80448-31d8-4755-85fc-6dbab69c2717</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html#parameter-ip_range_filter">Documentation</a><br/>|
+|Redis Entirely Accessible<br/><sup><sub>0d0c12b9-edce-4510-9065-13f6a758750c</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
+|Redis Publicly Accessible<br/><sup><sub>0632d0db-9190-450a-8bb3-c283bffea445</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
+|SQLServer Ingress From Any IP<br/><sup><sub>f4e9ff70-0f3b-4c50-a713-26cbe7ec4039</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
+|Unrestricted SQL Server Access<br/><sup><sub>3f23c96c-f9f5-488d-9b17-605b8da5842f</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
+|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>ca4df748-613a-4fbf-9c76-f02cbd580307</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-public_network_access">Documentation</a><br/>|
+|Public Storage Account<br/><sup><sub>35e2f133-a395-40de-a79d-b260d973d1bd</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls">Documentation</a><br/>|
+|Storage Container Is Publicly Accessible<br/><sup><sub>4d3817db-dd35-4de4-a80d-3867157e7f7f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageblob_module.html#parameter-public_access">Documentation</a><br/>|
+|Azure Container Registry With No Locks<br/><sup><sub>581dae78-307d-45d5-aae4-fe2b0db267a5</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_lock_module.html">Documentation</a><br/>|
+|Security Group is Not Configured<br/><sup><sub>da4f2739-174f-4cdd-b9ef-dc3f14b5931f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_subnet_module.html">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_securitygroup_module.html#parameter-rules">Documentation</a><br/>|
+|Admin User Enabled For Container Registry<br/><sup><sub>29f35127-98e6-43af-8ec1-201b79f99604</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_containerregistry_module.html">Documentation</a><br/>|
+|AKS RBAC Disabled<br/><sup><sub>149fa56c-4404-4f90-9e25-d34b676d5b39</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
+|Role Definition Allows Custom Role Creation<br/><sup><sub>5c80db8e-03f5-43a2-b4af-1f3f87018157</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_roledefinition_module.html#parameter-permissions/actions">Documentation</a><br/>|
+|Key Vault Soft Delete Is Disabled<br/><sup><sub>881696a8-68c5-4073-85bc-7c38a3deb854</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_keyvault_module.html#parameter-enable_soft_delete">Documentation</a><br/>|
+|Azure Instance Using Basic Authentication<br/><sup><sub>e2d834b7-8b25-4935-af53-4a60668dcbe0</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-linux_config/disable_password_authentication">Documentation</a><br/>|
+|MySQL SSL Connection Disabled<br/><sup><sub>2a901825-0f3b-4655-a0fe-e0470e50f8e6</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_mysqlserver_module.html">Documentation</a><br/>|
+|SSL Enforce Disabled<br/><sup><sub>961ce567-a16d-4d7d-9027-f0ec2628a555</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlserver_module.html#parameter-enforce_ssl">Documentation</a><br/>|
+|Storage Account Not Forcing HTTPS<br/><sup><sub>2c99a474-2a3c-4c17-8294-53ffa5ed0522</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-https_only">Documentation</a><br/>|
+|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>c62746cf-92d5-4649-9acf-7d48d086f2ee</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-minimum_tls_version">Documentation</a><br/>|
+|AD Admin Not Configured For SQL Server<br/><sup><sub>b176e927-bbe2-44a6-a9c3-041417137e5f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html#parameter-ad_user">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>869e7fb4-30f0-4bdb-b360-ad548f337f2f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscache_module.html">Documentation</a><br/>|
+|VM Not Attached To Network<br/><sup><sub>1e5f5307-3e01-438d-8da6-985307ed25ce</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-network_interface_names">Documentation</a><br/>|
+|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>eb8c2560-8bee-4248-9d0d-e80c8641dd91</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_webapp_module.html#parameter-https_only">Documentation</a><br/>|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>69f72007-502e-457b-bd2d-5012e31ac049</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html">Documentation</a><br/>|
+|Trusted Microsoft Services Not Enabled<br/><sup><sub>1bc398a8-d274-47de-a4c8-6ac867b353de</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls/bypass">Documentation</a><br/>|
+|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_appgateway_module.html">Documentation</a><br/>|
+|AKS Monitoring Logging Disabled<br/><sup><sub>d5e83b32-56dd-4247-8c2e-074f43b38a5e</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
+|Log Retention Is Not Set<br/><sup><sub>0461b4fd-21ef-4687-929e-484ee4796785</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|Monitoring Log Profile Without All Activities<br/><sup><sub>89f84a1e-75f8-47c5-83b5-bee8e2de4168</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
+|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>7ab33ac0-e4a3-418f-a673-50da4e34df21</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Log Connections Not Set<br/><sup><sub>7b47138f-ec0e-47dc-8516-e7728fe3cc17</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Log Disconnections Not Set<br/><sup><sub>054d07b5-941b-4c28-8eef-18989dc62323</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Log Duration Not Set<br/><sup><sub>729ebb15-8060-40f7-9017-cb72676a5487</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Server Without Connection Throttling<br/><sup><sub>a9becca7-892a-4af7-b9e1-44bf20a4cd9a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|SQL Server Predictable Active Directory Account Name<br/><sup><sub>530e8291-2f22-4bab-b7ea-306f1bc2a308</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_adserviceprincipal_module.html">Documentation</a><br/>|
+|SQL Server Predictable Admin Account Name<br/><sup><sub>663062e9-473d-4e87-99bc-6f3684b3df40</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html">Documentation</a><br/>|
+|Cosmos DB Account Without Tags<br/><sup><sub>23a4dc83-4959-4d99-8056-8e051a82bc1e</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html">Documentation</a><br/>|
+|AKS Network Policy Misconfigured<br/><sup><sub>8c3bedf1-c570-4c3b-b414-d068cd39a00c</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html#parameter-network_profile/network_policy">Documentation</a><br/>|
+|Small Activity Log Retention Period<br/><sup><sub>37fafbea-dedb-4e0d-852e-d16ee0589326</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
+|Allow Unsafe Lookups Enabled<br/><sup><sub>86b97bb4-85c9-462d-8635-cbc057c5c8c5</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5" onclick="newWindowOpenerSafe(event, '../ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/config.html#default-allow-unsafe-lookups">Documentation</a><br/>|
+|Privilege Escalation Using Become Plugin<br/><sup><sub>404908b6-4954-4611-98f0-e8ceacdabcb1</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1" onclick="newWindowOpenerSafe(event, '../ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/become.html">Documentation</a><br/>|
+|Communication over HTTP<br/><sup><sub>d7dc9350-74bc-485b-8c85-fed22d276c43</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43" onclick="newWindowOpenerSafe(event, '../ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/httpapi.html">Documentation</a><br/>|
+|Logging of Sensitive Data<br/><sup><sub>c6473dae-8477-4119-88b7-b909b435ce7b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b" onclick="newWindowOpenerSafe(event, '../ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/logging.html#protecting-sensitive-data-with-no-log">Documentation</a><br/>|
+|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>086031e1-9d4a-4249-acb3-5bfe4c363db2</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html">Documentation</a><br/>|
+|SQL DB Instance Publicly Accessible<br/><sup><sub>7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b</sub></sup>|Ansible|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html">Documentation</a><br/>|
+|BigQuery Dataset Is Public<br/><sup><sub>2263b286-2fe9-4747-a0ae-8b4768a2bbd2</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_bigquery_dataset_module.html#parameter-access/special_group">Documentation</a><br/>|
+|SQL DB Instance With SSL Disabled<br/><sup><sub>d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/ip_configuration/require_ssl">Documentation</a><br/>|
+|Client Certificate Disabled<br/><sup><sub>20180133-a0d0-4745-bfe0-94049fbb12a9</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Cloud SQL Instance With Contained Database Authentication On<br/><sup><sub>6d34aff3-fdd2-460c-8190-756a3b4969e8</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Cloud SQL Instance With Cross DB Ownership Chaining On<br/><sup><sub>9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|GKE Legacy Authorization Enabled<br/><sup><sub>300a9964-b086-41f7-9378-b6de3ba1c32b</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|MySQL Instance With Local Infile On<br/><sup><sub>a7b520bb-2509-4fb0-be05-bc38f54c7a4c</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|RDP Access Is Not Restricted<br/><sup><sub>75418eb9-39ec-465f-913c-6f2b6a80dc77</sub></sup>|Ansible|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
+|VM With Full Cloud Access<br/><sup><sub>bc20bbc6-0697-4568-9a73-85af1dd97bdd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-service_accounts/scopes">Documentation</a><br/>|
+|SQL DB Instance Backup Disabled<br/><sup><sub>0c82eae2-aca0-401f-93e4-fb37a0f9e5e8</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/backup_configuration/enabled">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>092bae86-6105-4802-99d2-99cd7e7431f3</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_disk_module.html">Documentation</a><br/>|
+|DNSSEC Using RSASHA1<br/><sup><sub>6cf4c3a7-ceb0-4475-8892-3745b84be24a</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/defaultKeySpecs/algorithm">Documentation</a><br/>|
+|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>b28bcd2f-c309-490e-ab7c-35fc4023eb26</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_ssl_policy_module.html">Documentation</a><br/>|
+|Cloud DNS Without DNSSEC<br/><sup><sub>80b15fb1-6207-40f4-a803-6915ae619a03</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/state">Documentation</a><br/>|
+|Cluster Master Authentication Disabled<br/><sup><sub>9df7f78f-ebe3-432e-ac3b-b67189c15518</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|GKE Basic Authentication Enabled<br/><sup><sub>344bf8ab-9308-462b-a6b2-697432e40ba1</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>d58c6f24-3763-4269-9f5b-86b2569a003b</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html">Documentation</a><br/>|
+|IP Aliasing Disabled<br/><sup><sub>ed672a9f-fbf0-44d8-a47d-779501b0db05</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Network Policy Disabled<br/><sup><sub>98e04ca0-34f5-4c74-8fec-d2e611ce2790</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|OSLogin Is Disabled In VM Instance<br/><sup><sub>66dae697-507b-4aef-be18-eec5bd707f33</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Private Cluster Disabled<br/><sup><sub>3b30e3d6-c99b-4318-b38f-b99db74578b5</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Shielded VM Disabled<br/><sup><sub>18d3a83d-4414-49dc-90ea-f0387b2856cc</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Using Default Service Account<br/><sup><sub>2775e169-e708-42a9-9305-b58aadd2c4dd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|GKE Using Default Service Account<br/><sup><sub>dc126833-125a-40fb-905a-ce5f2afde240</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-node_config/service_account">Documentation</a><br/>|
+|Compute Instance Is Publicly Accessible<br/><sup><sub>829f1c60-2bab-44c6-8a21-5cd9d39a2c82</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-network_interfaces/access_configs">Documentation</a><br/>|
+|GKE Master Authorized Networks Disabled<br/><sup><sub>d43366c5-80b0-45de-bbe8-2338f4ab0a83</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-master_authorized_networks_config/enabled">Documentation</a><br/>|
+|Google Compute Network Using Default Firewall Rule<br/><sup><sub>29b8224a-60e9-4011-8ac2-7916a659841f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-name">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>3602d273-3290-47b2-80fa-720162b1a8af</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
+|IP Forwarding Enabled<br/><sup><sub>11bd3554-cd56-4257-8e25-7aaf30cf8f5f</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Serial Ports Are Enabled For VM Instances<br/><sup><sub>c6fc6f29-dc04-46b6-99ba-683c01aff350</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|SSH Access Is Not Restricted<br/><sup><sub>b2fbf1df-76dd-4d78-a6c0-e538f4a9b016</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>507df964-ad97-4035-ab14-94a82eabdfdd</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-logging">Documentation</a><br/>|
+|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>7814ddda-e758-4a56-8be3-289a81ded929</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-versioning">Documentation</a><br/>|
+|PostgreSQL Log Connections Disabled<br/><sup><sub>d7a5616f-0a3f-4d43-bc2b-29d1a183e317</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|PostgreSQL log_checkpoints Flag Not Set To ON<br/><sup><sub>89afe3f0-4681-4ce3-89ed-896cebd4277c</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Stackdriver Logging Disabled<br/><sup><sub>19c9e2a0-fc33-4264-bba1-e3682661e8f7</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Stackdriver Monitoring Disabled<br/><sup><sub>20dcd953-a8b8-4892-9026-9afa6d05a525</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Node Auto Upgrade Disabled<br/><sup><sub>d6e10477-2e19-4bcd-b8a8-19c65b89ccdf</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-management/auto_upgrade">Documentation</a><br/>|
+|High Google KMS Crypto Key Rotation Period<br/><sup><sub>f9b7086b-deb8-4034-9330-d7fd38f1b8de</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_kms_crypto_key_module.html">Documentation</a><br/>|
+|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>099b4411-d11e-4537-a0fc-146b19762a79</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Cluster Labels Disabled<br/><sup><sub>fbe9b2d0-a2b7-47a1-a534-03775f3013f7</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|COS Node Image Not Used<br/><sup><sub>be41f891-96b1-4b9d-b74f-b922a918c778</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-config/image_type">Documentation</a><br/>|
+|PostgreSQL Misconfigured Logging Duration Flag<br/><sup><sub>aed98a2a-e680-497a-8886-277cea0f4514</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>7289eebd-a477-4064-8ad4-3c044bd70b00</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
+|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>6a4080ae-79bd-42f6-a924-8f534c1c018b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_subnetwork_module.html#parameter-private_ip_google_access">Documentation</a><br/>|
+|PostgreSQL Logging Of Temporary Files Disabled<br/><sup><sub>d6fae5b6-ada9-46c0-8b36-3108a2a2f77b</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|PostgreSQL Misconfigured Log Messages Flag<br/><sup><sub>28a757fc-3d8f-424a-90c0-4233363b2711</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Ansible Tower Exposed To Internet<br/><sup><sub>1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc" onclick="newWindowOpenerSafe(event, '../ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc')">Query details</a><br><a href="https://docs.ansible.com/ansible-tower/latest/html/administration/security_best_practices.html#understand-the-architecture-of-ansible-and-tower">Documentation</a><br/>|
+|Privilege Escalation Using Become Plugin<br/><sup><sub>0e75052f-cc02-41b8-ac39-a78017527e95</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95" onclick="newWindowOpenerSafe(event, '../ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/partial-become/#problematic-code">Documentation</a><br/>|
+|Communication Over HTTP<br/><sup><sub>2e8d4922-8362-4606-8c14-aa10466a1ce3</sub></sup>|Ansible|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3" onclick="newWindowOpenerSafe(event, '../ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/ansible/builtin/uri_module.html#parameter-url">Documentation</a><br/>|
+|Insecure Relative Path Resolution<br/><sup><sub>8d22ae91-6ac1-459f-95be-d37bd373f244</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244" onclick="newWindowOpenerSafe(event, '../ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-relative-paths/">Documentation</a><br/>|
+|Logging of Sensitive Data<br/><sup><sub>59029ddf-e651-412b-ae7b-ff6d403184bc</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc" onclick="newWindowOpenerSafe(event, '../ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-log-password/">Documentation</a><br/>|
+|Unpinned Package Version<br/><sup><sub>c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8</sub></sup>|Ansible|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8" onclick="newWindowOpenerSafe(event, '../ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/package-latest/">Documentation</a><br/>|
+|Risky File Permissions<br/><sup><sub>88841d5c-d22d-4b7e-a6a0-89ca50e44b9f</sub></sup>|Ansible|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f" onclick="newWindowOpenerSafe(event, '../ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/risky-file-permissions/">Documentation</a><br/>|
+|SQL Database Server Firewall Allows All IPS<br/><sup><sub>6a3201a5-1630-494b-b294-3129d06b0eca</sub></sup>|AzureResourceManager|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2014-04-01/servers/firewallrules?tabs=json">Documentation</a><br/>|
+|AKS Cluster RBAC Disabled<br/><sup><sub>9307a2ed-35c2-413d-94de-a1a0682c2158</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json">Documentation</a><br/>|
+|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>d855ced8-6157-448f-9f1d-f05a41d046f7</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7')">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts">Documentation</a><br/>|
+|Role Definitions Allow Custom Subscription Role Creation<br/><sup><sub>8fa9ceea-881f-4ef0-b0b8-728f589699a7</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.authorization/roledefinitions?tabs=json#permission-object">Documentation</a><br/>|
+|Key Vault Not Recoverable<br/><sup><sub>7c25f361-7c66-44bf-9b69-022acd5eb4bd</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Backup|<a href="../azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/2019-09-01/vaults?tabs=json#vaultproperties-object">Documentation</a><br/>|
+|Azure Managed Disk Without Encryption<br/><sup><sub>350f3955-b5be-436f-afaa-3d2be2fa6cdd</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Encryption|<a href="../azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/disks?tabs=json#encryptionsettingscollection-object">Documentation</a><br/>|
+|Network Security Group With Unrestricted Access To RDP<br/><sup><sub>59cb3da7-f206-4ae6-b827-7abf0a9cab9d</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2020-07-01/networksecuritygroups?tabs=json#securityrulepropertiesformat-object">Documentation</a><br/>|
+|Storage Blob Service Container With Public Access<br/><sup><sub>a0ab985d-660b-41f7-ac81-70957ee8e627</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts/blobservices/containers?tabs=json#containerproperties-object">Documentation</a><br/>|
+|Hardcoded SecureString Parameter Default Value<br/><sup><sub>4d2cf896-c053-4be5-9c95-8b4771112f29</sub></sup>|AzureResourceManager|<span style="color:#bb2124">High</span>|Secret Management|<a href="../azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-test-cases#secure-parameters-cant-have-hardcoded-default">Documentation</a><br/>|
+|App Service Authentication Is Not Set<br/><sup><sub>83130a07-235b-4a80-918b-a370e53f0bd9</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites/config-web?tabs=json">Documentation</a><br/>|
+|Azure Instance Using Basic Authentication<br/><sup><sub>6797f581-0433-4768-ae3e-7ceb2f8b138e</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/virtualmachines?tabs=json#linuxconfiguration-object">Documentation</a><br/>|
+|Secret Without Expiration Date<br/><sup><sub>cff9c3f7-e8f0-455f-9fb4-5f72326da96e</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults/secrets?tabs=json#SecretAttributes">Documentation</a><br/>|
+|SQL Server Database With Alerts Disabled<br/><sup><sub>574e8d82-1db2-4b9c-b526-e320ede9a9ff</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
+|Storage Account Allows Unsecure Transfer<br/><sup><sub>1367dd13-2c90-4020-80b7-e4339a3dc2c4</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
+|Web App Not Using TLS Last Version<br/><sup><sub>b5c851d5-00f1-43dc-a8de-3218fd6f71be</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteconfig-object">Documentation</a><br/>|
+|AKS Cluster Network Policy Not Configured<br/><sup><sub>25c0228e-4444-459b-a2df-93c7df40b7ed</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#containerservicenetworkprofile-object">Documentation</a><br/>|
+|Website Not Forcing HTTPS<br/><sup><sub>488847ff-6031-487c-bf42-98fd6ac5c9a0</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
+|MySQL Server SSL Enforcement Disabled<br/><sup><sub>90120147-f2e7-4fda-bb21-6fa9109afd63</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbformysql/servers?tabs=json#serverpropertiesforcreate-object">Documentation</a><br/>|
+|Network Security Group With Unrestricted Access To SSH<br/><sup><sub>2ade1579-4b2c-4590-bebb-f99bf597f612</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612')">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.network/networksecuritygroups?pivots=deployment-language-bicep#securityrulepropertiesformat">Documentation</a><br/>|
+|PostgreSQL Database Server Log Checkpoints Disabled<br/><sup><sub>f9112910-c7bb-4864-9f5e-2059ba413bb7</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers/configurations?tabs=json">Documentation</a><br/>|
+|PostgreSQL Database Server Log Connections Disabled<br/><sup><sub>e69bda39-e1e2-47ca-b9ee-b6531b23aedd</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json#configurationproperties-object">Documentation</a><br/>|
+|PostgreSQL Database Server SSL Disabled<br/><sup><sub>bf500309-da53-4dd3-bcf7-95f7974545a5</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers?tabs=json">Documentation</a><br/>|
+|PostgresSQL Database Server Connection Throttling Disabled<br/><sup><sub>a6d774b6-d9ea-4bf4-8433-217bf15d2fb8</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json">Documentation</a><br/>|
+|Trusted Microsoft Services Not Enabled<br/><sup><sub>e25b56cd-a4d6-498f-ab92-e6296a082097</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#networkruleset">Documentation</a><br/>|
+|Website with Client Certificate Auth Disabled<br/><sup><sub>92302b47-b0cc-46cb-a28f-5610ecda140b</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
+|AKS Logging To Azure Monitoring Is Disabled<br/><sup><sub>9b09dee1-f09b-4013-91d2-158fa4695f4b</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
+|SQL Server Database Without Auditing<br/><sup><sub>e055285c-bc01-48b4-8aa5-8a54acdd29df</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings">Documentation</a><br/>|
+|Storage Logging For Read Write And Delete Requests Disabled<br/><sup><sub>43f6e60c-9cdb-4e77-864d-a66595d26518</sub></sup>|AzureResourceManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518')">Query details</a><br><a href="https://docs.microsoft.com/pt-pt/azure/azure-monitor/essentials/resource-manager-diagnostic-settings#diagnostic-setting-for-azure-storage">Documentation</a><br/>|
+|Website Azure Active Directory Disabled<br/><sup><sub>e9c133e5-c2dd-4b7b-8fff-40f2de367b56</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Access Control|<a href="../azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites?tabs=json#ManagedServiceIdentity">Documentation</a><br/>|
+|Phone Number Not Set For Security Contacts<br/><sup><sub>3e9fcc67-1f64-405f-b2f9-0a6be17598f0</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts?tabs=json">Documentation</a><br/>|
+|AKS Dashboard Is Enabled<br/><sup><sub>c62d3b92-9a11-4ffd-b7b7-6faaae83faed</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
+|AKS With Authorized IP Ranges Disabled<br/><sup><sub>2583fab1-953b-4fae-bd02-4a136a6c21f9</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusterapiserveraccessprofile-object">Documentation</a><br/>|
+|Storage Account Allows Default Network Access<br/><sup><sub>9073f073-5d60-4b46-b569-0d6baa80ed95</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
+|Website with 'Http20Enabled' Disabled<br/><sup><sub>70111098-7f85-48f0-b1b4-e4261cf5f61b</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
+|Log Profile Incorrect Category<br/><sup><sub>4d522e7b-f938-4d51-a3b1-974ada528bd3</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#logprofileproperties-object">Documentation</a><br/>|
+|SQL Server Database With Unrecommended Retention Days<br/><sup><sub>c09cdac2-7670-458a-bf6c-efad6880973a</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings?tabs=json">Documentation</a><br/>|
+|Unrecommended Log Profile Retention Policy<br/><sup><sub>25684eac-daaa-4c2c-94b4-8d2dbb627909</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#retentionpolicy-object">Documentation</a><br/>|
+|Unrecommended Network Watcher Flow Log Retention Policy<br/><sup><sub>564b70f8-41cd-4690-aff8-bb53add86bc9</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2019-11-01/networkwatchers/flowlogs?tabs=json#retentionpolicyparameters-object">Documentation</a><br/>|
+|Standard Price Is Not Selected<br/><sup><sub>2081c7d6-2851-4cce-bda5-cb49d462da42</sub></sup>|AzureResourceManager|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/pricings?tabs=json#pricingproperties-object">Documentation</a><br/>|
+|Account Admins Not Notified By Email<br/><sup><sub>a8852cc0-fd4b-4fc7-9372-1e43fad0732e</sub></sup>|AzureResourceManager|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2017-03-01-preview/servers/securityalertpolicies?tabs=json">Documentation</a><br/>|
+|SQL Alert Policy Without Emails<br/><sup><sub>89b79fe5-49bd-4d39-84ce-55f5fc6f7764</sub></sup>|AzureResourceManager|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
+|Email Notifications Disabled<br/><sup><sub>79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92</sub></sup>|AzureResourceManager|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts">Documentation</a><br/>|
+|Run Using apt<br/><sup><sub>a1bc27c6-7115-48d8-bf9d-5a7e836845ba</sub></sup>|Buildah|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba" onclick="newWindowOpenerSafe(event, '../buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba')">Query details</a><br><a href="https://github.com/containers/buildah/blob/main/docs/buildah-run.1.md">Documentation</a><br/>|
+|Script Block Injection<br/><sup><sub>62ff6823-927a-427f-acf9-f1ea2932d616</sub></sup>|CICD|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616" onclick="newWindowOpenerSafe(event, '../cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616')">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
+|Run Block Injection<br/><sup><sub>20f14e1a-a899-4e79-9f09-b6a84cd4649b</sub></sup>|CICD|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b" onclick="newWindowOpenerSafe(event, '../cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b')">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
+|Unsecured Commands<br/><sup><sub>60fd272d-15f4-4d8f-afe4-77d9c6cc0453</sub></sup>|CICD|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453" onclick="newWindowOpenerSafe(event, '../cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453')">Query details</a><br><a href="https://0xn3va.gitbook.io/cheat-sheets/ci-cd/github/actions#misuse-of-the-events-related-to-incoming-prs">Documentation</a><br/>|
+|Unpinned Actions Full Length Commit SHA<br/><sup><sub>555ab8f9-2001-455e-a077-f2d0f41e2fb9</sub></sup>|CICD|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9" onclick="newWindowOpenerSafe(event, '../cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9')">Query details</a><br><a href="https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions">Documentation</a><br/>|
+|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>5864fb39-d719-4182-80e2-89dbe627be63</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-replicationinstance.html">Documentation</a><br/>|
+|ECR Repository Is Publicly Accessible<br/><sup><sub>75be209d-1948-41f6-a8c8-e22dd0121134</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
+|S3 Bucket Access to Any Principal<br/><sup><sub>7772bb8c-c0f3-42d4-8e4e-f1b8939ad085</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>07dda8de-d90d-469e-9b37-1aca53526ced</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>acc78859-765e-4011-a229-a65ea57db252</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>f6397a20-4cf1-4540-a997-1d363c25ef58</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket With All Permissions<br/><sup><sub>4ae8af91-5108-42cb-9471-3bdbe596eac9</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|SNS Topic is Publicly Accessible<br/><sup><sub>ae53ce91-42b5-46bf-a84f-9a13366a4f13</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-policy.html">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>de38e1d5-54cb-4111-a868-6f7722695007</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|DB Security Group With Public Scope<br/><sup><sub>9564406d-e761-4e61-b8d7-5926e3ab8e79</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|RDS Associated with Public Subnet<br/><sup><sub>4e88adee-a8eb-4605-a78d-9fb1096e3091</sub></sup>|CloudFormation|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsubnetgroupname">Documentation</a><br/>|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
+|ECS Service Admin Role Is Present<br/><sup><sub>01986452-bdd8-4aaa-b5df-d6bf61d616ff</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|IAM Policy Grants Full Permissions<br/><sup><sub>f62aa827-4ade-4dc4-89e4-1433d384a368</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|Lambda Functions With Full Privileges<br/><sup><sub>a0ae0a4e-712b-4115-8112-51b9eeed9d69</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
+|MSK Broker Is Publicly Accessible<br/><sup><sub>0ce1ba20-8ba8-4364-836f-40c24b8cb0ab</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-publicaccess.html">Documentation</a><br/>|
+|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>a3aa0087-8228-4e7e-b202-dc9036972d02</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html#cfn-neptune-dbcluster-iamauthenabled">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>219f4c95-aa50-44e0-97de-cf71f4641170</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>835d5497-a526-4aea-a23f-98a9afd1635f</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>f97b7d23-568f-4bcc-9ac9-02df0d57fbba</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows List Action From All Principals<br/><sup><sub>faa8fddf-c0aa-4b2d-84ff-e993e233ebe9</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Public Policy<br/><sup><sub>860ba89b-b8de-4e72-af54-d6aee4138a69</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|S3 Bucket Allows Restore Actions From All Principals<br/><sup><sub>456b00a3-1072-4149-9740-6b8bb60251b0</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|AmazonMQ Broker Encryption Disabled<br/><sup><sub>316278b3-87ac-444c-8f8f-a733a28da60f</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-encryptionoptions">Documentation</a><br/>|
+|API Gateway Cache Encrypted Disabled<br/><sup><sub>37cca703-b74c-48ba-ac81-595b53398e9b</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html">Documentation</a><br/>|
+|CMK Unencrypted Storage<br/><sup><sub>ffee2785-c347-451e-89f3-11aeb08e5c84</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>1b6322d9-c755-4f8c-b804-32c19250f2d9</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configrule.html#cfn-config-configrule-source">Documentation</a><br/>|
+|DynamoDB Table Not Encrypted<br/><sup><sub>4bd21e68-38c1-4d58-acdc-6a14b203237f</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
+|DynamoDB With Aws Owned CMK<br/><sup><sub>c8dee387-a2e6-4a73-a942-183c975549ac</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
+|EBS Volume Encryption Disabled<br/><sup><sub>80b7ac3f-d2b7-4577-9b10-df7913497162</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
+|ECS Cluster Not Encrypted At Rest<br/><sup><sub>6c131358-c54d-419b-9dd6-1f7dd41d180c</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>2ff8e83c-90e1-4d68-a300-6d652112e622</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
+|ElastiCache With Disabled at Rest Encryption<br/><sup><sub>e4ee3903-9225-4b6a-bdfb-e62dbadef821</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-atrestencryptionenabled">Documentation</a><br/>|
+|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>d926aa95-0a04-4abc-b20c-acf54afe38a1</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
+|ElasticSearch Not Encrypted At Rest<br/><sup><sub>86a248ab-0e01-4564-a82a-878303e253bb</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>809f77f8-d10e-4842-a84f-3be7b6ff1190</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|Kinesis SSE Not Configured<br/><sup><sub>7f65be75-90ab-4036-8c2a-410aef7bb650</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesis-stream.html">Documentation</a><br/>|
+|MSK Cluster Encryption Disabled<br/><sup><sub>a976d63f-af0e-46e8-b714-8c1a9c4bf768</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
+|Neptune Database Cluster Encryption Disabled<br/><sup><sub>bf4473f1-c8a2-4b1b-8134-bd32efabab93</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html">Documentation</a><br/>|
+|RDS Storage Encryption Disabled<br/><sup><sub>65844ba3-03a1-40a8-b3dd-919f122e8c95</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-storageencrypted">Documentation</a><br/>|
+|RDS Storage Not Encrypted<br/><sup><sub>5beacce3-4020-4a3d-9e1d-a36f953df630</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|Redshift Not Encrypted<br/><sup><sub>3b316b05-564c-44a7-9c3f-405bb95e211e</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
+|S3 Bucket Without Server-side-encryption<br/><sup><sub>b2e8752c-3497-4255-98d2-e4ae5b46bbf5</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonS3/latest/user-guide/default-bucket-encryption.html">Documentation</a><br/>|
+|SageMaker Data Encryption Disabled<br/><sup><sub>709e6da6-fa1f-44cc-8f17-7f25f96dadbe</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-notebookinstance.html">Documentation</a><br/>|
+|User Data Contains Encoded Private Key<br/><sup><sub>568cc372-ca64-420d-9015-ee347d00d288</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html">Documentation</a><br/>|
+|Workspace Without Encryption<br/><sup><sub>89827c57-5a8a-49eb-9731-976a606d70db</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspaces-workspace.html">Documentation</a><br/>|
+|Batch Job Definition With Privileged Container Properties<br/><sup><sub>76ddf32c-85b1-4808-8935-7eef8030ab36</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-batch-jobdefinition.html">Documentation</a><br/>|
+|KMS Key With Vulnerable Policy<br/><sup><sub>da905474-7454-43c0-b8d2-5756ab951aba</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keypolicy">Documentation</a><br/>|
+|Lambda Functions Without Unique IAM Roles<br/><sup><sub>ae03f542-1423-402f-9cef-c834e7ee9583</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
+|MQ Broker Is Publicly Accessible<br/><sup><sub>68b6a789-82f8-4cfd-85de-e95332fe6a61</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-publiclyaccessible">Documentation</a><br/>|
+|Root Account Has Active Access Keys<br/><sup><sub>4c137350-7307-4803-8c04-17c09a7a9fcf</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
+|S3 Static Website Host Enabled<br/><sup><sub>90501b1b-cded-4cc1-9e8b-206b85cda317</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration.html">Documentation</a><br/>|
+|Permissive Web ACL Default Action<br/><sup><sub>6d64f311-3da6-45f3-80f1-14db9771ea40</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-waf-webacl.html">Documentation</a><br/>|
+|DB Security Group Open To Large Scope<br/><sup><sub>0104165b-02d5-426f-abc9-91fb48189899</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|Default Security Groups With Unrestricted Traffic<br/><sup><sub>ea33fcf7-394b-4d11-a228-985c5d08f205</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|EC2 Sensitive Port Is Publicly Exposed<br/><sup><sub>494b03d3-bf40-4464-8524-7c56ad0700ed</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|ELB Sensitive Port Is Exposed To Entire Network<br/><sup><sub>78055456-f670-4d2e-94d5-392d1cf4f5e4</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|Fully Open Ingress<br/><sup><sub>e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group">Documentation</a><br/>|
+|Remote Desktop Port Open To Internet<br/><sup><sub>c9846969-d066-431f-9b34-8c4abafe422a</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Route53 Record Undefined<br/><sup><sub>24d932e1-91f0-46ea-836f-fdbd81694151</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html">Documentation</a><br/>|
+|Security Group Unrestricted Access To RDP<br/><sup><sub>3ae83918-7ec7-4cb8-80db-b91ef0f94002</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Security Groups With Exposed Admin Ports<br/><sup><sub>cdbb0467-2957-4a77-9992-7b55b29df7b7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Security Groups With Meta IP<br/><sup><sub>adcd0082-e90b-4b63-862b-21899f6e6a48</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Unknown Port Exposed To Internet<br/><sup><sub>829ce3b8-065c-41a3-ad57-e0accfea82d2</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Unrestricted Security Group Ingress<br/><sup><sub>4a1e6b34-1008-4e61-a5f2-1f7c276f8d14</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|Amplify App Access Token Exposed<br/><sup><sub>73980e43-f399-4fcc-a373-658228f7adf7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.html">Documentation</a><br/>|
+|Amplify App Basic Auth Config Password Exposed<br/><sup><sub>71493c8b-3014-404c-9802-078b74496fb7</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
+|Amplify App OAuth Token Exposed<br/><sup><sub>03b38885-8f4e-480c-a0e4-12c1affd15db</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
+|Amplify Branch Basic Auth Config Password Exposed<br/><sup><sub>dfb56e5d-ee68-446e-b32a-657b62befe69</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-branch.html#cfn-amplify-branch-basicauthconfig">Documentation</a><br/>|
+|Directory Service Microsoft AD Password Set to Plaintext or Default Ref<br/><sup><sub>06b9f52a-8cd5-459b-bdc6-21a22521e1be</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-microsoftad.html">Documentation</a><br/>|
+|Directory Service Simple AD Password Exposed<br/><sup><sub>6685d912-d81f-4cfa-95ad-e316ea31c989</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-simplead.html">Documentation</a><br/>|
+|DMS Endpoint MongoDB Settings Password Exposed<br/><sup><sub>f988a17f-1139-46a3-8928-f27eafd8b024</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-mongodbsettings.html">Documentation</a><br/>|
+|DMS Endpoint Password Exposed<br/><sup><sub>5f700072-b7ce-4e84-b3f3-497bf1c24a4d</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-endpoint.html">Documentation</a><br/>|
+|DocDB Cluster Master Password In Plaintext<br/><sup><sub>39423ce4-9011-46cd-b6b1-009edcd9385d</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html">Documentation</a><br/>|
+|Hardcoded AWS Access Key In Lambda<br/><sup><sub>2564172f-c92b-4261-9acd-464aed511696</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-environment">Documentation</a><br/>|
+|IAM User LoginProfile Password Is In Plaintext<br/><sup><sub>06adef8c-c284-4de7-aad2-af43b07a8ca1</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html">Documentation</a><br/>|
+|RefreshToken Is Exposed<br/><sup><sub>5b48c507-0d1f-41b0-a630-76817c6b4189</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
+|API Gateway Method Does Not Contains An API Key<br/><sup><sub>3641d5b4-d339-4bc2-bfb9-208fe8d3477f</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
+|API Gateway Without Configured Authorizer<br/><sup><sub>7fd0d461-5b8c-4815-898c-f2b4b117eb28</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-authorizer.html">Documentation</a><br/>|
+|EC2 Instance Has No IAM Role<br/><sup><sub>f914357d-8386-4d56-9ba6-456e5723f9a6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html">Documentation</a><br/>|
+|EC2 Instance Using Default Security Group<br/><sup><sub>08b81bb3-0985-4023-8602-b606ad81d279</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-securitygroups">Documentation</a><br/>|
+|EC2 Network ACL Ineffective Denied Traffic<br/><sup><sub>2623d682-dccb-44cd-99d0-54d9fd62f8f2</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
+|Elasticsearch Without IAM Authentication<br/><sup><sub>5c666ed9-b586-49ab-9873-c495a833b705</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-accesspolicies">Documentation</a><br/>|
+|Empty Roles For ECS Cluster Task Definitions<br/><sup><sub>7f384a5f-b5a2-4d84-8ca3-ee0a5247becb</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|IAM Group Inline Policies<br/><sup><sub>a58d1a2d-4078-4b80-855b-84cc3f7f4540</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
+|IAM Group Without Users<br/><sup><sub>8f957abd-9703-413d-87d3-c578950a753c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
+|IAM Policies Attached To User<br/><sup><sub>edc95c10-7366-4f30-9b4b-f995c84eceb5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html">Documentation</a><br/>|
+|IAM Policies With Full Privileges<br/><sup><sub>953b3cdb-ce13-428a-aa12-318726506661</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>e835bd0d-65da-49f7-b6d1-b646da8727e6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|IAM Policy On User<br/><sup><sub>e4239438-e639-44aa-adb8-866e400e3ade</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|IAM Role Allows All Principals To Assume<br/><sup><sub>f80e3aa7-7b34-4185-954e-440a6894dde6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
+|IoT Policy Allows Action as Wildcard<br/><sup><sub>4d32780f-43a4-424a-a06d-943c543576a5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
+|IoT Policy Allows Wildcard Resource<br/><sup><sub>be5b230d-4371-4a28-a441-85dc760e2aa3</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
+|KMS Allows Wildcard Principal<br/><sup><sub>f6049677-ec4a-43af-8779-5190b6d03cba</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
+|Public Lambda via API Gateway<br/><sup><sub>57b12981-3816-4c31-b190-a1e614361dd2</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
+|S3 Bucket Allows Public ACL<br/><sup><sub>48f100d9-f499-4c6d-b2b8-deafe47ffb26</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>818f38ed-8446-4132-9c03-474d49e10195</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-sns-policy">Documentation</a><br/>|
+|SQS Policy With Public Access<br/><sup><sub>9b6a3f5b-5fd6-40ee-9bc0-ed604911212d</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html">Documentation</a><br/>|
+|Auto Scaling Group With No Associated ELB<br/><sup><sub>ad21e616-5026-4b9d-990d-5b007bfe679c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>2844c749-bd78-4cd1-90e8-b179df827602</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>cfdef2e5-1fe4-4ef4-bea8-c56e08963150</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html">Documentation</a><br/>|
+|RDS Multi-AZ Deployment Disabled<br/><sup><sub>2b1d4935-9acf-48a7-8466-10d18bf51a69</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|RDS With Backup Disabled<br/><sup><sub>8c415f6f-7b90-4a27-a44a-51047e1506f9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|S3 Bucket Without Versioning<br/><sup><sub>a227ec01-f97a-4084-91a4-47b350c1db54</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|Stack Retention Disabled<br/><sup><sub>fe974ae9-858e-4991-bbd5-e040a834679f</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-autodeployment.html#cfn-cloudformation-stackset-autodeployment-retainstacksonaccountremoval">Documentation</a><br/>|
+|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>0f04217d-488f-4e7a-bec8-f16159686cd6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html">Documentation</a><br/>|
+|ECS No Load Balancer Attached<br/><sup><sub>fb2b0ecf-1492-491a-a70d-ba1df579175d</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|IAM Managed Policy Applied to a User<br/><sup><sub>0e5872b4-19a0-4165-8b2f-56d9e14b909f</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-groups">Documentation</a><br/>|
+|IAM User Without Password Reset<br/><sup><sub>a964d6e3-8e1e-4d93-8120-61fa640dd55a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html">Documentation</a><br/>|
+|Alexa Skill Plaintext Client Secret Exposed<br/><sup><sub>3c3b7a58-b018-4d07-9444-d9ee7156e111</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
+|CloudFormation Specifying Credentials Not Safe<br/><sup><sub>9ecb6b21-18bc-4aa7-bd07-db20f1c746db</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-authentication.html">Documentation</a><br/>|
+|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>31733ee2-fef0-4e87-9778-65da22a8ecf1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|CodeBuild Not Encrypted<br/><sup><sub>d7467bb6-3ed1-4c82-8095-5e7a818d0aad</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html">Documentation</a><br/>|
+|Connection Between CloudFront Origin Not Encrypted<br/><sup><sub>a5366a50-932f-4085-896b-41402714a388</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|Default KMS Key Usage<br/><sup><sub>e52395b4-250b-4c60-81d5-2e58c1d37abc</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|EFS Volume With Disabled Transit Encryption<br/><sup><sub>c1282e03-b285-4637-aee7-eefe3a7bb658</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html">Documentation</a><br/>|
+|ElastiCache With Disabled Transit Encryption<br/><sup><sub>3b02569b-fc6f-4153-b3a3-ba91022fed68</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html">Documentation</a><br/>|
+|ELB Using Insecure Protocols<br/><sup><sub>61a94903-3cd3-4780-88ec-fc918819b9c8</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|ELB Without Secure Protocol<br/><sup><sub>80908a75-586b-4c61-ab04-490f4f4525b8</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|EMR Security Configuration Encryption Disabled<br/><sup><sub>5b033ec8-f079-4323-b5c8-99d4620433a9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html">Documentation</a><br/>|
+|IAM Database Auth Not Enabled<br/><sup><sub>9fcd0a0a-9b6f-4670-a215-d94e6bf3f184</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableiamdatabaseauthentication">Documentation</a><br/>|
+|KMS Key Rotation Disabled<br/><sup><sub>235ca980-eb71-48f4-9030-df0c371029eb</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|Redshift Cluster Without KMS CMK<br/><sup><sub>de76a0d6-66d5-45c9-9022-f05545b85c78</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
+|S3 Bucket Without SSL In Write Actions<br/><sup><sub>38c64e76-c71e-4d92-a337-60174d1de1c9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|SageMaker EndPoint Config Should Specify KmsKeyId Attribute<br/><sup><sub>44034eda-1c3f-486a-831d-e09a7dd94354</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html">Documentation</a><br/>|
+|Secure Ciphers Disabled<br/><sup><sub>be96849c-3df6-49c2-bc16-778a7be2519c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-viewercertificate.html">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>12726829-93ed-4d51-9cbe-13423f4299e1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html#aws-sqs-queue-kmsmasterkeyid">Documentation</a><br/>|
+|API Gateway With Open Access<br/><sup><sub>1056dfbb-5802-4762-bf2b-8b9b9684b1b0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
+|API Gateway Without Security Policy<br/><sup><sub>8275fab0-68ec-4705-bbf4-86975edb170e</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-securitypolicy">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>ed4c48b8-eccc-4881-95c1-09fdae23db25</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>dc17ee4b-ddf2-4e23-96e8-7a36abad1303</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|ECR Image Tag Not Immutable<br/><sup><sub>33f41d31-86b1-46a4-81f7-9c9a671f59ac</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
+|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>027a4b7a-8a59-4938-a04f-ed532512cf45</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-networkmode">Documentation</a><br/>|
+|EMR Cluster Without Security Configuration<br/><sup><sub>48af92a5-c89b-4936-bc62-1086fe2bab23</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticmapreduce-cluster.html#cfn-elasticmapreduce-cluster-securityconfiguration">Documentation</a><br/>|
+|GitHub Repository Set To Public<br/><sup><sub>5906092d-5f74-490d-9a03-78febe0f65e1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codestar-githubrepository.html">Documentation</a><br/>|
+|IAM User Has Too Many Access Keys<br/><sup><sub>48677914-6fdf-40ec-80c4-2b0e94079f54</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
+|Redshift Publicly Accessible<br/><sup><sub>bdf8dcb4-75df-4370-92c4-606e4ae6c4d3</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
+|S3 Bucket With Unsecured CORS Rule<br/><sup><sub>3609d27c-3698-483a-9402-13af6ae80583</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html">Documentation</a><br/>|
+|S3 Bucket Without Ignore Public ACL<br/><sup><sub>6c8d51af-218d-4bfb-94a9-94eabaa0703a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>350cd468-0e2c-44ef-9d22-cfb73a62523c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|SageMaker Enabling Internet Access<br/><sup><sub>88d55d94-315d-4564-beee-d2d725feab11</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11')">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
+|Vulnerable Default SSL Certificate<br/><sup><sub>b4d9c12b-bfba-4aeb-9cb8-2358546d8041</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|ALB Is Not Integrated With WAF<br/><sup><sub>105ba098-1e34-48cd-b0f2-a8a43a51bf9b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>275a3217-ca37-40c1-a6cf-bb57d245ab32</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html#cfn-ec2-elb-listener-protocol">Documentation</a><br/>|
+|API Gateway Endpoint Config is Not Private<br/><sup><sub>4a8daf95-709d-4a36-9132-d3e19878fa34</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-endpointconfiguration.html#cfn-apigateway-restapi-endpointconfiguration-types">Documentation</a><br/>|
+|API Gateway without WAF<br/><sup><sub>fcbf9019-566c-4832-a65c-af00d8137d2b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webaclassociation.html#cfn-wafv2-webaclassociation-resourcearn">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>0f139403-303f-467c-96bd-e717e6cfd62d</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-webaclid">Documentation</a><br/>|
+|EC2 Instance Subnet Has Public IP Mapping On Launch<br/><sup><sub>b3de4e4c-14be-4159-b99d-9ad194365e4c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html#cfn-ec2-subnet-mappubliciponlaunch">Documentation</a><br/>|
+|EC2 Network ACL Overlapping Ports<br/><sup><sub>77b6f1e2-bde4-4a6a-ae7e-a40659ff1576</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-portrange.html">Documentation</a><br/>|
+|EC2 Permissive Network ACL Protocols<br/><sup><sub>03879981-efa2-47a0-a818-c843e1441b88</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
+|EC2 Public Instance Exposed Through Subnet<br/><sup><sub>c44c95fc-ae92-4bb8-bdf8-bb9bc412004a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route.html">Documentation</a><br/>|
+|EKS node group remote access<br/><sup><sub>73d59e76-a12c-4b74-a3d8-d3e1e19c25b3</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-nodegroup.html">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>4cdc88e6-c0c8-4081-a639-bb3a557cbedf</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticsearch-domain-domainendpointoptions.html">Documentation</a><br/>|
+|ELB With Security Group Without Inbound Rules<br/><sup><sub>e200a6f3-c589-49ec-9143-7421d4a2c845</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupingress">Documentation</a><br/>|
+|ELB With Security Group Without Outbound Rules<br/><sup><sub>01d5a458-a6c4-452a-ac50-054d59275b7c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupegress">Documentation</a><br/>|
+|GameLift Fleet EC2 InboundPermissions With Port Range<br/><sup><sub>43356255-495d-4148-ad8d-f6af5eac09dd</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-fleet.html">Documentation</a><br/>|
+|HTTP Port Open To Internet<br/><sup><sub>ddfc4eaa-af23-409f-b96c-bf5c45dc4daa</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|SageMaker Notebook Not Placed In VPC<br/><sup><sub>9c7028d9-04c2-45be-b8b2-1188ccaefb36</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36')">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
+|Security Group Egress CIDR Open To World<br/><sup><sub>1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
+|Security Group Egress With All Protocols<br/><sup><sub>ee464fc2-54a6-4e22-b10a-c6dcd2474d0c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
+|Security Group Egress With Port Range<br/><sup><sub>dae9c373-8287-462f-8746-6f93dad93610</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
+|Security Group Ingress With All Protocols<br/><sup><sub>1a427b25-2e9e-4298-9530-0499a55e736b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|Security Group Ingress With Port Range<br/><sup><sub>87482183-a8e7-4e42-a566-7a23ec231c16</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|Security Group With Unrestricted Access To SSH<br/><sup><sub>6e856af2-62d7-4ba2-adc1-73b62cef9cc1</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Security Groups Allows Unrestricted Outbound Traffic<br/><sup><sub>66f2d8f9-a911-4ced-ae27-34f09690bb2c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|TCP UDP Protocol Network ACL Entry Allows All Ports<br/><sup><sub>f57f849c-883b-4cb7-85e7-f7b199dff163</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-portrange">Documentation</a><br/>|
+|VPC Without Network Firewall<br/><sup><sub>3e293410-d5b8-411f-85fd-7d26294f20c9</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-vpcid">Documentation</a><br/>|
+|API Gateway Deployment Without Access Log Setting<br/><sup><sub>06ec63e3-9f72-4fe2-a218-2eb9200b8db5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
+|API Gateway V2 Stage Access Logging Settings Not Defined<br/><sup><sub>80d45af4-4920-4236-a56e-b7ef419d1941</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>de77cd9f-0e8b-46cc-b4a4-b6b436838642</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/logging-and-monitoring.html">Documentation</a><br/>|
+|CloudTrail Logging Disabled<br/><sup><sub>5c0b06d5-b7a4-484c-aeb0-75a836269ff0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-islogging">Documentation</a><br/>|
+|CloudWatch Logging Disabled<br/><sup><sub>0f0fb06b-0f2f-4374-8588-f2c7c348c7a0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-queryloggingconfig">Documentation</a><br/>|
+|CloudWatch Metrics Disabled<br/><sup><sub>5d3c1807-acb3-4bb0-be4e-0440230feeaf</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-alarm.html">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>1bf3b3d4-f373-4d7c-afbb-7d85948a67a5</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-enablecloudwatchlogsexports">Documentation</a><br/>|
+|EC2 Instance Monitoring Disabled<br/><sup><sub>0264093f-6791-4475-af34-4b8102dcbcd0</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-monitoring">Documentation</a><br/>|
+|Elasticsearch Logs Disabled<br/><sup><sub>edbd62d4-8700-41de-b000-b3cfebb5e996</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
+|ELB Access Log Disabled<br/><sup><sub>ee12ad32-2863-4c0f-b13f-28272d115028</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-accessloggingpolicy.html">Documentation</a><br/>|
+|ELBv2 ALB Access Log Disabled<br/><sup><sub>c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattributes.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattributes-key">Documentation</a><br/>|
+|GuardDuty Detector Disabled<br/><sup><sub>a25cd877-375c-4121-a640-730929936fac</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html">Documentation</a><br/>|
+|MQ Broker Logging Disabled<br/><sup><sub>e519ed6a-8328-4b69-8eb7-8fa549ac3050</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-logs">Documentation</a><br/>|
+|MSK Cluster Logging Disabled<br/><sup><sub>fc7c2c15-f5d0-4b80-adb2-c89019f8f62b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
+|Redshift Cluster Logging Disabled<br/><sup><sub>3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-loggingproperties">Documentation</a><br/>|
+|S3 Bucket CloudTrail Logging Disabled<br/><sup><sub>c3ce69fd-e3df-49c6-be78-1db3f802261c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
+|S3 Bucket Logging Disabled<br/><sup><sub>4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
+|VPC FlowLogs Disabled<br/><sup><sub>f6d299d2-21eb-41cc-b1e1-fe12d857500b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html">Documentation</a><br/>|
+|High Access Key Rotation Period<br/><sup><sub>800fa019-49dd-421b-9042-7331fdd83fa2</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2')">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/config/latest/developerguide/access-keys-rotated.html">Documentation</a><br/>|
+|IAM User With No Group<br/><sup><sub>06933df4-0ea7-461c-b9b5-104d27390e0e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
+|Support Has No Role Associated<br/><sup><sub>d71b5fd7-9020-4b2d-9ec8-b3839faa2744</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|EBS Volume Not Attached To Instances<br/><sup><sub>1819ac03-542b-4026-976b-f37addd59f3b</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volumeattachment.html">Documentation</a><br/>|
+|ECS Service Without Running Tasks<br/><sup><sub>79d745f0-d5f3-46db-9504-bef73e9fd528</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-deploymentconfiguration">Documentation</a><br/>|
+|VPC Attached With Too Many Gateways<br/><sup><sub>97e94d17-e2c7-4109-a53b-6536ac1bb64e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html">Documentation</a><br/>|
+|Low RDS Backup Retention Period<br/><sup><sub>e649a218-d099-4550-86a4-1231e1fcb60d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html">Documentation</a><br/>|
+|RDS DB Instance With Deletion Protection Disabled<br/><sup><sub>2c161e58-cb52-454f-abea-6470c37b5e6e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-deletionprotection">Documentation</a><br/>|
+|Automatic Minor Upgrades Disabled<br/><sup><sub>f0104061-8bfc-4b45-8a7d-630eb502f281</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|CDN Configuration Is Missing<br/><sup><sub>e4f54ff4-d352-40e8-a096-5141073c37a2</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html">Documentation</a><br/>|
+|Cognito UserPool Without MFA<br/><sup><sub>74a18d1a-cf02-4a31-8791-ed0967ad7fdc</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html">Documentation</a><br/>|
+|Geo Restriction Disabled<br/><sup><sub>7f8843f0-9ea5-42b4-a02b-753055113195</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html">Documentation</a><br/>|
+|IAM Access Analyzer Not Enabled<br/><sup><sub>8d29754a-2a18-460d-a1ba-9509f8d359da</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da')">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>b1b20ae3-8fa7-4af5-a74d-a2145920fcb1</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user">Documentation</a><br/>|
+|IAM Policies Without Groups<br/><sup><sub>5e7acff5-095b-40ac-9073-ac2e4ad8a512</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
+|Lambda Permission Misconfigured<br/><sup><sub>9b83114b-b2a1-4534-990d-06da015e47aa</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa')">Query details</a><br><a href="https://docs.aws.amazon.com/pt_br/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
+|Security Group Ingress Has CIDR Not Recommended<br/><sup><sub>a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|DynamoDB With Not Recommented Table Billing Mode<br/><sup><sub>c333e906-8d8b-4275-b999-78b6318f8dc6</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-attributedef">Documentation</a><br/>|
+|EFS Without Tags<br/><sup><sub>08e39832-5e42-4304-98a0-aa5b43393162</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
+|API Gateway With Invalid Compression<br/><sup><sub>d6653eee-2d4d-4e6a-976f-6794a497999a</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html">Documentation</a><br/>|
+|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>050a9ba8-d1cb-4c61-a5e8-8805a70d3b85</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-kmskeyid">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>6d087495-2a42-4735-abf7-02ef5660a7e6</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
+|API Gateway Cache Cluster Disabled<br/><sup><sub>52790cad-d60d-41d5-8483-146f9f21208d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclusterenabled">Documentation</a><br/>|
+|Inline Policies Are Attached To ECS Service<br/><sup><sub>9e8c89b3-7997-4d15-93e4-7911b9db99fd</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|Instance With No VPC<br/><sup><sub>8a6d36cd-0bc6-42b7-92c4-67acc8576861</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html">Documentation</a><br/>|
+|Lambda Function Without Dead Letter Queue<br/><sup><sub>c2eae442-d3ba-4cb1-84ca-1db4f80eae3d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-deadletterconfig">Documentation</a><br/>|
+|Lambda Function Without Tags<br/><sup><sub>8df8e857-bd59-44fa-9f4c-d77594b95b46</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
+|Wildcard In ACM Certificate Domain Name<br/><sup><sub>cc8b294f-006f-4f8f-b5bb-0a9140c33131</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131')">Query details</a><br><a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html">Documentation</a><br/>|
+|RouterTable with Default Routing<br/><sup><sub>4f0908b9-eb66-433f-9145-134274e1e944</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route-table.html">Documentation</a><br/>|
+|S3 Bucket Should Have Bucket Policy<br/><sup><sub>37fa8188-738b-42c8-bf82-6334ea567738</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|EC2 Instance Using Default VPC<br/><sup><sub>e42a3ef0-5325-4667-84bf-075ba1c9d58e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-subnetid">Documentation</a><br/>|
+|ElastiCache Using Default Port<br/><sup><sub>323db967-c68e-44e6-916c-a777f95af34b</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-port">Documentation</a><br/>|
+|ElastiCache Without VPC<br/><sup><sub>ba766c53-fe71-4bbb-be35-b6803f2ef13e</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html#cfn-elasticache-cachecluster-cachesubnetgroupname">Documentation</a><br/>|
+|EMR Without VPC<br/><sup><sub>bf89373a-be40-4c04-99f5-746742dfd7f3</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-jobflowinstancesconfig.html#cfn-elasticmapreduce-cluster-jobflowinstancesconfig-ec2subnetid">Documentation</a><br/>|
+|RDS Using Default Port<br/><sup><sub>1fe9d958-ddce-4228-a124-05265a959a8b</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port">Documentation</a><br/>|
+|Redshift Using Default Port<br/><sup><sub>a478af30-8c3a-404d-aa64-0b673cee509a</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-port">Documentation</a><br/>|
+|Security Groups Without VPC Attached<br/><sup><sub>493d9591-6249-47bf-8dc0-5c10161cc558</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Shield Advanced Not In Use<br/><sup><sub>ad7444cf-817a-4765-a79e-2145f7981faf</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html">Documentation</a><br/>|
+|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>783860a3-6dca-4c8b-81d0-7b62769ccbca</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
+|API Gateway X-Ray Disabled<br/><sup><sub>4ab10c48-bedb-4deb-8f3b-ff12783b61de</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tracingenabled">Documentation</a><br/>|
+|CloudTrail Log File Validation Disabled<br/><sup><sub>2a3560fe-52ca-4443-b34f-bf0ed5eb74c8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-enablelogfilevalidation">Documentation</a><br/>|
+|CloudTrail Multi Region Disabled<br/><sup><sub>058ac855-989f-4378-ba4d-52d004020da7</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-ismultiregiontrail">Documentation</a><br/>|
+|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>65d07da5-9af5-44df-8983-52d2e6f24c44</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html">Documentation</a><br/>|
+|CloudTrail SNS Topic Name Undefined<br/><sup><sub>3e09413f-471e-40f3-8626-990c79ae63f3</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-snstopicname">Documentation</a><br/>|
+|CMK Rotation Disabled<br/><sup><sub>1c07bfaf-663c-4f6f-b22b-8e2d481e4df5</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|Configuration Aggregator to All Regions Disabled<br/><sup><sub>9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configurationaggregator.html">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>ab759fde-e1e8-4b0e-ad73-ba856e490ed8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-cluster.html#cfn-ecs-cluster-clustersettings">Documentation</a><br/>|
+|ECS Task Definition HealthCheck Missing<br/><sup><sub>d24389b4-b209-4ff0-8345-dc7a4569dcdd</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html">Documentation</a><br/>|
+|ElasticSearch Without Slow Logs<br/><sup><sub>086ea2eb-14a6-4fd4-914b-38e0bc8703e8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
+|Lambda Functions Without X-Ray Tracing<br/><sup><sub>9488c451-074e-4cd3-aee3-7db6104f542c</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-tracingconfig.html">Documentation</a><br/>|
+|Stack Notifications Disabled<br/><sup><sub>837e033c-4717-40bd-807e-6abaa30161b7</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html">Documentation</a><br/>|
+|Unscanned ECR Image<br/><sup><sub>9025b2b3-e554-4842-ba87-db7aeec36d35</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagescanningconfiguration">Documentation</a><br/>|
+|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>7f8f1b60-43df-4c28-aa21-fb836dbd8071</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
+|ECS Task Definition Invalid CPU or Memory<br/><sup><sub>f4c9b5f5-68b8-491f-9e48-4f96644a1d51</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html">Documentation</a><br/>|
+|SDB Domain Declared As A Resource<br/><sup><sub>6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-simpledb.html">Documentation</a><br/>|
+|VPC Without Attached Subnet<br/><sup><sub>3b3b4411-ad1f-40e7-b257-a78a6bb9673a</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html">Documentation</a><br/>|
+|EBS Volume Without KmsKeyId<br/><sup><sub>b7063015-6c31-4658-a8e7-14f98f37fd42</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
+|Secrets Manager Should Specify KmsKeyId<br/><sup><sub>c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html">Documentation</a><br/>|
+|SNS Topic Without KmsMasterKeyId<br/><sup><sub>9d13b150-a2ab-42a1-b6f4-142e41f81e52</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>8dd0ff1f-0da4-48df-9bb3-7f338ae36a40</sub></sup>|CloudFormation|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-ebsoptimized">Documentation</a><br/>|
+|Security Group Rule Without Description<br/><sup><sub>5e6c9c68-8a82-408e-8749-ddad78cbb9c5</sub></sup>|CloudFormation|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|EC2 Network ACL Duplicate Rule<br/><sup><sub>045ddb54-cfc5-4abb-9e05-e427b2bc96fe</sub></sup>|CloudFormation|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-rulenumber">Documentation</a><br/>|
+|BOM - AWS Cassandra<br/><sup><sub>124b173b-e06d-48a6-8acd-f889443d97a4</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS DynamoDB<br/><sup><sub>4e67c0ae-38a0-47f4-a50c-f0c9b75826df</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EBS<br/><sup><sub>0b0556ea-9cd9-476f-862e-20679dda752b</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EFS<br/><sup><sub>ef05a925-8568-4054-8ff1-f5ba82631c16</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Elasticache<br/><sup><sub>c689f51b-9203-43b3-9d8b-caed123f706c</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Kinesis<br/><sup><sub>d53323be-dde6-4457-9a43-42df737e71d2</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MQ<br/><sup><sub>209189f3-c879-48a7-9703-fbcfa96d0cef</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MSK<br/><sup><sub>2730c169-51d7-4ae7-99b5-584379eff1bb</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS RDS<br/><sup><sub>6ef03ff6-a2bd-483c-851f-631f248bc0ea</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS S3 Buckets<br/><sup><sub>b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SNS<br/><sup><sub>42e7dca3-8cce-4325-8df0-108888259136</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SQS<br/><sup><sub>59a849c2-1127-4023-85a5-ef906dcd458c</sub></sup>|CloudFormation|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|Serverless Function Without Unique IAM Role<br/><sup><sub>4ba74f01-aba5-4be2-83bc-be79ff1a3b92</sub></sup>|CloudFormation|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-role">Documentation</a><br/>|
+|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>a7f8ac28-eed1-483d-87c8-4c325f022572</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-kmskeyarn">Documentation</a><br/>|
+|Serverless API Endpoint Config Not Private<br/><sup><sub>6b5b0313-771b-4319-ad7a-122ee78700ef</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-endpointconfiguration">Documentation</a><br/>|
+|Serverless API Access Logging Setting Undefined<br/><sup><sub>0a994e04-c6dc-471d-817e-d37451d18a3b</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-stage-accesslogsetting.html">Documentation</a><br/>|
+|Serverless API X-Ray Tracing Disabled<br/><sup><sub>c757c6a3-ac87-4b9d-b28d-e5a5add6a315</sub></sup>|CloudFormation|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-tracingenabled">Documentation</a><br/>|
+|Serverless API Without Content Encoding<br/><sup><sub>a2f2800e-614b-4bc8-89e6-fec8afd24800</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-minimumcompressionsize">Documentation</a><br/>|
+|Serverless API Cache Cluster Disabled<br/><sup><sub>60a05ede-0a68-4d0d-a58f-f538cf55ff79</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-cacheclusterenabled">Documentation</a><br/>|
+|Serverless Function Without Dead Letter Queue<br/><sup><sub>cb2f612b-ed42-4ff5-9fb9-255c73d39a18</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-deadletterqueue">Documentation</a><br/>|
+|Serverless Function Without Tags<br/><sup><sub>a71ecabe-03b6-456a-b3bc-d1a39aa20c98</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tags">Documentation</a><br/>|
+|Serverless Function Without X-Ray Tracing<br/><sup><sub>dc1ab429-1481-4540-9b1d-280e3f15f1f8</sub></sup>|CloudFormation|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tracing">Documentation</a><br/>|
+|Passwords And Secrets<br/><sup><sub>a88baa34-e2ad-44ea-ad6f-8cac87bc7c71</sub></sup>|Common|<span style="color:#bb2124">High</span>|Secret Management|<a href="../common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71" onclick="newWindowOpenerSafe(event, '../common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71')">Query details</a><br><a href="https://docs.kics.io/latest/secrets/">Documentation</a><br/>|
+|DB Instance Storage Not Encrypted<br/><sup><sub>e50eb68a-a4af-4048-8bbe-8ec324421469</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>72840c35-3876-48be-900d-f21b2f0c2ea1</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-encrypted">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>a507daa5-0795-4380-960b-dd7bb7c56661</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/elbv2.aws.crossplane.io/Listener/v1alpha1@v0.29.0#spec-forProvider-sslPolicy">Documentation</a><br/>|
+|Neptune Database Cluster Encryption Disabled<br/><sup><sub>83bf5aca-138a-498e-b9cd-ad5bc5e117b4</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/neptune.aws.crossplane.io/DBCluster/v1alpha1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
+|DB Security Group Has Public Interface<br/><sup><sub>dd667399-8d9d-4a8d-bbb4-e49ab53b2f52</sub></sup>|Crossplane|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ec2.aws.crossplane.io/SecurityGroup/v1beta1@v0.29.0#spec-forProvider-ingress-ipRanges-cidrIp">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>9296f1cc-7a40-45de-bd41-f31745488a0e</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/sqs.aws.crossplane.io/Queue/v1beta1@v0.29.0#spec-forProvider-kmsMasterKeyId">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>255b0fcc-9f82-41fe-9229-01b163e3376b</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-viewerCertificate-minimumProtocolVersion">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>d9dc6429-5140-498a-8f55-a10daac5f000</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.17.0">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>6d19ce0f-b3d8-4128-ac3d-1064e0f00494</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-webACLID">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>7b590235-1ff4-421b-b9ff-5227134be9bb</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-logging">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>e6cd49ba-77ed-417f-9bca-4f5303554308</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/docdb.aws.crossplane.io/DBCluster/v1alpha1@v0.21.1#status-atProvider-enabledCloudwatchLogsExports">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>bdecd6db-2600-47dd-a10c-72c97cf17ae9</sub></sup>|Crossplane|<span style="color:#edd57e">Low</span>|Encryption|<a href="../crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-kmsKeyID">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>0c7a76d9-7dc5-499e-81ac-9245839177cb</sub></sup>|Crossplane|<span style="color:#edd57e">Low</span>|Observability|<a href="../crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ecs.aws.crossplane.io/Cluster/v1alpha1@v0.42.0#spec-forProvider-settings">Documentation</a><br/>|
+|CloudWatch Without Retention Period Specified<br/><sup><sub>934613fe-b12c-4e5a-95f5-c1dcdffac1ff</sub></sup>|Crossplane|<span style="color:#5bc0de">Info</span>|Observability|<a href="../crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudwatchlogs.aws.crossplane.io/LogGroup/v1alpha1@v0.29.0#spec-forProvider-retentionInDays">Documentation</a><br/>|
+|AKS RBAC Disabled<br/><sup><sub>b2418936-cd47-4ea2-8346-623c0bdb87bd</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd" onclick="newWindowOpenerSafe(event, '../crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/compute.azure.crossplane.io/AKSCluster/v1alpha3@v0.19.0#spec-disableRBAC">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>6c7cfec3-c686-4ed2-bf58-a1ec054b63fc</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc" onclick="newWindowOpenerSafe(event, '../crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/cache.azure.crossplane.io/Redis/v1beta1@v0.19.0#spec-forProvider-enableNonSslPort">Documentation</a><br/>|
+|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>b4f65d13-a609-4dc1-af7c-63d2e08bffe9</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9" onclick="newWindowOpenerSafe(event, '../crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/container.gcp.crossplane.io/NodePool/v1beta1@v0.21.0#spec-forProvider-management-autoRepair">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>6c2d627c-de0f-45fb-b33d-dad9bffbb421</sub></sup>|Crossplane|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421" onclick="newWindowOpenerSafe(event, '../crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/storage.gcp.crossplane.io/Bucket/v1alpha3@v0.21.0#spec-logging">Documentation</a><br/>|
+|Docker Socket Mounted In Container<br/><sup><sub>d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#volumes">Documentation</a><br/>|
+|Volume Has Sensitive Host Directory<br/><sup><sub>1c1325ff-831d-43a1-973e-839ae57dfcc0</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference">Documentation</a><br/>|
+|Volume Mounted In Multiple Containers<br/><sup><sub>baa452f0-1f21-4a25-ace5-844e7a5f410d</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
+|No New Privileges Not Set<br/><sup><sub>27fcc7d6-c49b-46e0-98f1-6c082a6a2750</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750')">Query details</a><br><a href="https://docs.docker.com/engine/reference/run/#security-configuration">Documentation</a><br/>|
+|Privileged Containers Enabled<br/><sup><sub>ae5b6871-7f45-42e0-bb4c-ab300c4d2026</sub></sup>|DockerCompose|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#privileged">Documentation</a><br/>|
+|Healthcheck Not Set<br/><sup><sub>698ed579-b239-4f8f-a388-baa4bcb13ef8</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Availability|<a href="../dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck">Documentation</a><br/>|
+|Cgroup Not Default<br/><sup><sub>4d9f44c6-2f4a-4317-9bb5-267adbea0232</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cgroup_parent">Documentation</a><br/>|
+|Restart Policy On Failure Not Set To 5<br/><sup><sub>2fc99041-ddad-49d5-853f-e35e70a48391</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391')">Query details</a><br><a href="https://docs.docker.com/config/containers/start-containers-automatically/#use-a-restart-policy">Documentation</a><br/>|
+|Container Traffic Not Bound To Host Interface<br/><sup><sub>451d79dc-0588-476a-ad03-3c7f0320abb3</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#ports">Documentation</a><br/>|
+|Privileged Ports Mapped In Container<br/><sup><sub>bc2908f3-f73c-40a9-8793-c1b7d5544f79</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
+|Container Capabilities Unrestricted<br/><sup><sub>ce76b7d0-9e77-464d-b86f-c5c48e03e22d</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
+|Default Seccomp Profile Disabled<br/><sup><sub>404fde2c-bc4b-4371-9747-7054132ac953</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
+|Host Namespace is Shared<br/><sup><sub>4f31dd9f-2cc3-4751-9b53-67e4af83dac0</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#pid">Documentation</a><br/>|
+|Memory Not Limited<br/><sup><sub>bb9ac4f7-e13b-423d-a010-c74a1bfbe492</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
+|Pids Limit Not Set<br/><sup><sub>221e0658-cb2a-44e3-b08a-db96a341d6fa</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
+|Security Opt Not Set<br/><sup><sub>610e266e-6c12-4bca-9925-1ed0cd29742b</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
+|Shared Host IPC Namespace<br/><sup><sub>baa3890f-bed7-46f5-ab8f-1da8fc91c729</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
+|Shared Host Network Namespace<br/><sup><sub>071a71ff-f868-47a4-ac0b-3c59e4ab5443</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode">Documentation</a><br/>|
+|Shared Host User Namespace<br/><sup><sub>8af7162d-6c98-482f-868e-0d33fb675ca8</sub></sup>|DockerCompose|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#userns_mode">Documentation</a><br/>|
+|Cpus Not Limited<br/><sup><sub>6b610c50-99fb-4ef0-a5f3-e312fd945bc3</sub></sup>|DockerCompose|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
+|Shared Volumes Between Containers<br/><sup><sub>8c978947-0ff6-485c-b0c2-0bfca6026466</sub></sup>|DockerCompose|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
+|Last User Is 'root'<br/><sup><sub>67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae</sub></sup>|Dockerfile|<span style="color:#bb2124">High</span>|Best Practices|<a href="../dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
+|Missing User Instruction<br/><sup><sub>fd54f200-402c-4333-a5a4-36ef6709af2f</sub></sup>|Dockerfile|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
+|Changing Default Shell Using RUN Command<br/><sup><sub>8a301064-c291-4b20-adcb-403fe7fd95fd</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#shell">Documentation</a><br/>|
+|Image Version Using 'latest'<br/><sup><sub>f45ea400-6bbe-4501-9fc7-1c3d75c32067</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067')">Query details</a><br><a href="https://docs.docker.com/develop/dev-best-practices/">Documentation</a><br/>|
+|Not Using JSON In CMD And ENTRYPOINT Arguments<br/><sup><sub>b86987e1-6397-4619-81d5-8807f2387c79</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
+|Run Using Sudo<br/><sup><sub>8ada6e80-0ade-439e-b176-0b28f6bce35a</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Add Instead of Copy<br/><sup><sub>9513a694-aa0d-41d8-be61-3271e056f36b</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#add">Documentation</a><br/>|
+|Apt Get Install Pin Version Not Defined<br/><sup><sub>965a08d7-ef86-4f14-8792-4a3b2098937e</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Gem Install Without Version<br/><sup><sub>22cd11f7-9c6c-4f6e-84c0-02058120b341</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Image Version Not Explicit<br/><sup><sub>9efb0b2d-89c9-41a3-91ca-dcc0aec911fd</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
+|Missing Version Specification In dnf install<br/><sup><sub>93d88cf7-f078-46a8-8ddc-178e03aeacf1</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Missing Zypper Non-interactive Switch<br/><sup><sub>45e1fca5-f90e-465d-825f-c2cb63fa3944</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|NPM Install Command Without Pinned Version<br/><sup><sub>e36d8880-3f78-4546-b9a1-12f0745ca0d5</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Unpinned Package Version in Apk Add<br/><sup><sub>d3499f6d-1651-41bb-a9a7-de925fea487b</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Unpinned Package Version in Pip Install<br/><sup><sub>02d9c71f-3ee8-4986-9c27-1a20d0d19bfc</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Yum install Without Version<br/><sup><sub>6452c424-1d92-4deb-bb18-a03e95d579c4</sub></sup>|Dockerfile|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Chown Flag Exists<br/><sup><sub>aa93e17f-b6db-4162-9334-c70334e7ac28</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Curl or Wget Instead of Add<br/><sup><sub>4b410d24-1cbe-4430-a632-62c9a931cf1c</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Exposing Port 22 (SSH)<br/><sup><sub>5907595b-5b6d-4142-b173-dbb0e73fbff8</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8')">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
+|MAINTAINER Instruction Being Used<br/><sup><sub>99614418-f82b-4852-a9ae-5051402b741c</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#maintainer-deprecated">Documentation</a><br/>|
+|Missing Dnf Clean All<br/><sup><sub>295acb63-9246-4b21-b441-7c1f1fb62dc0</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Missing Zypper Clean<br/><sup><sub>38300d1a-feb2-4a48-936a-d1ef1cd24313</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Multiple RUN, ADD, COPY, Instructions Listed<br/><sup><sub>0008c003-79aa-42d8-95b8-1c2fe37dbfe6</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6')">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
+|Pip install Keeping Cached Packages<br/><sup><sub>f2f903fb-b977-461e-98d7-b3e2185c6118</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Yum Clean All Missing<br/><sup><sub>00481784-25aa-4a55-8633-3136dfcf4f37</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|COPY '--from' References Current FROM Alias<br/><sup><sub>cdddb86f-95f6-4fc4-b5a1-483d9afceb2b</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
+|Copy With More Than Two Arguments Not Ending With Slash<br/><sup><sub>6db6e0c2-32a3-4a2e-93b5-72c35f4119db</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#copy">Documentation</a><br/>|
+|Multiple CMD Instructions Listed<br/><sup><sub>41c195f4-fc31-4a5c-8a1b-90605538d49f</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#cmd">Documentation</a><br/>|
+|Multiple ENTRYPOINT Instructions Listed<br/><sup><sub>6938958b-3f1a-451c-909b-baeee14bdc97</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
+|RUN Instruction Using 'cd' Instead of WORKDIR<br/><sup><sub>f4a6bcd3-e231-4acf-993c-aa027be50d2e</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
+|Same Alias In Different Froms<br/><sup><sub>f2daed12-c802-49cd-afed-fe41d0b82fed</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
+|Update Instruction Alone<br/><sup><sub>9bae49be-0aa3-4de5-bab2-4c3a069e40cd</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Using Unnamed Build Stages<br/><sup><sub>68a51e22-ae5a-4d48-8e87-b01a323605c9</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
+|WORKDIR Path Not Absolute<br/><sup><sub>6b376af8-cfe8-49ab-a08d-f32de23661a4</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
+|Healthcheck Instruction Missing<br/><sup><sub>b03a748a-542d-44f4-bb86-9199ab4fd2d5</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#healthcheck">Documentation</a><br/>|
+|Shell Running A Pipe Without Pipefail Flag<br/><sup><sub>efbf148a-67e9-42d2-ac47-02fa1c0d0b22</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|APT-GET Missing Flags To Avoid Manual Input<br/><sup><sub>77783205-c4ca-4f80-bb80-c777f267c547</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Missing Flag From Dnf Install<br/><sup><sub>7ebd323c-31b7-4e5b-b26f-de5e9e477af8</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Run Using 'wget' and 'curl'<br/><sup><sub>fc775e75-fcfb-4c98-b2f2-910c5858b359</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Run Using apt<br/><sup><sub>b84a0b47-2e99-4c9f-8933-98bcabe2b94d</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Yum Install Allows Manual Input<br/><sup><sub>6e19193a-8753-436d-8a09-76dcff91bb03</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Zypper Install Without Version<br/><sup><sub>562952e4-0348-4dea-9826-44f3a2c6117b</sub></sup>|Dockerfile|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Using Platform Flag with FROM Command<br/><sup><sub>b16e8501-ef3c-44e1-a543-a093238099c9</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
+|UNIX Ports Out Of Range<br/><sup><sub>71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#expose">Documentation</a><br/>|
+|Apk Add Using Local Cache Path<br/><sup><sub>ae9c56a6-3ed1-4ac0-9b54-31267f51151d</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Apt Get Install Lists Were Not Deleted<br/><sup><sub>df746b39-6564-4fed-bf85-e9c44382303c</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|APT-GET Not Avoiding Additional Packages<br/><sup><sub>7384dfb2-fcd1-4fbf-91cd-6c44c318c33c</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Run Utilities And POSIX Commands<br/><sup><sub>9b6b0f38-92a2-41f9-b881-3a1083d99f1b</sub></sup>|Dockerfile|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>63ae3638-a38c-4ff4-b616-6e1f72a31a6a</sub></sup>|GoogleDeploymentManager|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|BigQuery Dataset Is Public<br/><sup><sub>83103dff-d57f-42a8-bd81-40abab64c1a7</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7')">Query details</a><br><a href="https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets">Documentation</a><br/>|
+|SQL DB Instance With SSL Disabled<br/><sup><sub>660360d3-9ca7-46d1-b147-3acc4002953f</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f')">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
+|Client Certificate Disabled<br/><sup><sub>dd690686-2bf9-4012-a821-f61912dd77be</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|GKE Legacy Authorization Enabled<br/><sup><sub>df58d46c-783b-43e0-bdd0-d99164f712ee</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.LegacyAbac">Documentation</a><br/>|
+|Google Storage Bucket Level Access Disabled<br/><sup><sub>1239f54b-33de-482a-8132-faebe288e6a6</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|MySQL Instance With Local Infile On<br/><sup><sub>c759d6f2-4dd3-4160-82d3-89202ef10d87</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87')">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
+|RDP Access Is Not Restricted<br/><sup><sub>50cb6c3b-c878-4b88-b50e-d1421bada9e8</sub></sup>|GoogleDeploymentManager|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
+|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls">Documentation</a><br/>|
+|SQL DB Instance Backup Disabled<br/><sup><sub>a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Backup|<a href="../googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01')">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>fc040fb6-4c23-4c0d-b12a-39edac35debb</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|DNSSEC Using RSASHA1<br/><sup><sub>6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35')">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
+|Cloud DNS Without DNSSEC<br/><sup><sub>313d6deb-3b67-4948-b41d-35b699c2492e</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e')">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
+|Cluster Master Authentication Disabled<br/><sup><sub>7ef7d141-9fbb-4679-a977-fd0883436906</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
+|IP Aliasing Disabled<br/><sup><sub>28727987-e398-49b8-aef1-8a3e7789d111</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
+|Network Policy Disabled<br/><sup><sub>c47f90e8-4a19-43f0-8413-cc434d286c4e</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|OSLogin Is Disabled In VM Instance<br/><sup><sub>e66e1b71-c810-4b4e-a737-0ab59e7f5e41</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|Private Cluster Disabled<br/><sup><sub>48c61fbd-09c9-46cc-a521-012e0c325412</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Shielded VM Disabled<br/><sup><sub>9038b526-4c19-4928-bca2-c03d503bdb79</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|Compute Instance Is Publicly Accessible<br/><sup><sub>8212e2d7-e683-49bc-bf78-d6799075c5a7</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|GKE Master Authorized Networks Disabled<br/><sup><sub>62c8cf50-87f0-4295-a974-8184ed78fe02</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|IP Forwarding Enabled<br/><sup><sub>7c98538a-81c6-444b-bf04-e60bc3ceeec0</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|SSH Access Is Not Restricted<br/><sup><sub>dee21308-2a7a-49de-8ff7-c9b87e188575</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
+|Bucket Without Versioning<br/><sup><sub>227c2f58-70c6-4432-8e9a-a89c1a548cf5</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>ad0875c1-0b39-4890-9149-173158ba3bba</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|Stackdriver Logging Disabled<br/><sup><sub>95601b9a-7fe8-4aee-9b58-d36fd9382dfc</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Stackdriver Monitoring Disabled<br/><sup><sub>bbfc97ab-e92a-4a7b-954c-e88cec815011</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Node Auto Upgrade Disabled<br/><sup><sub>dc5c5fee-6c53-43b0-ab11-4c660e064aaf</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>6e2b1ec1-1eca-4eb7-9d4d-2882680b4811</sub></sup>|GoogleDeploymentManager|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|Cluster Labels Disabled<br/><sup><sub>8810968b-4b15-421d-918b-d91eb4bb8d1d</sub></sup>|GoogleDeploymentManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|COS Node Image Not Used<br/><sup><sub>dbe058d7-b82e-430b-8426-992b2e4677e7</sub></sup>|GoogleDeploymentManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters.nodePools">Documentation</a><br/>|
+|Not Proper Email Account In Use<br/><sup><sub>a21b8df3-c840-4b3d-a41a-10fb2afda171</sub></sup>|GoogleDeploymentManager|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171')">Query details</a><br><a href="https://cloud.google.com/deployment-manager/docs/configuration/set-access-control-resources">Documentation</a><br/>|
+|BOM - GCP PD<br/><sup><sub>268c65a8-58ad-43e4-9019-1a9bbc56749f</sub></sup>|GoogleDeploymentManager|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PST<br/><sup><sub>9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8</sub></sup>|GoogleDeploymentManager|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP SB<br/><sup><sub>c7781feb-a955-4f9f-b9cf-0d7c6f54bb59</sub></sup>|GoogleDeploymentManager|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|Enum Name Not CamelCase<br/><sup><sub>daaace5f-c0dc-4835-b526-7a116b7f4b4e</sub></sup>|GRPC|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e" onclick="newWindowOpenerSafe(event, '../grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e')">Query details</a><br><a href="https://developers.google.com/protocol-buffers/docs/reference/proto3-spec#enum_definition">Documentation</a><br/>|
+|Serving Revision Spec Without Timeout Seconds<br/><sup><sub>e8bb41e4-2f24-4e84-8bea-8c7c070cf93d</sub></sup>|Knative|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d" onclick="newWindowOpenerSafe(event, '../knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d')">Query details</a><br><a href="https://knative.dev/docs/reference/api/serving-api/#serving.knative.dev/v1.RevisionSpec">Documentation</a><br/>|
+|Authorization Mode Set To Always Allow<br/><sup><sub>f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Basic Auth File Is Set<br/><sup><sub>5da47109-f8d6-4585-9e2b-96a8958a12f5</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Client Certificate Authentication Not Setup Properly<br/><sup><sub>e0e00aba-5f1c-4981-a542-9a9563c0ee20</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Non Kube System Pod With Host Mount<br/><sup><sub>aa8f7a35-9923-4cad-bd61-a19b7f6aac91</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
+|RBAC Wildcard In Rule<br/><sup><sub>6b896afb-ca07-467a-b256-1a0077a1c08e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|Service Account Lookup Set To False<br/><sup><sub>a5530bd7-225a-48f9-91bb-f40b04200165</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Token Auth File Is Set<br/><sup><sub>32ecd76e-7bbf-402e-bf48-8b9485749558</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Pod Security Policy Admission Control Plugin Not Set<br/><sup><sub>afa36afb-39fe-4d94-b9b6-afb236f7a03d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Build Process|<a href="../kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Cluster Allows Unsafe Sysctls<br/><sup><sub>9127f0d9-2310-42e7-866f-5fd9d20dcbad</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/">Documentation</a><br/>|
+|Container Is Privileged<br/><sup><sub>dd29336b-fe57-445b-a26e-e6aa867ae609</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/#privileged-mode-for-containers">Documentation</a><br/>|
+|Container Runs Unmasked<br/><sup><sub>f922827f-aab6-447c-832a-e1ff63312bd3</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#allowedprocmounttypes">Documentation</a><br/>|
+|Containers With Sys Admin Capabilities<br/><sup><sub>235236ee-ad78-4065-bd29-61b061f28ce0</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Privilege Escalation Allowed<br/><sup><sub>5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>a33e9173-b674-4dfb-9d82-cf3754816e4b</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|PSP Allows Privilege Escalation<br/><sup><sub>87554eef-154d-411d-bdce-9dbd91e56851</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|PSP Allows Sharing Host IPC<br/><sup><sub>80f93444-b240-4ebb-a4c6-5c40b76c04ea</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|PSP Set To Privileged<br/><sup><sub>c48e57d3-d642-4e0b-90db-37f807b41b91</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#privileged">Documentation</a><br/>|
+|PSP With Added Capabilities<br/><sup><sub>7307579a-3abb-46ad-9ce5-2a915634d5c8</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Shared Host PID Namespace<br/><sup><sub>302736f4-b16c-41b8-befe-c0baffa0bd9d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Tiller (Helm v2) Is Deployed<br/><sup><sub>6d173be7-545a-46c6-a81d-2ae52ed1605d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
+|Tiller Service Is Not Deleted<br/><sup><sub>8b862ca9-0fbd-4959-ad72-b6609bdaa22d</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service">Documentation</a><br/>|
+|Workload Mounting With Sensitive OS Directory<br/><sup><sub>5308a7a8-06f8-45ac-bf10-791fe21de46e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Etcd Peer TLS Certificate Files Not Properly Set<br/><sup><sub>09bb9e96-8da3-4736-b89a-b36814acca60</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Insecure Bind Address Set<br/><sup><sub>b9380fd3-5ffe-4d10-9290-13e18e71eee1</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Insecure Port Not Properly Set<br/><sup><sub>fa4def8c-1898-4a35-a139-7b76b1acdef0</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Secure Port Set To Zero<br/><sup><sub>3d24b204-b73d-42cb-b0bf-1a5438c5f71e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Tiller Deployment Is Accessible From Within The Cluster<br/><sup><sub>e17fa86a-6222-4584-a914-56e8f6c87e06</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
+|PSP With Unrestricted Access to Host Path<br/><sup><sub>de4421f1-4e35-43b4-9783-737dd4e4a47e</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems">Documentation</a><br/>|
+|Volume Mount With OS Directory Write Permissions<br/><sup><sub>b7652612-de4e-4466-a0bf-1cd81f0c6063</sub></sup>|Kubernetes|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
+|Always Admit Admission Control Plugin Set<br/><sup><sub>ce30e584-b33f-4c7d-b418-a3d7027f8f60</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Anonymous Auth Is Not Set To False<br/><sup><sub>1de5cc51-f376-4638-a940-20f2e85ae238</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Authorization Mode RBAC Not Set<br/><sup><sub>1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>a6f34658-fdfb-4154-9536-56d516f65828</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
+|Node Restriction Admission Control Plugin Not Set<br/><sup><sub>33fc6923-6553-4fe6-9d3a-4efa51eb874b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Permissive Access to Create Pods<br/><sup><sub>592ad21d-ad9b-46c6-8d2d-fad09d62a942</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#privilege-escalation-prevention-and-bootstrapping">Documentation</a><br/>|
+|RBAC Roles Allow Privilege Escalation<br/><sup><sub>8320826e-7a9c-4b0b-9535-578333193432</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#restrictions-on-role-binding-creation-or-update">Documentation</a><br/>|
+|RBAC Roles with Attach Permission<br/><sup><sub>d45330fd-f58d-45fb-a682-6481477a0f84</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|RBAC Roles with Exec Permission<br/><sup><sub>c589f42c-7924-4871-aee2-1cede9bc7cbc</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|RBAC Roles with Impersonate Permission<br/><sup><sub>9f85c3f6-26fd-4007-938a-2e0cb0100980</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation">Documentation</a><br/>|
+|RBAC Roles with Port-Forwarding Permission<br/><sup><sub>38fa11ef-dbcc-4da8-9680-7e1fd855b6fb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|RBAC Roles with Read Secrets Permissions<br/><sup><sub>b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|Service Account Admission Control Plugin Disabled<br/><sup><sub>9587c890-0524-40c2-9ce2-663af7c2f063</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Use Service Account Credentials Not Set To True<br/><sup><sub>1acd93f1-5a37-45c0-aaac-82ece818be7d</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Readiness Probe Is Not Configured<br/><sup><sub>a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes">Documentation</a><br/>|
+|Request Timeout Not Properly Set<br/><sup><sub>d89a15bb-8dba-4c71-9529-bef6729b9c09</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Terminated Pod Garbage Collector Threshold Not Properly Set<br/><sup><sub>49113af4-29ca-458e-b8d4-724c01a4a24f</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Container Running As Root<br/><sup><sub>cf34805e-3872-4c08-bf92-6ff7bb0cfadb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Container Running With Low UID<br/><sup><sub>02323c00-cdc3-4fdc-a310-4f2b3e7a1660</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Root Containers Admitted<br/><sup><sub>e3aa0612-4351-4a0d-983f-aefea25cf203</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Always Pull Images Admission Control Plugin Not Set<br/><sup><sub>a77f4d07-c6e0-4a48-8b35-0eeb51576f4f</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>3878dc92-8e5d-47cf-9cdd-7590f71d21b9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
+|Encryption Provider Config Is Not Defined<br/><sup><sub>cbd2db69-0b21-4c14-8a40-7710a50571a9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Encryption Provider Not Properly Configured<br/><sup><sub>10efce34-5af6-4d83-b414-9e096d5a06a9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#understanding-the-encryption-at-rest-configuration">Documentation</a><br/>|
+|Root CA File Not Defined<br/><sup><sub>05fb986f-ac73-4ebb-a5b2-7faafa93d882</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Service Account Private Key File Not Defined<br/><sup><sub>ccc98ff7-68a7-436e-9218-185cb0b0b780</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Weak TLS Cipher Suites<br/><sup><sub>510d5810-9a30-443a-817d-5c1fa527b110</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Authorization Mode Node Not Set<br/><sup><sub>4d7ee40f-fc5d-427d-8cac-dffbe22d42d1</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Containers With Added Capabilities<br/><sup><sub>19ebaa28-fc86-4a58-bcfa-015c9e22fe40</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Ingress Controller Exposes Workload<br/><sup><sub>69bbc5e3-0818-4150-89cc-1e989b48f23b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/">Documentation</a><br/>|
+|Kubelet Protect Kernel Defaults Set To False<br/><sup><sub>6cf42c97-facd-4fda-b8af-ea4529123355</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>2270987f-bb51-479f-b8be-3ca73e5ad648</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>dbbc6705-d541-43b0-b166-dd4be8208b54</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|PSP Allows Sharing Host PID<br/><sup><sub>91dacd0e-d189-4a9c-8272-5999a3cc32d9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Seccomp Profile Is Not Configured<br/><sup><sub>f377b83e-bd07-4f48-a591-60c82b14a78b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b')">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/security/seccomp/#create-pod-that-uses-the-container-runtime-default-seccomp-profile">Documentation</a><br/>|
+|Security Context Deny Admission Control Plugin Not Set<br/><sup><sub>6a68bebe-c021-492e-8ddb-55b0567fb768</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Using Unrecommended Namespace<br/><sup><sub>611ab018-c4aa-4ba2-b0f6-a448337509a6</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/">Documentation</a><br/>|
+|Role Binding To Default Service Account<br/><sup><sub>1e749bc9-fde8-471c-af0c-8254efd2dee5</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
+|Service Account Name Undefined Or Empty<br/><sup><sub>591ade62-d6b0-4580-b1ae-209f80ba1cd9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
+|Service Account Token Automount Not Disabled<br/><sup><sub>48471392-d4d0-47c0-b135-cdec95eb3eef</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server">Documentation</a><br/>|
+|Auto TLS Set To True<br/><sup><sub>98ce8b81-7707-4734-aa39-627c6db3d84b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|CNI Plugin Does Not Support Network Policies<br/><sup><sub>03aabc8c-35d6-481e-9c85-20139cf72d23</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/">Documentation</a><br/>|
+|Etcd TLS Certificate Files Not Properly Set<br/><sup><sub>075ca296-6768-4322-aea2-ba5063b969a9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Etcd TLS Certificate Not Properly Configured<br/><sup><sub>895a5a95-3756-4b04-9924-2f3bc93181bd</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet HTTPS Set To False<br/><sup><sub>cdc8b54e-6b16-4538-a1b0-35849dbe29cf</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet Not Managing Ip Tables<br/><sup><sub>5f89001f-6dd9-49ff-9b15-d8cd71b617f4</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Kubelet Read Only Port Is Not Set To Zero<br/><sup><sub>2940d48a-dc5e-4178-a3f8-bfbd80720b41</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Kubelet Streaming Connection Timeout Disabled<br/><sup><sub>ed89b97d-04e9-4fd4-919f-ee5b27e555e9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Peer Auto TLS Set To True<br/><sup><sub>ae8827e2-4af9-4baa-9998-87539ae0d6f0</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Pod Misconfigured Network Policy<br/><sup><sub>0401f71b-9c1e-4821-ab15-a955caa621be</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
+|Service With External Load Balancer<br/><sup><sub>26763a1c-5dda-4772-b507-5fca7fb5f165</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/">Documentation</a><br/>|
+|TSL Connection Certificate Not Setup<br/><sup><sub>fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Audit Log Path Not Set<br/><sup><sub>73e251f0-363d-4e53-86e2-0a93592437eb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Policy File Not Defined<br/><sup><sub>13a49a2e-488e-4309-a7c0-d6b05577a5fb</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Memory Limits Not Defined<br/><sup><sub>b14d1bc4-a208-45db-92f0-e21f8e2588e9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
+|Memory Requests Not Defined<br/><sup><sub>229588ef-8fde-40c8-8756-f4f2b5825ded</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
+|Shared Host IPC Namespace<br/><sup><sub>cd290efd-6c82-4e9d-a698-be12ae31d536</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Shared Host Network Namespace<br/><sup><sub>6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Etcd Client Certificate Authentication Set To False<br/><sup><sub>9391103a-d8d7-4671-ac5d-606ba7ccb0ac</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Etcd Client Certificate File Not Defined<br/><sup><sub>3f5ff8a7-5ad6-4d02-86f5-666307da1b20</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Etcd Peer Client Certificate Authentication Set To False<br/><sup><sub>b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Kubelet Certificate Authority Not Set<br/><sup><sub>ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet Client Certificate Or Key Not Set<br/><sup><sub>36a27826-1bf5-49da-aeb0-a60a30c0e834</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet Client Periodic Certificate Switch Disabled<br/><sup><sub>52d70f2e-3257-474c-b3dc-8ad9ba6a061a</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Not Unique Certificate Authority<br/><sup><sub>cb7e695d-6a85-495c-b15f-23aed2519303</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Rotate Kubelet Server Certificate Not Active<br/><sup><sub>1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Service Account Key File Not Properly Set<br/><sup><sub>dab4ec72-ce2e-4732-b7c3-1757dcce01a1</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|ServiceAccount Allows Access Secrets<br/><sup><sub>056ac60e-fe07-4acc-9b34-8e1d51716ab9</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|Shared Service Account<br/><sup><sub>c1032cf7-3628-44e2-bd53-38c17cf31b6b</sub></sup>|Kubernetes|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
+|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>249328b8-5f0f-409f-b1dd-029f07882e11</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles">Documentation</a><br/>|
+|Missing AppArmor Profile<br/><sup><sub>8b36775e-183d-4d46-b0f7-96a6f34a723f</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f')">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/clusters/apparmor/">Documentation</a><br/>|
+|Deployment Without PodDisruptionBudget<br/><sup><sub>b23e9b98-0cb6-4fc9-b257-1f3270442678</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
+|Event Rate Limit Admission Control Plugin Not Set<br/><sup><sub>e0099af2-fe17-411f-9991-0de28fe15f3c</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|HPA Targets Invalid Object<br/><sup><sub>2f652c42-619d-4361-b361-9f599688f8ca</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
+|StatefulSet Without PodDisruptionBudget<br/><sup><sub>1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
+|StatefulSet Without Service Name<br/><sup><sub>bb241e61-77c3-4b97-9575-c0f8a1e008d0</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
+|Metadata Label Is Invalid<br/><sup><sub>1123031a-f921-4c5b-bd86-ef354ecfd37a</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/">Documentation</a><br/>|
+|No Drop Capabilities for Containers<br/><sup><sub>268ca686-7fb7-4ae9-b129-955a2a89064e</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/init-containers/">Documentation</a><br/>|
+|Object Is Using A Deprecated API Version<br/><sup><sub>94b76ea5-e074-4ca2-8a03-c5a606e30645</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645')">Query details</a><br><a href="https://kubernetes.io/docs/reference/using-api/deprecation-guide/">Documentation</a><br/>|
+|Image Policy Webhook Admission Control Plugin Not Set<br/><sup><sub>14abda69-8e91-4acb-9931-76e2bee90284</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Namespace Lifecycle Admission Control Plugin Disabled<br/><sup><sub>1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Root Container Not Mounted Read-only<br/><sup><sub>a9c2f49d-0671-4fc9-9ece-f4e261e128d0</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|StatefulSet Requests Storage<br/><sup><sub>8cf4671a-cf3d-46fc-8389-21e7405063a2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
+|Dashboard Is Enabled<br/><sup><sub>d2ad057f-0928-41ef-a83c-f59203bb855b</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/">Documentation</a><br/>|
+|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>caa3479d-885d-4882-9aac-95e5e78ef5c2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
+|Image Without Digest<br/><sup><sub>7c81d34c-8e5a-402b-9798-9f442630e678</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
+|Kubelet Hostname Override Is Set<br/><sup><sub>bf36b900-b5ef-4828-adb7-70eb543b7cfb</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Pod or Container Without LimitRange<br/><sup><sub>4a20ebac-1060-4c81-95d1-1f7f620e983b</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/limit-range/">Documentation</a><br/>|
+|Pod or Container Without ResourceQuota<br/><sup><sub>48a5beba-e4c0-4584-a2aa-e6894e4cf424</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/resource-quotas/">Documentation</a><br/>|
+|Pod or Container Without Security Context<br/><sup><sub>a97a340a-0063-418e-b3a1-3028941d0995</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Service Does Not Target Pod<br/><sup><sub>3ca03a61-3249-4c16-8427-6f8e47dda729</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
+|Network Policy Is Not Targeting Any Pod<br/><sup><sub>85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
+|Service Type is NodePort<br/><sup><sub>845acfbe-3e10-4b8e-b656-3b404d36dfb2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
+|Workload Host Port Not Specified<br/><sup><sub>2b1836f1-dcce-416e-8e16-da8c71920633</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#exposing-the-service">Documentation</a><br/>|
+|Audit Log Maxage Not Properly Set<br/><sup><sub>da9f3aa8-fbfb-472f-b5a1-576127944218</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Log Maxbackup Not Properly Set<br/><sup><sub>768aab52-2504-4a2f-a3e3-329d5a679848</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Log Maxsize Not Properly Set<br/><sup><sub>35c0a471-f7c8-4993-aa2c-503a3c712a66</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Policy Not Cover Key Security Concerns<br/><sup><sub>1828a670-5957-4bc5-9974-47da228f75e2</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/debug-application-cluster/audit/">Documentation</a><br/>|
+|Kubelet Event QPS Not Properly Set<br/><sup><sub>1a07a446-8e61-4e4d-bc16-b0781fcb8211</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Profiling Not Set To False<br/><sup><sub>2f491173-6375-4a84-b28e-a4e2b9a58a69</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|CPU Limits Not Set<br/><sup><sub>4ac0e2b7-d2d2-4af7-8799-e8de6721ccda</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/">Documentation</a><br/>|
+|CPU Requests Not Set<br/><sup><sub>ca469dd4-c736-448f-8ac1-30a642705e0a</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#">Documentation</a><br/>|
+|CronJob Deadline Not Configured<br/><sup><sub>192fe40b-b1c3-448a-aba2-6cc19a300fe3</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/">Documentation</a><br/>|
+|Deployment Has No PodAntiAffinity<br/><sup><sub>a31b7b82-d994-48c4-bd21-3bab6c31827a</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
+|StatefulSet Has No PodAntiAffinity<br/><sup><sub>d740d048-8ed3-49d3-b77b-6f072f3b669e</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
+|Secrets As Environment Variables<br/><sup><sub>3d658f8b-d988-41a0-a841-40043121de1e</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables">Documentation</a><br/>|
+|Invalid Image Tag<br/><sup><sub>583053b7-e632-46f0-b989-f81ff8045385</sub></sup>|Kubernetes|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
+|Ensure Administrative Boundaries Between Resources<br/><sup><sub>e84eaf4d-2f45-47b2-abe8-e581b06deb66</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/">Documentation</a><br/>|
+|HPA Targeted Deployments With Configured Replica Count<br/><sup><sub>5744cbb8-5946-4b75-a196-ade44449525b</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
+|Liveness Probe Is Not Defined<br/><sup><sub>ade74944-a674-4e00-859e-c6eab5bde441</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#when-should-you-use-a-liveness-probe">Documentation</a><br/>|
+|Not Limited Capabilities For Pod Security Policy<br/><sup><sub>caa93370-791f-4fc6-814b-ba6ce0cb4032</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Bind Address Not Properly Set<br/><sup><sub>46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Using Kubernetes Native Secret Management<br/><sup><sub>b9c83569-459b-4110-8f79-6305aa33cb37</sub></sup>|Kubernetes|<span style="color:#5bc0de">Info</span>|Secret Management|<a href="../kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/">Documentation</a><br/>|
+|Security Definitions Undefined or Empty<br/><sup><sub>e3f026e8-fdb4-4d5a-bcfd-bd94452073fe</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe" onclick="newWindowOpenerSafe(event, '../openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
+|Security Requirement Not Defined In Security Definition<br/><sup><sub>a599b0d1-ff89-4cb8-9ece-9951854c06f6</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Structure and Semantics|<a href="../openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6" onclick="newWindowOpenerSafe(event, '../openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
+|Global Security Using Password Flow<br/><sup><sub>2da46be4-4317-4650-9285-56d7103c4f93</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93" onclick="newWindowOpenerSafe(event, '../openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
+|Implicit Flow in OAuth2 (v2)<br/><sup><sub>e9817ad8-a8c9-4038-8a2f-db0e6e7b284b</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b" onclick="newWindowOpenerSafe(event, '../openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Invalid OAuth2 Authorization URL (v2)<br/><sup><sub>33d96c65-977d-4c33-943f-440baca49185</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/33d96c65-977d-4c33-943f-440baca49185" onclick="newWindowOpenerSafe(event, '../openapi-queries/33d96c65-977d-4c33-943f-440baca49185')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Invalid OAuth2 Token URL (v2)<br/><sup><sub>274f910a-0665-4f08-b66d-7058fe927dba</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba" onclick="newWindowOpenerSafe(event, '../openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba')">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
+|Operation Using Basic Auth<br/><sup><sub>ceefb058-8065-418f-9c4c-584a78c7e104</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104" onclick="newWindowOpenerSafe(event, '../openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Operation Using Implicit Flow<br/><sup><sub>f42dfe7e-787d-4478-a75e-a5f3d8a2269e</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e" onclick="newWindowOpenerSafe(event, '../openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Operation Using Password Flow<br/><sup><sub>2e44e632-d617-43cb-b294-6bfe72a08938</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938" onclick="newWindowOpenerSafe(event, '../openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Security Definitions Allows Password Flow<br/><sup><sub>773116aa-2e6d-416f-bd85-f0301cc05d76</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76" onclick="newWindowOpenerSafe(event, '../openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Security Definitions Using Basic Auth<br/><sup><sub>221015a8-aa2a-43f5-b00b-ad7d2b1d47a8</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8" onclick="newWindowOpenerSafe(event, '../openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Global Schemes Uses HTTP<br/><sup><sub>f30ee711-0082-4480-85ab-31d922d9a2b2</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2" onclick="newWindowOpenerSafe(event, '../openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2')">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
+|Path Scheme Accepts HTTP (v2)<br/><sup><sub>a6847dc6-f4ea-45ac-a81f-93291ae6c573</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573" onclick="newWindowOpenerSafe(event, '../openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573')">Query details</a><br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
+|Schemes Uses HTTP<br/><sup><sub>a46928f1-43d7-4671-94e0-2dd99746f389</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389" onclick="newWindowOpenerSafe(event, '../openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389')">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
+|Operation Object Without 'consumes'<br/><sup><sub>0c79e50e-b3cf-490c-b8f6-587c644d4d0c</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c" onclick="newWindowOpenerSafe(event, '../openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Operation Object Without 'produces'<br/><sup><sub>be3e170e-1572-461e-a8b6-d963def581ec</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec" onclick="newWindowOpenerSafe(event, '../openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Non OAuth2 Security Requirement Defining OAuth2 Scopes<br/><sup><sub>ba239cb9-f342-4c20-812d-7b5a2aa6969e</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Structure and Semantics|<a href="../openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e" onclick="newWindowOpenerSafe(event, '../openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
+|Undefined Scope 'securityDefinition' On 'security' Field On Operations<br/><sup><sub>3847280c-9193-40bc-8009-76168e822ce2</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/3847280c-9193-40bc-8009-76168e822ce2" onclick="newWindowOpenerSafe(event, '../openapi-queries/3847280c-9193-40bc-8009-76168e822ce2')">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
+|Undefined Scope 'securityDefinition' On Global 'security' Field<br/><sup><sub>9aa6e95c-d964-4239-a3a8-9f37a3c5a31f</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f" onclick="newWindowOpenerSafe(event, '../openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f')">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
+|Constraining Enum Property<br/><sup><sub>be1d8733-3731-40c7-a845-734741c6871d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/be1d8733-3731-40c7-a845-734741c6871d" onclick="newWindowOpenerSafe(event, '../openapi-queries/be1d8733-3731-40c7-a845-734741c6871d')">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
+|Global Parameter Definition Not Being Used<br/><sup><sub>b30981fa-a12e-49c7-a5bb-eeafb61d0f0f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f" onclick="newWindowOpenerSafe(event, '../openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f')">Query details</a><br><a href="https://swagger.io/specification/v2/#parametersDefinitionsObject">Documentation</a><br/>|
+|Global Responses Definition Not Being Used<br/><sup><sub>0b76d993-ee52-43e0-8b39-3787d2ddabf1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1" onclick="newWindowOpenerSafe(event, '../openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1')">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
+|Global Schema Definition Not Being Used<br/><sup><sub>6d2e0790-cc3d-4c74-b973-d4e8b09f4455</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455" onclick="newWindowOpenerSafe(event, '../openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455')">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
+|Invalid Media Type Value (v2)<br/><sup><sub>f985a7d2-d404-4a7f-9814-f645f791e46e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e" onclick="newWindowOpenerSafe(event, '../openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Operation Summary Too Long<br/><sup><sub>d47940ca-5970-45cc-bdd1-4d81398cee1f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f" onclick="newWindowOpenerSafe(event, '../openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Schema with 'additionalProperties' set as Boolean<br/><sup><sub>3a01790c-ebee-4da6-8fd3-e78657383b75</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75" onclick="newWindowOpenerSafe(event, '../openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75')">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
+|Unknown Prefix (v2)<br/><sup><sub>3b615f00-c443-4ba9-acc4-7c308716917d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d" onclick="newWindowOpenerSafe(event, '../openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d')">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
+|BasePath With Wrong Format<br/><sup><sub>b4803607-ed72-4d60-99e2-3fa6edf471c6</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6" onclick="newWindowOpenerSafe(event, '../openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6')">Query details</a><br><a href="https://swagger.io/specification/v2/#schema">Documentation</a><br/>|
+|Body Parameter With Wrong Property<br/><sup><sub>c38d630d-a415-4e3e-bac2-65475979ba88</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88" onclick="newWindowOpenerSafe(event, '../openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Body Parameter Without Schema<br/><sup><sub>ed48229d-d43e-4da7-b453-5f98d964a57a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a" onclick="newWindowOpenerSafe(event, '../openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|File Parameter With Wrong Consumes Property<br/><sup><sub>7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a" onclick="newWindowOpenerSafe(event, '../openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Host With Invalid Pattern<br/><sup><sub>3d7d7b6c-fb0a-475e-8a28-c125e30d15f0</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0" onclick="newWindowOpenerSafe(event, '../openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0')">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
+|Multi 'collectionformat' Not Valid For 'in' Parameter<br/><sup><sub>750f6448-27c0-49f8-a153-b81735c1e19c</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c" onclick="newWindowOpenerSafe(event, '../openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Multiple Body Parameters In The Same Operation<br/><sup><sub>b90033cf-ad9f-4fb9-acd1-1b9d6d278c87</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87" onclick="newWindowOpenerSafe(event, '../openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Non Body Parameter Without Schema<br/><sup><sub>73c3bc54-3cc6-4c0a-b30a-e19f2abfc951</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951" onclick="newWindowOpenerSafe(event, '../openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Object Without Required Property (v2)<br/><sup><sub>5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275" onclick="newWindowOpenerSafe(event, '../openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275')">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
+|Operation Example Mismatch Produces MimeType<br/><sup><sub>2cf35b40-ded3-43d6-9633-c8dcc8bcc822</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822" onclick="newWindowOpenerSafe(event, '../openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822')">Query details</a><br><a href="https://swagger.io/specification/v2/#exampleObject">Documentation</a><br/>|
+|Operation Object Parameters With 'body' And 'formatData' locations<br/><sup><sub>eb3f9744-d24e-4614-b1ff-2a9514eca21c</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c" onclick="newWindowOpenerSafe(event, '../openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Parameter File Type Not In 'formData'<br/><sup><sub>c3cab8c4-6c52-47a9-942b-c27f26fbd7d2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2" onclick="newWindowOpenerSafe(event, '../openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Parameter JSON Reference Does Not Exists (v2)<br/><sup><sub>fb889ae9-2d16-40b5-b41f-9da716c5abc1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1" onclick="newWindowOpenerSafe(event, '../openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Parameter Object With Incorrect Ref (v2)<br/><sup><sub>2596545e-1757-4ff7-a15a-8a9a180a42f3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3" onclick="newWindowOpenerSafe(event, '../openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameter-object">Documentation</a><br/>|
+|Property Not Unique<br/><sup><sub>750b40be-4bac-4f59-bdc4-1ca0e6c3450e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e" onclick="newWindowOpenerSafe(event, '../openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e')">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
+|Response Object With Incorrect Ref (v2)<br/><sup><sub>bccfa089-89e4-47e0-a0e5-185fe6902220</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220" onclick="newWindowOpenerSafe(event, '../openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220')">Query details</a><br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
+|Responses JSON Reference Does Not Exists (v2)<br/><sup><sub>e9db5fb4-6a84-4abb-b4af-3b94fbdace6d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d" onclick="newWindowOpenerSafe(event, '../openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d')">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
+|Schema JSON Reference Does Not Exists (v2)<br/><sup><sub>98295b32-ec09-4b5b-89a9-39853197f914</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914" onclick="newWindowOpenerSafe(event, '../openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914')">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
+|Schema Object Incorrect Ref (v2)<br/><sup><sub>0220e1c5-65d1-49dd-b7c2-cef6d6cb5283</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283" onclick="newWindowOpenerSafe(event, '../openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283')">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
+|Unknown Property (v2)<br/><sup><sub>429b2106-ba37-43ba-9727-7f699cc611e1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1" onclick="newWindowOpenerSafe(event, '../openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1')">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
+|Cleartext Credentials With Basic Authentication For Operation<br/><sup><sub>86b1fa30-9790-4980-994d-a27e0f6f27c1</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1" onclick="newWindowOpenerSafe(event, '../openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Field 'securityScheme' On Components Is Undefined<br/><sup><sub>8db5544e-4874-4baa-9322-e9f75a2d219e</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e" onclick="newWindowOpenerSafe(event, '../openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Global Security Scheme Using Basic Authentication<br/><sup><sub>77276d82-4f45-4cf1-8e2b-4d345b936228</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228" onclick="newWindowOpenerSafe(event, '../openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Invalid OAuth2 Authorization URL (v3)<br/><sup><sub>52c0d841-60d6-4a81-88dd-c35fef36d315</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315" onclick="newWindowOpenerSafe(event, '../openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|Invalid OAuth2 Token URL (v3)<br/><sup><sub>3ba0cca1-b815-47bf-ac62-1e584eb64a05</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05" onclick="newWindowOpenerSafe(event, '../openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|OAuth2 With Implicit Flow<br/><sup><sub>39cb32f2-3a42-4af0-8037-82a7a9654b6c</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c" onclick="newWindowOpenerSafe(event, '../openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
+|OAuth2 With Password Flow<br/><sup><sub>3979b0a4-532c-4ea7-86e4-34c090eaa4f2</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2" onclick="newWindowOpenerSafe(event, '../openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
+|Security Scheme HTTP Unknown Scheme<br/><sup><sub>06764426-3c56-407e-981f-caa25db1c149</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/06764426-3c56-407e-981f-caa25db1c149" onclick="newWindowOpenerSafe(event, '../openapi-queries/06764426-3c56-407e-981f-caa25db1c149')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Global Server Object Uses HTTP<br/><sup><sub>2d8c175a-6d90-412b-8b0e-e034ea49a1fe</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe" onclick="newWindowOpenerSafe(event, '../openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Path Server Object Uses HTTP (v3)<br/><sup><sub>9670f240-7b4d-4955-bd93-edaa9fa38b58</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58" onclick="newWindowOpenerSafe(event, '../openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Media Type Object Without Schema<br/><sup><sub>f79b9d26-e945-44e7-98a1-b93f0f7a68a0</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0" onclick="newWindowOpenerSafe(event, '../openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Parameter Object Without Schema<br/><sup><sub>8fe1846f-52cc-4413-ace9-1933d7d23672</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672" onclick="newWindowOpenerSafe(event, '../openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Object Without Schema<br/><sup><sub>50de3b5b-6465-4e06-a9b0-b4c2ba34326b</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b" onclick="newWindowOpenerSafe(event, '../openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b')">Query details</a><br><a href="https://swagger.io/specification/#header-object">Documentation</a><br/>|
+|API Key Exposed In Global Security Scheme<br/><sup><sub>40e1d1bf-11a9-4f63-a3a2-a8b84c602839</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839" onclick="newWindowOpenerSafe(event, '../openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using HTTP Basic<br/><sup><sub>68e5fcac-390c-4939-a373-6074b7be7c71</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71" onclick="newWindowOpenerSafe(event, '../openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using HTTP Digest<br/><sup><sub>a4247b11-890b-45df-bf42-350a7a3af9be</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be" onclick="newWindowOpenerSafe(event, '../openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using HTTP Negotiate<br/><sup><sub>f525cc92-9050-4c41-a75c-890dc6f64449</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449" onclick="newWindowOpenerSafe(event, '../openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using Oauth 1.0<br/><sup><sub>1bc3205c-0d60-44e6-84f3-44fbf4dac5b3</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3" onclick="newWindowOpenerSafe(event, '../openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Undefined Scope 'securityScheme' On 'security' Field On Operations<br/><sup><sub>462d6a1d-fed9-4d75-bb9e-3de902f35e6e</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e" onclick="newWindowOpenerSafe(event, '../openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|Undefined Scope 'securityScheme' On Global 'security' Field<br/><sup><sub>23a9e2d9-8738-4556-a71c-2802b6ffa022</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022" onclick="newWindowOpenerSafe(event, '../openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|Additional Properties Too Permissive<br/><sup><sub>9f88c88d-824d-4d9a-b985-e22977046042</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042" onclick="newWindowOpenerSafe(event, '../openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Additional Properties Too Restrictive<br/><sup><sub>a19c3bbd-c056-40d7-9e1c-eeb0634e320d</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d" onclick="newWindowOpenerSafe(event, '../openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Success Response Code Undefined for Trace Operation<br/><sup><sub>105e20dd-8449-4d71-95c6-d5dac96639af</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af" onclick="newWindowOpenerSafe(event, '../openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Components Callback Definition Is Unused<br/><sup><sub>d15db953-a553-4b8a-9a14-a3d62ea3d79d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d" onclick="newWindowOpenerSafe(event, '../openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Example Definition Is Unused<br/><sup><sub>b05bb927-2df5-43cc-8d7b-6825c0e71625</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625" onclick="newWindowOpenerSafe(event, '../openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Header Definition Is Unused<br/><sup><sub>a68da022-e95a-4bc2-97d3-481e0bd6d446</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446" onclick="newWindowOpenerSafe(event, '../openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Link Definition Is Unused<br/><sup><sub>c19779a9-5774-4d2f-a3a1-a99831730375</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375" onclick="newWindowOpenerSafe(event, '../openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Parameter Definition Is Unused<br/><sup><sub>698a464e-bb3e-4ba8-ab5e-e6599b7644a0</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0" onclick="newWindowOpenerSafe(event, '../openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Request Body Definition Is Unused<br/><sup><sub>6b76f589-9713-44ab-97f5-59a3dba1a285</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285" onclick="newWindowOpenerSafe(event, '../openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Response Definition Is Unused<br/><sup><sub>9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae" onclick="newWindowOpenerSafe(event, '../openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Schema Definition Is Unused<br/><sup><sub>962fa01e-b791-4dcc-b04a-4a3e7389be5e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e" onclick="newWindowOpenerSafe(event, '../openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Encoding Header 'Content-Type' Improperly Defined<br/><sup><sub>4cd8de87-b595-48b6-ab3c-1904567135ab</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab" onclick="newWindowOpenerSafe(event, '../openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Invalid Media Type Value (v3)<br/><sup><sub>cf4a5f45-a27b-49df-843a-9911dbfe71d4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4" onclick="newWindowOpenerSafe(event, '../openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Property 'allowEmptyValue' Ignored<br/><sup><sub>59c2f769-7cc2-49c8-a3de-4e211135cfab</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab" onclick="newWindowOpenerSafe(event, '../openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Property 'allowReserved' of Encoding Object Ignored<br/><sup><sub>4190dda7-af03-4cf0-a128-70ac1661ca09</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09" onclick="newWindowOpenerSafe(event, '../openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09')">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
+|Property 'explode' of Encoding Object Ignored<br/><sup><sub>a4dd69b8-49fa-45d2-a060-c76655405b05</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05" onclick="newWindowOpenerSafe(event, '../openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05')">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
+|Property 'style' of Encoding Object Ignored<br/><sup><sub>d3ea644a-9a5c-4fee-941f-f8a6786c0470</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470" onclick="newWindowOpenerSafe(event, '../openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470')">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
+|Unknown Prefix (v3)<br/><sup><sub>a5375be3-521c-43bb-9eab-e2432e368ee4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4" onclick="newWindowOpenerSafe(event, '../openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Callback JSON Reference Does Not Exists<br/><sup><sub>f29904c8-6041-4bca-b043-dfa0546b8079</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079" onclick="newWindowOpenerSafe(event, '../openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Callback Object With Incorrect Ref<br/><sup><sub>ba066cda-e808-450d-92b6-f29109754d45</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ba066cda-e808-450d-92b6-f29109754d45" onclick="newWindowOpenerSafe(event, '../openapi-queries/ba066cda-e808-450d-92b6-f29109754d45')">Query details</a><br><a href="https://swagger.io/specification/#callback-object">Documentation</a><br/>|
+|Components Object Fixed Field Key Improperly Named<br/><sup><sub>151331e2-11f4-4bb6-bd35-9a005e695087</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087" onclick="newWindowOpenerSafe(event, '../openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Empty Array<br/><sup><sub>5915c20f-dffa-4cee-b5d4-f457ddc0151a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a" onclick="newWindowOpenerSafe(event, '../openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a')">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
+|Encoding Map Key Mismatch Schema Defined Properties<br/><sup><sub>cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b" onclick="newWindowOpenerSafe(event, '../openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Example JSON Reference Does Not Exists<br/><sup><sub>6a2c219f-da5e-4745-941e-5ea8cde23356</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356" onclick="newWindowOpenerSafe(event, '../openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Example JSON Reference Outside Components Examples<br/><sup><sub>bac56e3c-1f71-4a74-8ae6-2fba07efcddb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb" onclick="newWindowOpenerSafe(event, '../openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb')">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
+|Header JSON Reference Does Not Exists<br/><sup><sub>376c9390-7e9e-4cb8-a067-fd31c05451fd</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd" onclick="newWindowOpenerSafe(event, '../openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Header Object With Incorrect Ref<br/><sup><sub>2d6646f4-2946-420f-8c14-3232d49ae0cb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb" onclick="newWindowOpenerSafe(event, '../openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Invalid Content Type For Multiple Files Upload<br/><sup><sub>26f06397-36d8-4ce7-b993-17711261d777</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/26f06397-36d8-4ce7-b993-17711261d777" onclick="newWindowOpenerSafe(event, '../openapi-queries/26f06397-36d8-4ce7-b993-17711261d777')">Query details</a><br><a href="https://swagger.io/docs/specification/describing-request-body/file-upload/">Documentation</a><br/>|
+|Link JSON Reference Does Not Exists<br/><sup><sub>801f0c6a-a834-4467-89c6-ddecffb46b5a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a" onclick="newWindowOpenerSafe(event, '../openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Link Object Incorrect Ref<br/><sup><sub>b9db8a10-020c-49ca-88c6-780e5fdb4328</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328" onclick="newWindowOpenerSafe(event, '../openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328')">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
+|Link Object OperationId Does Not Target Operation Object<br/><sup><sub>c5bb7461-aa57-470b-a714-3bc3d74f4669</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669" onclick="newWindowOpenerSafe(event, '../openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669')">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
+|Link Object With Both 'operationId' And 'operationRef'<br/><sup><sub>60fb6621-9f02-473b-9424-ba9a825747d3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3" onclick="newWindowOpenerSafe(event, '../openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3')">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
+|Object Without Required Property (v3)<br/><sup><sub>d172a060-8569-4412-8045-3560ebd477e8</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d172a060-8569-4412-8045-3560ebd477e8" onclick="newWindowOpenerSafe(event, '../openapi-queries/d172a060-8569-4412-8045-3560ebd477e8')">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
+|Parameter JSON Reference Does Not Exists (v3)<br/><sup><sub>2e275f16-b627-4d3f-ae73-a6153a23ae8f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f" onclick="newWindowOpenerSafe(event, '../openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Parameter Object Content With Multiple Entries<br/><sup><sub>8bfed1c6-2d59-4924-bc7f-9b9d793ed0df</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df" onclick="newWindowOpenerSafe(event, '../openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Object With Incorrect Ref (v3)<br/><sup><sub>d40f27e6-15fb-4b56-90f8-fc0ff0291c51</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51" onclick="newWindowOpenerSafe(event, '../openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Object With Schema And Content<br/><sup><sub>31dd6fc0-f274-493b-9614-e063086c19fc</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc" onclick="newWindowOpenerSafe(event, '../openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Object With Undefined Type<br/><sup><sub>46facedc-f243-4108-ab33-583b807d50b0</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/46facedc-f243-4108-ab33-583b807d50b0" onclick="newWindowOpenerSafe(event, '../openapi-queries/46facedc-f243-4108-ab33-583b807d50b0')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Property 'allowReserved' Improperly Defined<br/><sup><sub>7f203940-39c4-4ea7-91ee-7aba16bca9e2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2" onclick="newWindowOpenerSafe(event, '../openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Request Body JSON Reference Does Not Exists<br/><sup><sub>ca02f4e8-d3ae-4832-b7db-bb037516d9e7</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7" onclick="newWindowOpenerSafe(event, '../openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Request Body Object With Incorrect Media Type<br/><sup><sub>58f06434-a88c-4f74-826c-db7e10cc7def</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def" onclick="newWindowOpenerSafe(event, '../openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Request Body With Incorrect Ref<br/><sup><sub>0f6cd0ab-c366-4595-84fc-fbd8b9901e4d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d" onclick="newWindowOpenerSafe(event, '../openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d')">Query details</a><br><a href="https://swagger.io/specification/#request-body-object">Documentation</a><br/>|
+|Response JSON Reference Does Not Exists (v3)<br/><sup><sub>7a01dfbd-da62-4165-aed7-71349ad42ab4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4" onclick="newWindowOpenerSafe(event, '../openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Response Object With Incorrect Ref (v3)<br/><sup><sub>b3871dd8-9333-4d6c-bd52-67eb898b71ab</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab" onclick="newWindowOpenerSafe(event, '../openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Schema JSON Reference Does Not Exists (v3)<br/><sup><sub>015eac96-6313-43c0-84e5-81b1374fa637</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637" onclick="newWindowOpenerSafe(event, '../openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Schema Object Incorrect Ref (v3)<br/><sup><sub>4cac7ace-b0fb-477d-830d-65395d9109d9</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9" onclick="newWindowOpenerSafe(event, '../openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema With Both ReadOnly And WriteOnly<br/><sup><sub>d2361d58-361c-49f0-9e50-b957fd608b29</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29" onclick="newWindowOpenerSafe(event, '../openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Security Field Undefined<br/><sup><sub>ab1263c2-81df-46f0-9f2c-0b62fdb68419</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419" onclick="newWindowOpenerSafe(event, '../openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Security Operation Field Undefined<br/><sup><sub>20a482d5-c5d9-4a7a-b7a4-60d0805047b4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4" onclick="newWindowOpenerSafe(event, '../openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Security Requirement Object With Wrong Scopes<br/><sup><sub>37140f7f-724a-4c87-a536-e9cee1d61533</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533" onclick="newWindowOpenerSafe(event, '../openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Server Object Variable Not Used<br/><sup><sub>8aee4754-970d-4c5f-8142-a49dfe388b1a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a" onclick="newWindowOpenerSafe(event, '../openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a')">Query details</a><br><a href="https://swagger.io/specification/#server-variable-object">Documentation</a><br/>|
+|Server URL Not Absolute<br/><sup><sub>a0bf7382-5d5a-4224-924c-3db8466026c9</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9" onclick="newWindowOpenerSafe(event, '../openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Server URL Uses Undefined Variables<br/><sup><sub>8d0921d6-4131-461f-a253-99e873f8f77e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e" onclick="newWindowOpenerSafe(event, '../openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Servers Array Undefined<br/><sup><sub>c66ebeaa-676c-40dc-a3ff-3e49395dcd5e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e" onclick="newWindowOpenerSafe(event, '../openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Unknown Property (v3)<br/><sup><sub>fb7d81e7-4150-48c4-b914-92fc05da6a2f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f" onclick="newWindowOpenerSafe(event, '../openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f')">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
 |Global Security Field Has An Empty Array (v2)<br/><sup><sub>da31d54b-ad54-41dc-95eb-8b3828629213</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#security-requirement-object">Documentation</a><br/>|
-|Global Security Field Has An Empty Array (v3)<br/><sup><sub>d674aea4-ba8b-454b-bb97-88a772ea33f0</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Global Security Field Has An Empty Array (v3)<br/><sup><sub>d674aea4-ba8b-454b-bb97-88a772ea33f0</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0" onclick="newWindowOpenerSafe(event, '../openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |Global security field has an empty object (v2)<br/><sup><sub>292919fb-7b26-4454-bee9-ce29094768dd</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#security-requirement-object">Documentation</a><br/>|
-|Global security field has an empty object (v3)<br/><sup><sub>543e38f4-1eee-479e-8eb0-15257013aa0a</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Global security field has an empty object (v3)<br/><sup><sub>543e38f4-1eee-479e-8eb0-15257013aa0a</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a" onclick="newWindowOpenerSafe(event, '../openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |Global Security Field Is Undefined (v2)<br/><sup><sub>74703c89-0ea2-49ab-a7db-bf04f19f5a57</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|Global security field should be defined to prevent API to have insecure paths and have this rules defined on securityDefinitions<br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Global Security Field Is Undefined (v3)<br/><sup><sub>8af270ce-298b-4405-9922-82a10aee7a4f</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Global Security Field Is Undefined (v3)<br/><sup><sub>8af270ce-298b-4405-9922-82a10aee7a4f</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f" onclick="newWindowOpenerSafe(event, '../openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |No Global And Operation Security Defined (v2)<br/><sup><sub>586abcee-9653-462d-ad7b-2638a32bd6e6</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#security-requirement-object">Documentation</a><br/>|
-|No Global And Operation Security Defined (v3)<br/><sup><sub>96729c6b-7400-4d9e-9807-17f00cdde4d2</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|No Global And Operation Security Defined (v3)<br/><sup><sub>96729c6b-7400-4d9e-9807-17f00cdde4d2</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2" onclick="newWindowOpenerSafe(event, '../openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |Security Field On Operations Has An Empty Array (v2)<br/><sup><sub>5d29effc-5d68-481f-9721-d74e5919226b</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Security Field On Operations Has An Empty Array (v3)<br/><sup><sub>663c442d-f918-4f62-b096-0bf5dcbeb655</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Security Field On Operations Has An Empty Array (v3)<br/><sup><sub>663c442d-f918-4f62-b096-0bf5dcbeb655</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655" onclick="newWindowOpenerSafe(event, '../openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Security Field On Operations Has An Empty Object Definition (v2)<br/><sup><sub>74581e3b-1d55-4323-a139-5959a7b3abc5</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Security Field On Operations Has An Empty Object Definition (v3)<br/><sup><sub>baade968-7467-41e4-bf22-83ca222f5800</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/baade968-7467-41e4-bf22-83ca222f5800" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Security Field On Operations Has An Empty Object Definition (v3)<br/><sup><sub>baade968-7467-41e4-bf22-83ca222f5800</sub></sup>|OpenAPI|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/baade968-7467-41e4-bf22-83ca222f5800" onclick="newWindowOpenerSafe(event, '../openapi-queries/baade968-7467-41e4-bf22-83ca222f5800')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Array Without Maximum Number of Items (v2)<br/><sup><sub>99eb2c95-2040-4104-9e7c-e16f7474d218</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|Array schema/parameter should have the field 'maxItems' set<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Array Without Maximum Number of Items (v3)<br/><sup><sub>6998389e-66b2-473d-8d05-c8d71ac4d04d</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Array Without Maximum Number of Items (v3)<br/><sup><sub>6998389e-66b2-473d-8d05-c8d71ac4d04d</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d" onclick="newWindowOpenerSafe(event, '../openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |JSON Object Schema Without Properties (v2)<br/><sup><sub>3d28f751-bc18-4f83-ace0-216b6086410b</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|JSON Object Schema Without Properties (v3)<br/><sup><sub>9d967a2b-9d64-41a6-abea-dfc4960299bd</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|JSON Object Schema Without Properties (v3)<br/><sup><sub>9d967a2b-9d64-41a6-abea-dfc4960299bd</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd" onclick="newWindowOpenerSafe(event, '../openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |JSON Object Schema Without Type (v2)<br/><sup><sub>62d52544-82ef-4b75-8308-cad49d50212b</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|JSON Object Schema Without Type (v3)<br/><sup><sub>e2ffa504-d22a-4c94-b6c5-f661849d2db7</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|JSON Object Schema Without Type (v3)<br/><sup><sub>e2ffa504-d22a-4c94-b6c5-f661849d2db7</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7" onclick="newWindowOpenerSafe(event, '../openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Pattern Undefined (v2)<br/><sup><sub>afde15cf-9444-4126-8c62-41cd79db1d1d</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|String schema/parameter/header should have 'pattern' defined.<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Pattern Undefined (v3)<br/><sup><sub>00b78adf-b83f-419c-8ed8-c6018441dd3a</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Pattern Undefined (v3)<br/><sup><sub>00b78adf-b83f-419c-8ed8-c6018441dd3a</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a" onclick="newWindowOpenerSafe(event, '../openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Object is Empty (v2)<br/><sup><sub>967575e5-eb44-4c24-aadb-7e33608ed30a</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Schema Object is Empty (v3)<br/><sup><sub>500ce696-d501-41dd-86eb-eceb011a386f</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Object is Empty (v3)<br/><sup><sub>500ce696-d501-41dd-86eb-eceb011a386f</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f" onclick="newWindowOpenerSafe(event, '../openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Response on operations that should have a body has undefined schema (v2)<br/><sup><sub>31afbcb7-70e0-48bb-a31a-3374f95cf859</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
-|Response on operations that should have a body has undefined schema (v3)<br/><sup><sub>a92be1d5-d762-484a-86d6-8cd0907ba100</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
+|Response on operations that should have a body has undefined schema (v3)<br/><sup><sub>a92be1d5-d762-484a-86d6-8cd0907ba100</sub></sup>|OpenAPI|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100" onclick="newWindowOpenerSafe(event, '../openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100')">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
 |API Key Exposed In Global Security (v2)<br/><sup><sub>533a0d13-6e89-4551-ae33-bce14e5849c1</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.<br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
-|API Key Exposed In Global Security (v3)<br/><sup><sub>aecee30b-8ea1-4776-a99c-d6d600f0862f</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|API Key Exposed In Global Security (v3)<br/><sup><sub>aecee30b-8ea1-4776-a99c-d6d600f0862f</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f" onclick="newWindowOpenerSafe(event, '../openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
 |API Key Exposed In Operation Security (v2)<br/><sup><sub>392599e4-a4e2-403d-bc56-3fe05755782d</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.<br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
-|API Key Exposed In Operation Security (v3)<br/><sup><sub>281b8071-6226-4a43-911d-fec246d422c2</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/281b8071-6226-4a43-911d-fec246d422c2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|API Key Exposed In Operation Security (v3)<br/><sup><sub>281b8071-6226-4a43-911d-fec246d422c2</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/281b8071-6226-4a43-911d-fec246d422c2" onclick="newWindowOpenerSafe(event, '../openapi-queries/281b8071-6226-4a43-911d-fec246d422c2')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
 |Array Items Has No Type (v2)<br/><sup><sub>8697a1a4-82c6-4603-8ac8-57529756744e</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|Schema/Parameter array items type should be defined<br><a href="https://swagger.io/specification/v2/#format">Documentation</a><br/>|
-|Array Items Has No Type (v3)<br/><sup><sub>be0e0df7-f3d9-42a1-9b6f-d425f94872c4</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/#string">Documentation</a><br/>|
+|Array Items Has No Type (v3)<br/><sup><sub>be0e0df7-f3d9-42a1-9b6f-d425f94872c4</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4" onclick="newWindowOpenerSafe(event, '../openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4')">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/#string">Documentation</a><br/>|
 |Invalid Format (v2)<br/><sup><sub>caf1793e-95dd-4b18-8d90-8f3c0ab5bddf</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
-|Invalid Format (v3)<br/><sup><sub>d929c031-078f-4241-b802-e224656ad890</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/d929c031-078f-4241-b802-e224656ad890" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/">Documentation</a><br/>|
+|Invalid Format (v3)<br/><sup><sub>d929c031-078f-4241-b802-e224656ad890</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/d929c031-078f-4241-b802-e224656ad890" onclick="newWindowOpenerSafe(event, '../openapi-queries/d929c031-078f-4241-b802-e224656ad890')">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/">Documentation</a><br/>|
 |Maximum Length Undefined (v2)<br/><sup><sub>2ec86e48-ab90-4cb6-a131-0502afd1f442</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|String schema/parameter/header should have 'maxLength' defined.<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Maximum Length Undefined (v3)<br/><sup><sub>8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Maximum Length Undefined (v3)<br/><sup><sub>8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85" onclick="newWindowOpenerSafe(event, '../openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Numeric Schema Without Format (v2)<br/><sup><sub>3ed8fc82-c2bb-49e0-811f-c53923674c49</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Numeric Schema Without Format (v3)<br/><sup><sub>fbf699b5-ef74-4542-9cf1-f6eeac379373</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Numeric Schema Without Format (v3)<br/><sup><sub>fbf699b5-ef74-4542-9cf1-f6eeac379373</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373" onclick="newWindowOpenerSafe(event, '../openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Numeric Schema Without Maximum (v2)<br/><sup><sub>203eee11-15b6-4d47-b888-4c7f534967ee</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Numeric Schema Without Maximum (v3)<br/><sup><sub>2ea04bef-c769-409e-9179-ee3a50b5c0ac</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Numeric Schema Without Maximum (v3)<br/><sup><sub>2ea04bef-c769-409e-9179-ee3a50b5c0ac</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac" onclick="newWindowOpenerSafe(event, '../openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Numeric Schema Without Minimum (v2)<br/><sup><sub>efd1dfc8-da91-4909-a3f3-c23abc5ec799</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Numeric Schema Without Minimum (v3)<br/><sup><sub>181bd815-767e-4e95-a24d-bb3c87328e19</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Numeric Schema Without Minimum (v3)<br/><sup><sub>181bd815-767e-4e95-a24d-bb3c87328e19</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19" onclick="newWindowOpenerSafe(event, '../openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |String Schema with Broad Pattern (v2)<br/><sup><sub>e4a019f0-9af3-49c8-bf68-1939a6ff240d</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|String Schema with Broad Pattern (v3)<br/><sup><sub>8c81d6c0-716b-49ec-afa5-2d62da4e3f3c</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|String Schema with Broad Pattern (v3)<br/><sup><sub>8c81d6c0-716b-49ec-afa5-2d62da4e3f3c</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c" onclick="newWindowOpenerSafe(event, '../openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Default Response Undefined On Operations (v2)<br/><sup><sub>5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
-|Default Response Undefined On Operations (v3)<br/><sup><sub>86e3702f-c868-44b2-b61d-ea5316c18110</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Default Response Undefined On Operations (v3)<br/><sup><sub>86e3702f-c868-44b2-b61d-ea5316c18110</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110" onclick="newWindowOpenerSafe(event, '../openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
 |Response Code Missing (v2)<br/><sup><sub>6e96ed39-bf45-4089-99ba-f1fe7cf6966f</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Response Code Missing (v3)<br/><sup><sub>6c35d2c6-09f2-4e5c-a094-e0e91327071d</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Response Code Missing (v3)<br/><sup><sub>6c35d2c6-09f2-4e5c-a094-e0e91327071d</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d" onclick="newWindowOpenerSafe(event, '../openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Response on operations that should not have a body has declared content (v2)<br/><sup><sub>268defd2-2839-4e15-8cbc-de86eb38c231</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|If a response is head or its code is 204 or 304, it shouldn't have a schema defined<br><a href="https://swagger.io/docs/specification/2-0/describing-responses/">Documentation</a><br/>|
-|Response on operations that should not have a body has declared content (v3)<br/><sup><sub>12a7210b-f4b4-47d0-acac-0a819e2a0ca3</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
+|Response on operations that should not have a body has declared content (v3)<br/><sup><sub>12a7210b-f4b4-47d0-acac-0a819e2a0ca3</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3" onclick="newWindowOpenerSafe(event, '../openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3')">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
 |Success Response Code Undefined for Delete Operation (v2)<br/><sup><sub>ad432855-b7fb-4429-92a3-93b5ce34f0b1</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Delete Operation (v3)<br/><sup><sub>3b497874-ae59-46dd-8d72-1868a3b8f150</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Delete Operation (v3)<br/><sup><sub>3b497874-ae59-46dd-8d72-1868a3b8f150</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150" onclick="newWindowOpenerSafe(event, '../openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Get Operation (v2)<br/><sup><sub>9b633f3b-c94b-4fbb-a65b-1a4e9134fb63</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Get Operation (v3)<br/><sup><sub>b2f275be-7d64-4064-b418-be6b431363a7</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Get Operation (v3)<br/><sup><sub>b2f275be-7d64-4064-b418-be6b431363a7</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7" onclick="newWindowOpenerSafe(event, '../openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Head Operation (v2)<br/><sup><sub>4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Head Operation (v3)<br/><sup><sub>3b066059-f411-4554-ac8d-96f32bff90da</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Head Operation (v3)<br/><sup><sub>3b066059-f411-4554-ac8d-96f32bff90da</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da" onclick="newWindowOpenerSafe(event, '../openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Patch Operation (v2)<br/><sup><sub>f36e87cc-a209-4f37-8571-66833e4aead7</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Patch Operation (v3)<br/><sup><sub>1908a8ee-927d-4166-8f18-241152170cc1</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Patch Operation (v3)<br/><sup><sub>1908a8ee-927d-4166-8f18-241152170cc1</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1" onclick="newWindowOpenerSafe(event, '../openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Post Operation (v2)<br/><sup><sub>9fedee41-2e6d-4091-b011-4a16b4c18c70</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Post Operation (v3)<br/><sup><sub>f368dd2d-9344-4146-a05b-7c6faa1269ad</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Post Operation (v3)<br/><sup><sub>f368dd2d-9344-4146-a05b-7c6faa1269ad</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad" onclick="newWindowOpenerSafe(event, '../openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Put Operation (v2)<br/><sup><sub>965a043f-5f3c-4d0a-be72-d9ce12fdb4d6</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Put Operation (v3)<br/><sup><sub>60b5f56b-66ff-4e1c-9b62-5753e16825bc</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Put Operation (v3)<br/><sup><sub>60b5f56b-66ff-4e1c-9b62-5753e16825bc</sub></sup>|OpenAPI|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc" onclick="newWindowOpenerSafe(event, '../openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Example Not Compliant With Schema Type (v2)<br/><sup><sub>448db771-06ea-4dee-b48c-1689cbfb4b43</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#example-object">Documentation</a><br/>|
-|Example Not Compliant With Schema Type (v3)<br/><sup><sub>881a6e71-c2a7-4fe2-b9c3-dfcf08895331</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#example-object">Documentation</a><br/>|
+|Example Not Compliant With Schema Type (v3)<br/><sup><sub>881a6e71-c2a7-4fe2-b9c3-dfcf08895331</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331" onclick="newWindowOpenerSafe(event, '../openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331')">Query details</a><br><a href="https://swagger.io/specification/#example-object">Documentation</a><br/>|
 |Header Parameter Named as 'Accept' (v2)<br/><sup><sub>3ddd74cc-6582-486c-8b0c-2b48cb38e0a3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Header Parameter Named as 'Accept' (v3)<br/><sup><sub>f2702af5-6016-46cb-bbc8-84c766032095</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Parameter Named as 'Accept' (v3)<br/><sup><sub>f2702af5-6016-46cb-bbc8-84c766032095</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095" onclick="newWindowOpenerSafe(event, '../openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Header Parameter Named as 'Authorization' (v2)<br/><sup><sub>e2e00c97-7171-4fb4-b461-d631df9a711c</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Header Parameter Named as 'Authorization' (v3)<br/><sup><sub>8c84f75e-5048-4926-a4cb-33e7b3431300</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Parameter Named as 'Authorization' (v3)<br/><sup><sub>8c84f75e-5048-4926-a4cb-33e7b3431300</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300" onclick="newWindowOpenerSafe(event, '../openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Header Parameter Named as 'Content-Type' (v2)<br/><sup><sub>51978067-3b22-4c29-aaf3-96bf0bc28897</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Header Parameter Named as 'Content-Type' (v3)<br/><sup><sub>72d259ca-9741-48dd-9f62-eb11f2936b37</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Parameter Named as 'Content-Type' (v3)<br/><sup><sub>72d259ca-9741-48dd-9f62-eb11f2936b37</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37" onclick="newWindowOpenerSafe(event, '../openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Header Response Name Is Invalid (v2)<br/><sup><sub>86733e01-a435-4bd5-a8b0-5108be9dc1e4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#response-object">Documentation</a><br/>|
-|Header Response Name Is Invalid (v3)<br/><sup><sub>d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#response-object">Documentation</a><br/>|
+|Header Response Name Is Invalid (v3)<br/><sup><sub>d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd" onclick="newWindowOpenerSafe(event, '../openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd')">Query details</a><br><a href="https://swagger.io/specification/#response-object">Documentation</a><br/>|
 |Invalid Contact Email (v2)<br/><sup><sub>d83bebc8-4e5e-4241-b783-cba9fb5a1c9a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#contactObject">Documentation</a><br/>|
-|Invalid Contact Email (v3)<br/><sup><sub>b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
+|Invalid Contact Email (v3)<br/><sup><sub>b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7" onclick="newWindowOpenerSafe(event, '../openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7')">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
 |Invalid Contact URL (v2)<br/><sup><sub>c7000383-16d0-4509-8cd3-585e5ea2e2f2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#contactObject">Documentation</a><br/>|
-|Invalid Contact URL (v3)<br/><sup><sub>332cf2ad-380d-4b90-b436-46f8e635cf38</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
+|Invalid Contact URL (v3)<br/><sup><sub>332cf2ad-380d-4b90-b436-46f8e635cf38</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38" onclick="newWindowOpenerSafe(event, '../openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38')">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
 |Invalid Global External Documentation URL (v2)<br/><sup><sub>46d3b74d-9fe9-45bf-9e9e-efb7f701ee28</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Global External Documentation URL (v3)<br/><sup><sub>b2d9dbf6-539c-4374-a1fd-210ddf5563a8</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Global External Documentation URL (v3)<br/><sup><sub>b2d9dbf6-539c-4374-a1fd-210ddf5563a8</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8" onclick="newWindowOpenerSafe(event, '../openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |Invalid License URL (v2)<br/><sup><sub>de2b4910-8484-46d6-a055-dc1e793ee3ff</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#licenseObject">Documentation</a><br/>|
-|Invalid License URL (v3)<br/><sup><sub>9239c289-9e4c-4d92-8be1-9d506057c971</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#license-object">Documentation</a><br/>|
+|Invalid License URL (v3)<br/><sup><sub>9239c289-9e4c-4d92-8be1-9d506057c971</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971" onclick="newWindowOpenerSafe(event, '../openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971')">Query details</a><br><a href="https://swagger.io/specification/#license-object">Documentation</a><br/>|
 |Invalid Operation External Documentation URL (v2)<br/><sup><sub>25635c31-ee32-4708-88e5-fced87516f51</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Operation External Documentation URL (v3)<br/><sup><sub>5ea61624-3733-4a3a-8ca4-b96fec9c5aeb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Operation External Documentation URL (v3)<br/><sup><sub>5ea61624-3733-4a3a-8ca4-b96fec9c5aeb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb" onclick="newWindowOpenerSafe(event, '../openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |Invalid Schema External Documentation URL (v2)<br/><sup><sub>f7fa95b7-d819-484c-9a2b-665dd1bba25e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Schema External Documentation URL (v3)<br/><sup><sub>6952a7e0-6e48-4285-bbc1-27c64e60f888</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Schema External Documentation URL (v3)<br/><sup><sub>6952a7e0-6e48-4285-bbc1-27c64e60f888</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888" onclick="newWindowOpenerSafe(event, '../openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |Invalid Tag External Documentation URL (v2)<br/><sup><sub>b4a7d925-738b-4219-99d9-87d6ee262a03</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Tag External Documentation URL (v3)<br/><sup><sub>5aea1d7e-b834-4749-b143-2c7ec3bd5922</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Tag External Documentation URL (v3)<br/><sup><sub>5aea1d7e-b834-4749-b143-2c7ec3bd5922</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922" onclick="newWindowOpenerSafe(event, '../openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |JSON '$ref' alongside other properties (v2)<br/><sup><sub>f34c1c68-4773-4df0-a103-6e2ca32e585f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#referenceObject">Documentation</a><br/>|
-|JSON '$ref' alongside other properties (v3)<br/><sup><sub>96beb800-566f-49a9-a0ea-dbdf4bc80429</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
+|JSON '$ref' alongside other properties (v3)<br/><sup><sub>96beb800-566f-49a9-a0ea-dbdf4bc80429</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429" onclick="newWindowOpenerSafe(event, '../openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429')">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
 |Object Using Enum With Keyword (v2)<br/><sup><sub>7f15962a-d862-451c-ac9b-84ec13747aa6</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|Schema/Parameter/Header Object properties should not contain 'enum' and schema keywords<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Object Using Enum With Keyword (v3)<br/><sup><sub>2e9b6612-8f69-42e0-a5b8-ed17739c2f3a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Object Using Enum With Keyword (v3)<br/><sup><sub>2e9b6612-8f69-42e0-a5b8-ed17739c2f3a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a" onclick="newWindowOpenerSafe(event, '../openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Operation Without Successful HTTP Status Code (v2)<br/><sup><sub>a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
-|Operation Without Successful HTTP Status Code (v3)<br/><sup><sub>48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Operation Without Successful HTTP Status Code (v3)<br/><sup><sub>48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd" onclick="newWindowOpenerSafe(event, '../openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Path Without Operation (v2)<br/><sup><sub>609cd557-66b4-41fa-8edd-2abc6c7cfd08</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#pathItemObject">Documentation</a><br/>|
-|Path Without Operation (v3)<br/><sup><sub>84c826c9-1893-4b34-8cdd-db97645b4bf3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
+|Path Without Operation (v3)<br/><sup><sub>84c826c9-1893-4b34-8cdd-db97645b4bf3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3" onclick="newWindowOpenerSafe(event, '../openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3')">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
 |Required Property With Default Value (v2)<br/><sup><sub>f7ab6c83-ef89-40e1-8a99-32e2599fb665</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Required Property With Default Value (v3)<br/><sup><sub>013bdb4b-9246-4248-b0c3-7fb0fee42a29</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Required Property With Default Value (v3)<br/><sup><sub>013bdb4b-9246-4248-b0c3-7fb0fee42a29</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29" onclick="newWindowOpenerSafe(event, '../openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Default Invalid (v2)<br/><sup><sub>78dfd8f0-a6ee-48ec-af8c-e4d9b3292a07</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|The field 'default' of Schema/Parameter/Header Object should be consistent with the schema's/parameter's/header's type<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Default Invalid (v3)<br/><sup><sub>a96bbc06-8cde-4295-ad3c-ee343a7f658e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Default Invalid (v3)<br/><sup><sub>a96bbc06-8cde-4295-ad3c-ee343a7f658e</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e" onclick="newWindowOpenerSafe(event, '../openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Items Undefined (v2)<br/><sup><sub>3e4d34d2-36cf-4449-976d-6c256db8fc49</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Items Undefined (v3)<br/><sup><sub>a8e859da-4a43-4e7f-94b8-25d6e3bf8e90</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Items Undefined (v3)<br/><sup><sub>a8e859da-4a43-4e7f-94b8-25d6e3bf8e90</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90" onclick="newWindowOpenerSafe(event, '../openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Non-Array Schema With Items (v2)<br/><sup><sub>9d47956b-29cd-43b1-9e6e-b39a4d484353</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Non-Array Schema With Items (v3)<br/><sup><sub>20cb3159-b219-496b-8dac-54ae3ab2021a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Non-Array Schema With Items (v3)<br/><sup><sub>20cb3159-b219-496b-8dac-54ae3ab2021a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a" onclick="newWindowOpenerSafe(event, '../openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |OperationId Not Unique (v2)<br/><sup><sub>21245007-91c4-40e5-964e-40c85d1e5aa6</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
-|OperationId Not Unique (v3)<br/><sup><sub>c254adc4-ef25-46e1-8270-b7944adb4198</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|OperationId Not Unique (v3)<br/><sup><sub>c254adc4-ef25-46e1-8270-b7944adb4198</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198" onclick="newWindowOpenerSafe(event, '../openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Parameter Objects Headers With Duplicated Name (v2)<br/><sup><sub>bd2cbef5-62c4-40f1-af07-4b7f9ced6616</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter Objects Headers With Duplicated Name (v3)<br/><sup><sub>05505192-ba2c-4a81-9b25-dcdbcc973746</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Objects Headers With Duplicated Name (v3)<br/><sup><sub>05505192-ba2c-4a81-9b25-dcdbcc973746</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746" onclick="newWindowOpenerSafe(event, '../openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Parameters Name In Combination Not Unique (v2)<br/><sup><sub>ab871897-ec02-4835-9818-702536ee1dda</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameters Name In Combination Not Unique (v3)<br/><sup><sub>f5b2e6af-76f5-496d-8482-8f898c5fdb4a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameters-object">Documentation</a><br/>|
+|Parameters Name In Combination Not Unique (v3)<br/><sup><sub>f5b2e6af-76f5-496d-8482-8f898c5fdb4a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a" onclick="newWindowOpenerSafe(event, '../openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a')">Query details</a><br><a href="https://swagger.io/specification/#parameters-object">Documentation</a><br/>|
 |Path Is Ambiguous (v2)<br/><sup><sub>b2468463-3ac4-4930-890c-f35b2bf4485d</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathItemObject">Documentation</a><br/>|
-|Path Is Ambiguous (v3)<br/><sup><sub>237402e2-c2f0-46c9-9cf5-286160cf7bfc</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
+|Path Is Ambiguous (v3)<br/><sup><sub>237402e2-c2f0-46c9-9cf5-286160cf7bfc</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc" onclick="newWindowOpenerSafe(event, '../openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc')">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
 |Path Parameter Not Required (v2)<br/><sup><sub>ccd0613f-cb77-4684-a892-183bd2674d12</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Path Parameter Not Required (v3)<br/><sup><sub>0de50145-e845-47f4-9a15-23bcf2125710</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Path Parameter Not Required (v3)<br/><sup><sub>0de50145-e845-47f4-9a15-23bcf2125710</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710" onclick="newWindowOpenerSafe(event, '../openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Path Parameter With No Corresponding Template Path (v2)<br/><sup><sub>194ef1f8-360e-4c14-8ed2-e83e2bafa142</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathTemplating">Documentation</a><br/>|
-|Path Parameter With No Corresponding Template Path (v3)<br/><sup><sub>69d7aefd-149d-47b8-8d89-1c2181a8067b</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b" target="_blank">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
+|Path Parameter With No Corresponding Template Path (v3)<br/><sup><sub>69d7aefd-149d-47b8-8d89-1c2181a8067b</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b" onclick="newWindowOpenerSafe(event, '../openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b')">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
 |Path Template is Empty (v2)<br/><sup><sub>c201b7ad-6173-4598-a407-5edb04a1bcd7</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathsObject">Documentation</a><br/>|
-|Path Template is Empty (v3)<br/><sup><sub>ae13a37d-943b-47a7-a970-83c8598bcca3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
+|Path Template is Empty (v3)<br/><sup><sub>ae13a37d-943b-47a7-a970-83c8598bcca3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3" onclick="newWindowOpenerSafe(event, '../openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3')">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
 |Paths Object is Empty (v2)<br/><sup><sub>3e6c7b1c-8a8d-43ab-98b9-65159f44db4a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathsObject">Documentation</a><br/>|
-|Paths Object is Empty (v3)<br/><sup><sub>815021c8-a50c-46d9-b192-24f71072c400</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/815021c8-a50c-46d9-b192-24f71072c400" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
+|Paths Object is Empty (v3)<br/><sup><sub>815021c8-a50c-46d9-b192-24f71072c400</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/815021c8-a50c-46d9-b192-24f71072c400" onclick="newWindowOpenerSafe(event, '../openapi-queries/815021c8-a50c-46d9-b192-24f71072c400')">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
 |Properties Missing Required Property (v2)<br/><sup><sub>71beb6ab-8b70-4816-a9ac-a0ff1fb22a62</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Properties Missing Required Property (v3)<br/><sup><sub>3fb03214-25d4-4bd4-867c-c2d8d708a483</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Properties Missing Required Property (v3)<br/><sup><sub>3fb03214-25d4-4bd4-867c-c2d8d708a483</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483" onclick="newWindowOpenerSafe(event, '../openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Property 'allowEmptyValue' Improperly Defined (v2)<br/><sup><sub>0bc1477d-0922-478b-ae16-674a7634a1a8</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Property 'allowEmptyValue' Improperly Defined (v3)<br/><sup><sub>4bcbcd52-3028-469f-bc14-02c7dbba2df2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Property 'allowEmptyValue' Improperly Defined (v3)<br/><sup><sub>4bcbcd52-3028-469f-bc14-02c7dbba2df2</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2" onclick="newWindowOpenerSafe(event, '../openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Property Defining Minimum Greater Than Maximum (v2)<br/><sup><sub>b5102ea9-6527-4bb7-94fc-9b4076150e55</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Property Defining Minimum Greater Than Maximum (v3)<br/><sup><sub>ab2af219-cd08-4233-b5a1-a788aac88b51</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Property Defining Minimum Greater Than Maximum (v3)<br/><sup><sub>ab2af219-cd08-4233-b5a1-a788aac88b51</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51" onclick="newWindowOpenerSafe(event, '../openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Responses Object Is Empty (v2)<br/><sup><sub>6172e7ab-d2b7-45f8-a7db-1603931d8ba3</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#responsesObject">Documentation</a><br/>|
-|Responses Object Is Empty (v3)<br/><sup><sub>990eaf09-d6f1-4c3c-b174-a517b1de8917</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Responses Object Is Empty (v3)<br/><sup><sub>990eaf09-d6f1-4c3c-b174-a517b1de8917</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917" onclick="newWindowOpenerSafe(event, '../openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
 |Responses With Wrong HTTP Status Code (v2)<br/><sup><sub>069a5378-2091-43f0-aa3b-ee8f20996e99</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Responses With Wrong HTTP Status Code (v3)<br/><sup><sub>d86655c0-92f6-4ffc-b4d5-5b5775804c27</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Responses With Wrong HTTP Status Code (v3)<br/><sup><sub>d86655c0-92f6-4ffc-b4d5-5b5775804c27</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27" onclick="newWindowOpenerSafe(event, '../openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
 |Schema Discriminator Mismatch Defined Properties (v2)<br/><sup><sub>addc0eab-27f6-4c26-8526-d2ccd3732662</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Discriminator Mismatch Defined Properties (v3)<br/><sup><sub>40d3df21-c170-4dbe-9c02-4289b51f994f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Discriminator Mismatch Defined Properties (v3)<br/><sup><sub>40d3df21-c170-4dbe-9c02-4289b51f994f</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f" onclick="newWindowOpenerSafe(event, '../openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Discriminator Not Required (v2)<br/><sup><sub>be6a3722-af60-438c-b1b9-2a03e2958ab7</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Discriminator Not Required (v3)<br/><sup><sub>b481d46c-9c61-480f-86d9-af07146dc4a4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Discriminator Not Required (v3)<br/><sup><sub>b481d46c-9c61-480f-86d9-af07146dc4a4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4" onclick="newWindowOpenerSafe(event, '../openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Discriminator Property Not String (v2)<br/><sup><sub>949376f1-f560-4c6d-a016-63424ca931bb</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Discriminator Property Not String (v3)<br/><sup><sub>dadc2f36-1f5a-46c0-8289-75e626583123</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#discriminator-object">Documentation</a><br/>|
+|Schema Discriminator Property Not String (v3)<br/><sup><sub>dadc2f36-1f5a-46c0-8289-75e626583123</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123" onclick="newWindowOpenerSafe(event, '../openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123')">Query details</a><br><a href="https://swagger.io/specification/#discriminator-object">Documentation</a><br/>|
 |Schema Enum Invalid (v2)<br/><sup><sub>8fe6d18a-ad4c-4397-8884-e3a9da57f4c9</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Enum Invalid (v3)<br/><sup><sub>03856cb2-e46c-4daf-bfbf-214ec93c882b</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Enum Invalid (v3)<br/><sup><sub>03856cb2-e46c-4daf-bfbf-214ec93c882b</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b" onclick="newWindowOpenerSafe(event, '../openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Has A Required Property Undefined (v2)<br/><sup><sub>811762c8-2e99-4f70-88f9-a63875a953b1</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Schema Has A Required Property Undefined (v3)<br/><sup><sub>2bd608ae-8a1f-457f-b710-c237883cb313</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Has A Required Property Undefined (v3)<br/><sup><sub>2bd608ae-8a1f-457f-b710-c237883cb313</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313" onclick="newWindowOpenerSafe(event, '../openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Object Properties With Duplicated Keys (v2)<br/><sup><sub>ded017bf-fb13-4f8d-868b-84aebcc572ad</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Schema Object Properties With Duplicated Keys (v3)<br/><sup><sub>10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Object Properties With Duplicated Keys (v3)<br/><sup><sub>10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa" onclick="newWindowOpenerSafe(event, '../openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Object With Circular Ref (v2)<br/><sup><sub>cbff2508-85c9-4448-a8b3-770070edf5ca</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
-|Schema Object With Circular Ref (v3)<br/><sup><sub>1a1aea94-745b-40a7-b860-0702ea6ee636</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Object With Circular Ref (v3)<br/><sup><sub>1a1aea94-745b-40a7-b860-0702ea6ee636</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636" onclick="newWindowOpenerSafe(event, '../openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Template Path With No Corresponding Path Parameter (v2)<br/><sup><sub>e7656d8d-7288-4bbe-b07b-22b389be75ce</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/2.0.md#path-templating">Documentation</a><br/>|
-|Template Path With No Corresponding Path Parameter (v3)<br/><sup><sub>561710b1-b845-4562-95ce-2397a05ccef4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4" target="_blank">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
+|Template Path With No Corresponding Path Parameter (v3)<br/><sup><sub>561710b1-b845-4562-95ce-2397a05ccef4</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4" onclick="newWindowOpenerSafe(event, '../openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4')">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
 |Type Has Invalid Keyword (v2)<br/><sup><sub>492c6cbb-f3f8-4807-aa4f-42b8b1c46b59</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|Schema/Parameter/Header Object define type should not use a keyword of another type<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Type Has Invalid Keyword (v3)<br/><sup><sub>a9228976-10cf-4b5f-b902-9e962aad037a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>bccb296f-362c-4b05-9221-86d1437a1016</sub></sup>|Pulumi|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dms/replicationinstance/">Documentation</a><br/>|
-|DynamoDB Table Not Encrypted<br/><sup><sub>b6a7e0ae-aed8-4a19-a993-a95760bf8836</sub></sup>|Pulumi|<span style="color:#bb2124">High</span>|Encryption|<a href="../pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#serversideencryption_yaml">Documentation</a><br/>|
-|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>9b18fc19-7fb8-49b1-8452-9c757c70f926</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Availability|<a href="../pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#azmode_yaml">Documentation</a><br/>|
-|ElastiCache Redis Cluster Without Backup<br/><sup><sub>e93bbe63-a631-4c0f-b6ef-700d48441ff2</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Backup|<a href="../pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#snapshotretentionlimit_yaml">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>f27791a5-e2ae-4905-8910-6f995c576d09</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#clientcertificateid_yaml">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>647de8aa-5a42-41b5-9faf-22136f117380</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/rds/instance/#publiclyaccessible_yaml">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>00603add-7f72-448f-a6c0-9e456a7a3f94</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#enforcehttps_yaml">Documentation</a><br/>|
-|API Gateway Access Logging Disabled<br/><sup><sub>bf4b48b9-fc1f-4552-984a-4becdb5bf503</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#accesslogsettings_yaml">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>2ca87964-fe7e-4cdc-899c-427f0f3525f8</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/docdb/cluster/#enabledcloudwatchlogsexports_yaml">Documentation</a><br/>|
-|EC2 Instance Monitoring Disabled<br/><sup><sub>daa581ef-731c-4121-832d-cf078f67759d</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#monitoring_yaml">Documentation</a><br/>|
-|Elasticsearch Logs Disabled<br/><sup><sub>a1120ee4-a712-42d9-8fb5-22595fed643b</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#logpublishingoptions_yaml">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>9850d621-7485-44f7-8bdd-b3cf426315cf</sub></sup>|Pulumi|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/iam/accountpasswordpolicy/#minimumpasswordlength_yaml">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>abcefee4-a0c1-4245-9f82-a473f79a9e2f</sub></sup>|Pulumi|<span style="color:#edd57e">Low</span>|Observability|<a href="../pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ecs/cluster/#settings_yaml">Documentation</a><br/>|
-|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>327b0729-4c5c-4c44-8b5c-e476cd9c7290</sub></sup>|Pulumi|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#pointintimerecovery_yaml">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>d991e4ae-42ab-429b-ab43-d5e5fa9ca633</sub></sup>|Pulumi|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#ebsoptimized_yaml">Documentation</a><br/>|
-|Storage Account Not Forcing HTTPS<br/><sup><sub>cb8e4bf0-903d-45c6-a278-9a947d82a27b</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/storage/storageaccount/#enablehttpstrafficonly_yaml">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>49e30ac8-f58e-4222-b488-3dcb90158ec1</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/cache/redis/#enablenonsslport_yaml">Documentation</a><br/>|
-|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>965e8830-2bec-4b9b-a7f0-24dbc200a68f</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/compute/sslpolicy/#mintlsversion_yaml">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>48f7e44d-d1d1-44c2-b336-9f11b65c4fb0</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/storage/bucket/#logging_yaml">Documentation</a><br/>|
-|PSP Set To Privileged<br/><sup><sub>ee305555-6b1d-4055-94cf-e22131143c34</sub></sup>|Pulumi|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/policy/v1beta1/podsecuritypolicy/#privileged_yaml">Documentation</a><br/>|
-|Missing App Armor Config<br/><sup><sub>95588189-1abd-4df1-9588-b0a5034f9e87</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/core/v1/pod/#objectmeta">Documentation</a><br/>|
-|Serverless Role With Full Privileges<br/><sup><sub>59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd</sub></sup>|ServerlessFW|<span style="color:#bb2124">High</span>|Access Control|<a href="../serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/iam">Documentation</a><br/>|
-|Serverless Function Without Unique IAM Role<br/><sup><sub>165aae3b-a56a-48f3-b76d-d2b5083f5b8f</sub></sup>|ServerlessFW|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#functions">Documentation</a><br/>|
-|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>4495bc5d-4d1e-4a26-ae92-152d18195648</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#kms-keys">Documentation</a><br/>|
-|Serverless API Endpoint Config Not Private<br/><sup><sub>4d424558-c6d1-453c-be98-9a7f877abd9a</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#configuring-endpoint-types">Documentation</a><br/>|
-|Serverless API Access Logging Setting Undefined<br/><sup><sub>a4d32883-aac7-42e1-b403-9415af0f3846</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#logs">Documentation</a><br/>|
-|Serverless API X-Ray Tracing Disabled<br/><sup><sub>434945e5-4dfd-41b1-aba1-47075ccd9265</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#aws-x-ray-tracing">Documentation</a><br/>|
-|Serverless API Without Content Encoding<br/><sup><sub>d5d1fe08-89db-440c-8725-b93223387309</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Encryption|<a href="../serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#compression">Documentation</a><br/>|
-|Serverless Function Without Dead Letter Queue<br/><sup><sub>dec7bc85-d156-4f64-9a33-96ed3d9f3fed</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#dead-letter-queue-dlq">Documentation</a><br/>|
-|Serverless Function Without Tags<br/><sup><sub>f99d3482-fa8c-4f79-bad9-35212dded164</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#tags">Documentation</a><br/>|
-|Serverless Function Without X-Ray Tracing<br/><sup><sub>0d7ef70f-e176-44e6-bdba-add3e429788d</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Observability|<a href="../serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#aws-x-ray-tracing">Documentation</a><br/>|
-|OSS Bucket Allows All Actions From All Principals<br/><sup><sub>ec62a32c-a297-41ca-a850-cab40b42094a</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|OSS Bucket Allows Delete Action From All Principals<br/><sup><sub>8c0695d8-2378-4cd6-8243-7fd5894fa574</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|OSS Bucket Allows Put Action From All Principals<br/><sup><sub>fe286195-e75c-4359-bd58-00847c4f855a</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>faaefc15-51a5-419e-bb5e-51a4b5ab3485</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#address">Documentation</a><br/>|
-|OSS Bucket Allows List Action From All Principals<br/><sup><sub>88541597-6f88-42c8-bac6-7e0b855e8ff6</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|OSS Bucket Public Access Enabled<br/><sup><sub>62232513-b16f-4010-83d7-51d0e1d45426</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#acl">Documentation</a><br/>|
-|Ecs Data Disk Kms Key Id Undefined<br/><sup><sub>f262118c-1ac6-4bb3-8495-cc48f1775b85</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#kms_key_id">Documentation</a><br/>|
-|Launch Template Is Not Encrypted<br/><sup><sub>1455cb21-1d48-46d6-8ae3-cef911b71fd5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/launch_template#encrypted">Documentation</a><br/>|
-|NAS File System Not Encrypted<br/><sup><sub>67bfdff1-31ce-4525-b564-e94368735360</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#encrypt_type">Documentation</a><br/>|
-|NAS File System Without KMS<br/><sup><sub>5f670f9d-b1b4-4c90-8618-2288f1ab9676</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#kms_key_id">Documentation</a><br/>|
-|RDS Instance TDE Status Disabled<br/><sup><sub>44d434ca-a9bf-4203-8828-4c81a8d5a598</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#tde_status">Documentation</a><br/>|
-|OSS Bucket Has Static Website<br/><sup><sub>2b13c6ff-b87a-484d-86fd-21ef6e97d426</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#website">Documentation</a><br/>|
-|OSS Bucket Ip Restriction Disabled<br/><sup><sub>6107c530-7178-464a-88bc-df9cdd364ac8</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|Public Security Group Rule All Ports or Protocols<br/><sup><sub>60587dbd-6b67-432e-90f7-a8cf1892d968</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
-|Public Security Group Rule Sensitive Port<br/><sup><sub>2ae9d554-23fb-4065-bfd1-fe43d5f7c419</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
-|Public Security Group Rule Unknown Port<br/><sup><sub>dd706080-b7a8-47dc-81fb-3e8184430ec0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
-|ActionTrail Trail OSS Bucket is Publicly Accessible<br/><sup><sub>69b5d7da-a5db-4db9-a42e-90b65d0efb0b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail">Documentation</a><br/>|
-|Ram Policy Admin Access Not Attached to Users Groups Roles<br/><sup><sub>e8e62026-da63-4904-b402-65adfe3ca975</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_policy">Documentation</a><br/>|
-|Ram Policy Attached to User<br/><sup><sub>66505003-7aba-45a1-8d83-5162d5706ef5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_user_policy_attachment">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>ed6e3ba0-278f-47b6-a1f5-173576b40b7e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
-|OSS Bucket Versioning Disabled<br/><sup><sub>70919c0b-2548-4e6b-8d7a-3d84ab6dabba</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#versioning">Documentation</a><br/>|
-|ROS Stack Retention Disabled<br/><sup><sub>4bb06fa1-2114-4a00-b7b5-6aeab8b896f0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack_instance#retain_stacks">Documentation</a><br/>|
-|ROS Stack Without Template<br/><sup><sub>92d65c51-5d82-4507-a2a1-d252e9706855</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>39750e32-3fe9-453b-8c33-dd277acdb2cc</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#encrypted">Documentation</a><br/>|
-|OSS Bucket Encryption Using CMK Disabled<br/><sup><sub>f20e97f9-4919-43f1-9be9-f203cd339cdd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#server_side_encryption_rule">Documentation</a><br/>|
-|SLB Policy With Insecure TLS Version In Use<br/><sup><sub>dbfc834a-56e5-4750-b5da-73fda8e73f70</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/slb_tls_cipher_policy">Documentation</a><br/>|
-|CS Kubernetes Node Pool Auto Repair Disabled<br/><sup><sub>81ce9394-013d-4731-8fcc-9d229b474073</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes_node_pool#auto_repair">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>1b4565c0-4877-49ac-ab03-adebbccd42ae</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#security_ips">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>ee3b1557-9fb5-4685-a95d-93f1edf2a0d7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/alb_listener">Documentation</a><br/>|
-|API Gateway API Protocol Not HTTPS<br/><sup><sub>1bcdf9f0-b1aa-40a4-b8c6-cd7785836843</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/api_gateway_api#protocol">Documentation</a><br/>|
-|OSS Buckets Secure Transport Disabled<br/><sup><sub>c01d10de-c468-4790-b3a0-fc887a56f289</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|RDS Instance SSL Action Disabled<br/><sup><sub>7a1ee8a9-71be-4b11-bb70-efb62d16863b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#ssl_action">Documentation</a><br/>|
-|Action Trail Logging For All Regions Disabled<br/><sup><sub>c065b98e-1515-4991-9dca-b602bd6a2fbb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail#trail_region">Documentation</a><br/>|
-|OSS Bucket Logging Disabled<br/><sup><sub>05db341e-de7d-4972-a106-3e2bd5ee53e1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#logging">Documentation</a><br/>|
-|RDS Instance Events Not Logged<br/><sup><sub>b9c524a4-fe76-4021-a6a2-cb978fb4fde1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_audit">Documentation</a><br/>|
-|RDS Instance Log Connections Disabled<br/><sup><sub>140869ea-25f2-40d4-a595-0c0da135114e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
-|RDS Instance Log Disconnections Disabled<br/><sup><sub>d53f4123-f8d8-4224-8cb3-f920b151cc98</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
-|RDS Instance Log Duration Disabled<br/><sup><sub>a597e05a-c065-44e7-9cc8-742f572a504a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
-|VPC Flow Logs Disabled<br/><sup><sub>d2731f3d-a992-44ed-812e-f4f1c2747d71</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc_flow_log">Documentation</a><br/>|
-|No ROS Stack Policy<br/><sup><sub>72ceb736-0aee-43ea-a191-3a69ab135681</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
-|High KMS Key Rotation Period<br/><sup><sub>cb319d87-b90f-485e-a7e7-f2408380f309</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key">Documentation</a><br/>|
-|Ram Account Password Policy Max Login Attempts Unrecommended<br/><sup><sub>e76fd7ab-7333-40c6-a2d8-ea28af4a319e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_login_attempts">Documentation</a><br/>|
-|Ram Account Password Policy Max Password Age Unrecommended<br/><sup><sub>2bb13841-7575-439e-8e0a-cccd9ede2fa8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_password_age">Documentation</a><br/>|
-|RAM Account Password Policy without Reuse Prevention<br/><sup><sub>a8128dd2-89b0-464b-98e9-5d629041dfe0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
-|RAM Security Preference Not Enforce MFA Login<br/><sup><sub>dcda2d32-e482-43ee-a926-75eaabeaa4e0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_security_preference#enforce_mfa_for_login">Documentation</a><br/>|
-|OSS Bucket Transfer Acceleration Disabled<br/><sup><sub>8f98334a-99aa-4d85-b72a-1399ca010413</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#transfer_acceleration">Documentation</a><br/>|
-|OSS Bucket Lifecycle Rule Disabled<br/><sup><sub>7db8bd7e-9772-478c-9ec5-4bc202c5686f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#lifecycle_rule">Documentation</a><br/>|
-|Kubernetes Cluster Without Terway as CNI Network Plugin<br/><sup><sub>b9b7ada8-3868-4a35-854e-6100a2bb863d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes#cluster_network_type">Documentation</a><br/>|
-|Log Retention Is Not Greater Than 90 Days<br/><sup><sub>ed6cf6ff-9a1f-491c-9f88-e03c0807f390</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_store#retention_period">Documentation</a><br/>|
-|RDS Instance Retention Period Not Recommended<br/><sup><sub>dc158941-28ce-481d-a7fa-dc80761edf46</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#sql_collector_config_value">Documentation</a><br/>|
-|ROS Stack Notifications Disabled<br/><sup><sub>9ef08939-ea40-489c-8851-667870b2ef50</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack#notification_urls">Documentation</a><br/>|
-|Ram Account Password Policy Not Require At Least one Lowercase Character<br/><sup><sub>89143358-cec6-49f5-9392-920c591c669c</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_lowercase_characters">Documentation</a><br/>|
-|RAM Account Password Policy Not Require at Least one Uppercase Character<br/><sup><sub>5e0fb613-ba9b-44c3-88f0-b44188466bfd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_uppercase_characters">Documentation</a><br/>|
-|Ram Account Password Policy Not Required Minimum Length<br/><sup><sub>a9dfec39-a740-4105-bbd6-721ba163c053</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#minimum_password_length">Documentation</a><br/>|
-|Ram Account Password Policy Not Required Numbers<br/><sup><sub>063234c0-91c0-4ab5-bbd0-47ddb5f23786</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_numbers">Documentation</a><br/>|
-|RAM Account Password Policy Not Required Symbols<br/><sup><sub>41a38329-d81b-4be4-aef4-55b2615d3282</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_symbols">Documentation</a><br/>|
-|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>030d3b18-1821-45b4-9e08-50efbe7becbb</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dms_replication_instance">Documentation</a><br/>|
-|ECR Repository Is Publicly Accessible<br/><sup><sub>e86e26fc-489e-44f0-9bcd-97305e4ba69a</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
-|S3 Bucket Access to Any Principal<br/><sup><sub>7af43613-6bb9-4a0e-8c4d-1314b799425e</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>38c5ee0d-7f22-4260-ab72-5073048df100</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
-|S3 Bucket ACL Grants WRITE_ACP Permission<br/><sup><sub>64a222aa-7793-4e40-915f-4b302c76e4d4</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl">Documentation</a><br/>|
-|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>ffdf4b37-7703-4dfe-a682-9d2e99bc6c09</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>d24c0755-c028-44b1-b503-8e719c898832</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket With All Permissions<br/><sup><sub>a4966c4f-9141-48b8-a564-ffe9959945bc</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
-|SNS Topic is Publicly Accessible<br/><sup><sub>b26d2b7e-60f6-413d-a3a1-a57db24aa2b3</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>35113e6f-2c6b-414d-beec-7a9482d3b2d1</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
-|DB Security Group With Public Scope<br/><sup><sub>1e0ef61b-ad85-4518-a3d3-85eaad164885</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
-|RDS Associated with Public Subnet<br/><sup><sub>2f737336-b18a-4602-8ea0-b200312e1ac1</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#db_subnet_group_name">Documentation</a><br/>|
-|CloudWatch Unauthorized Access Alarm Missing<br/><sup><sub>4c18a45b-4ab1-4790-9f83-399ac695f1e5</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Observability|<a href="../terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>09c35abf-5852-4622-ac7a-b987b331232e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role#assume_role_policy">Documentation</a><br/>|
-|ECS Service Admin Role Is Present<br/><sup><sub>3206240f-2e87-4e58-8d24-3e19e7c83d7c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
-|IAM Policy Grants Full Permissions<br/><sup><sub>575a2155-6af1-4026-b1af-d5bc8fe2a904</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
-|IAM Role With Full Privileges<br/><sup><sub>b1ffa705-19a3-4b73-b9d0-0c97d0663842</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
-|Lambda With Vulnerable Policy<br/><sup><sub>ad9dabc7-7839-4bae-a957-aa9120013f39</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission#action">Documentation</a><br/>|
-|MSK Broker Is Publicly Accessible<br/><sup><sub>54378d69-dd7c-4b08-a43e-80d563396857</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#public_access">Documentation</a><br/>|
-|Neptune Cluster Instance is Publicly Accessible<br/><sup><sub>9ba198e0-fef4-464a-8a4d-75ea55300de7</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster_instance#publicly_accessible">Documentation</a><br/>|
-|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>c91d7ea0-d4d1-403b-8fe1-c9961ac082c5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>57b9893d-33b1-4419-bcea-a717ea87e139</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl">Documentation</a><br/>|
-|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>1df37f4b-7197-45ce-83f8-9994d2fcf885</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket Allows List Action From All Principals<br/><sup><sub>66c6f96f-2d9e-417e-a998-9058aeeecd44</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket Allows Public Policy<br/><sup><sub>1a4bc881-9f69-4d44-8c9a-d37d08f54c50</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|S3 Bucket Public ACL Overridden By Public Access Block<br/><sup><sub>bf878b1a-7418-4de3-b13c-3a86cf894920</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block#bucket">Documentation</a><br/>|
-|Secrets Manager With Vulnerable Policy<br/><sup><sub>fa00ce45-386d-4718-8392-fb485e1f3c5b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_policy#policy">Documentation</a><br/>|
-|SES Policy With Allowed IAM Actions<br/><sup><sub>34b921bd-90a0-402e-a0a5-dc73371fd963</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ses_identity_policy#policy">Documentation</a><br/>|
-|SQS Policy Allows All Actions<br/><sup><sub>816ea8cf-d589-442d-a917-2dd0ce0e45e3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
-|SQS Queue Exposed<br/><sup><sub>abb06e5f-ef9a-4a99-98c6-376d396bfcdf</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#policy">Documentation</a><br/>|
-|AmazonMQ Broker Encryption Disabled<br/><sup><sub>3db3f534-e3a3-487f-88c7-0a9fbf64b702</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
-|API Gateway Method Settings Cache Not Encrypted<br/><sup><sub>b7c9a40c-23e4-4a2d-8d39-a3352f10f288</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#cache_data_encrypted">Documentation</a><br/>|
-|Athena Database Not Encrypted<br/><sup><sub>b2315cae-b110-4426-81e0-80bb8640cdd3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_database#encryption_configuration">Documentation</a><br/>|
-|Athena Workgroup Not Encrypted<br/><sup><sub>d364984a-a222-4b5f-a8b0-e23ab19ebff3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup#encryption_configuration">Documentation</a><br/>|
-|Aurora With Disabled at Rest Encryption<br/><sup><sub>1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
-|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>abdb29d4-5ca1-4e91-800b-b3569bbd788c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule">Documentation</a><br/>|
-|DAX Cluster Not Encrypted<br/><sup><sub>f11aec39-858f-4b6f-b946-0a1bf46c0c87</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dax_cluster#enabled">Documentation</a><br/>|
-|DB Instance Storage Not Encrypted<br/><sup><sub>08bd0760-8752-44e1-9779-7bb369b2b4e4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#storage_encrypted">Documentation</a><br/>|
-|DOCDB Cluster Not Encrypted<br/><sup><sub>bc1f9009-84a0-490f-ae09-3e0ea6d74ad6</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#storage_encrypted">Documentation</a><br/>|
-|DOCDB Cluster Without KMS<br/><sup><sub>4766d3ea-241c-4ee6-93ff-c380c996bd1a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
-|DynamoDB Table Not Encrypted<br/><sup><sub>ce089fd4-1406-47bd-8aad-c259772bb294</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#server_side_encryption">Documentation</a><br/>|
-|EBS Default Encryption Disabled<br/><sup><sub>3d3f6270-546b-443c-adb4-bb6fb2187ca6</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_encryption_by_default">Documentation</a><br/>|
-|EBS Volume Encryption Disabled<br/><sup><sub>cc997676-481b-4e93-aa81-d19f8c5e9b12</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted">Documentation</a><br/>|
-|EBS Volume Snapshot Not Encrypted<br/><sup><sub>e6b4b943-6883-47a9-9739-7ada9568f8ca</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_snapshot#encrypted">Documentation</a><br/>|
-|ECS Task Definition Volume Not Encrypted<br/><sup><sub>4d46ff3b-7160-41d1-a310-71d6d370b08f</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#transit_encryption">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>48207659-729f-4b5c-9402-f884257d794f</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#encrypted">Documentation</a><br/>|
-|EKS Cluster Encryption Disabled<br/><sup><sub>63ebcb19-2739-4d3f-aa5c-e8bbb9b85281</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#encryption_config">Documentation</a><br/>|
-|ElastiCache Replication Group Not Encrypted At Rest<br/><sup><sub>76976de7-c7b1-4f64-a94f-90c1345914c2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#at_rest_encryption_enabled">Documentation</a><br/>|
-|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
-|ElasticSearch Not Encrypted At Rest<br/><sup><sub>24e16922-4330-4e9d-be8a-caa90299466a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>4a800e14-c94a-442d-9067-5a2e9f6c0a4c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
-|Glue Data Catalog Encryption Disabled<br/><sup><sub>01d50b14-e933-4c99-b314-6d08cd37ad35</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_data_catalog_encryption_settings#data_catalog_encryption_settings">Documentation</a><br/>|
-|Glue Security Configuration Encryption Disabled<br/><sup><sub>ad5b4e97-2850-4adf-be17-1d293e0b85ee</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_security_configuration#encryption_configuration">Documentation</a><br/>|
-|Kinesis Not Encrypted With KMS<br/><sup><sub>862fe4bf-3eec-4767-a517-40f378886b88</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream">Documentation</a><br/>|
-|Kinesis SSE Not Configured<br/><sup><sub>5c6dd5e7-1fe0-4cae-8f81-4c122717cef3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream#server_side_encryption">Documentation</a><br/>|
-|Launch Configuration Is Not Encrypted<br/><sup><sub>4de9de27-254e-424f-bd70-4c1e95790838</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#encrypted">Documentation</a><br/>|
-|MSK Cluster Encryption Disabled<br/><sup><sub>6db52fa6-d4da-4608-908a-89f0c59e743e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#encryption_info">Documentation</a><br/>|
-|Neptune Database Cluster Encryption Disabled<br/><sup><sub>98d59056-f745-4ef5-8613-32bca8d40b7e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
-|RDS Database Cluster not Encrypted<br/><sup><sub>656880aa-1388-488f-a6d4-8f73c23149b2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_cluster_snapshot">Documentation</a><br/>|
-|RDS Storage Not Encrypted<br/><sup><sub>3199c26c-7871-4cb3-99c2-10a59244ce7f</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
-|Redis Not Compliant<br/><sup><sub>254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine_version">Documentation</a><br/>|
-|Redshift Not Encrypted<br/><sup><sub>cfdcabb0-fc06-427c-865b-c59f13e898ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
-|S3 Bucket Object Not Encrypted<br/><sup><sub>5fb49a69-8d46-4495-a2f8-9c8c622b2b6e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_object#server_side_encryption">Documentation</a><br/>|
-|Sagemaker Endpoint Configuration Encryption Disabled<br/><sup><sub>58b35504-0287-4154-bf69-02c0573deab8</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_endpoint_configuration#kms_key_arn">Documentation</a><br/>|
-|Sagemaker Notebook Instance Without KMS<br/><sup><sub>f3674e0c-f6be-43fa-b71c-bf346d1aed99</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_notebook_instance#kms_key_id">Documentation</a><br/>|
-|SNS Topic Not Encrypted<br/><sup><sub>28545147-2fc6-42d5-a1f9-cf226658e591</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
-|User Data Contains Encoded Private Key<br/><sup><sub>443488f5-c734-460b-a36d-5b3f330174dc</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#user_data_base64">Documentation</a><br/>|
-|Workspaces Workspace Volume Not Encrypted<br/><sup><sub>b9033580-6886-401a-8631-5f19f5bb24c7</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_workspace#root_volume_encryption_enabled">Documentation</a><br/>|
-|Batch Job Definition With Privileged Container Properties<br/><sup><sub>66cd88ac-9ddf-424a-b77e-e55e17630bee</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/batch_job_definition">Documentation</a><br/>|
-|DB Security Group Has Public Interface<br/><sup><sub>f0d8781f-99bf-4958-9917-d39283b168a0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
-|KMS Key With Vulnerable Policy<br/><sup><sub>7ebc9038-0bde-479a-acc4-6ed7b6758899</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
-|Lambda Function With Privileged Role<br/><sup><sub>1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
-|MQ Broker Is Publicly Accessible<br/><sup><sub>4eb5f791-c861-4afd-9f94-f2a6a3fe49cb</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
-|Redshift Publicly Accessible<br/><sup><sub>af173fde-95ea-4584-b904-bb3923ac4bda</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster">Documentation</a><br/>|
-|Root Account Has Active Access Keys<br/><sup><sub>970d224d-b42a-416b-81f9-8f4dfe70c4bc</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
-|S3 Static Website Host Enabled<br/><sup><sub>42bb6b7f-6d54-4428-b707-666f669d94fb</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#website">Documentation</a><br/>|
-|DB Security Group Open To Large Scope<br/><sup><sub>4f615f3e-fb9c-4fad-8b70-2e9f781806ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
-|Default Security Groups With Unrestricted Traffic<br/><sup><sub>46883ce1-dc3e-4b17-9195-c6a601624c73</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
-|Network ACL With Unrestricted Access To RDP<br/><sup><sub>a20be318-cac7-457b-911d-04cc6e812c25</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
-|Remote Desktop Port Open To Internet<br/><sup><sub>151187cb-0efc-481c-babd-ad24e3c9bc22</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Route53 Record Undefined<br/><sup><sub>25db74bf-fa3b-44da-934e-8c3e005c0453</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>381c3f2a-ef6f-4eff-99f7-b169cda3422c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Unknown Port Exposed To Internet<br/><sup><sub>590d878b-abdc-428f-895a-e2b68a0e1998</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Unrestricted Security Group Ingress<br/><sup><sub>4728cd65-a20c-49da-8b31-9c08b423e4db</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/security_group.html">Documentation</a><br/>|
-|VPC Default Security Group Accepts All Traffic<br/><sup><sub>9a4ef195-74b9-4c58-b8ed-2b2fe4353a75</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
-|VPC Peering Route Table with Unrestricted CIDR<br/><sup><sub>b3a41501-f712-4c4f-81e5-db9a7dc0e34e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route">Documentation</a><br/>|
-|CloudTrail Log Files S3 Bucket is Publicly Accessible<br/><sup><sub>bd0088a5-c133-4b20-b129-ec9968b16ef3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
-|Hardcoded AWS Access Key<br/><sup><sub>d7b9d850-3e06-4a75-852f-c46c2e92240b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
-|Hardcoded AWS Access Key In Lambda<br/><sup><sub>1402afd8-a95c-4e84-8b0b-6fb43758e6ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
-|AMI Shared With Multiple Accounts<br/><sup><sub>ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ami_launch_permission">Documentation</a><br/>|
-|API Gateway Method Does Not Contains An API Key<br/><sup><sub>671211c5-5d2a-4e97-8867-30fc28b02216</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
-|API Gateway Without Configured Authorizer<br/><sup><sub>0a96ce49-4163-4ee6-8169-eb3b0797d694</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_authorizer">Documentation</a><br/>|
-|Certificate Has Expired<br/><sup><sub>c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|EC2 Instance Using Default Security Group<br/><sup><sub>f1adc521-f79a-4d71-b55b-a68294687432</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#security_groups">Documentation</a><br/>|
-|EFS With Vulnerable Policy<br/><sup><sub>fae52418-bb8b-4ac2-b287-0b9082d6a3fd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system_policy#policy">Documentation</a><br/>|
-|Elasticsearch Domain With Vulnerable Policy<br/><sup><sub>16c4216a-50d3-4785-bfb2-4adb5144a8ba</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain_policy#access_policies">Documentation</a><br/>|
-|Elasticsearch Without IAM Authentication<br/><sup><sub>e7530c3c-b7cf-4149-8db9-d037a0b5268e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
-|Glue With Vulnerable Policy<br/><sup><sub>d25edb51-07fb-4a73-97d4-41cecdc53a22</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_resource_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>9b0ffadc-a61f-4c2a-b1e6-68fab60f6267</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>15e6ad8c-f420-49a6-bafb-074f5eb1ec74</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>7d544dad-8a6c-431c-84c1-5f07fe9afc0e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>8f3c16b3-354d-45db-8ad5-5066778a9485</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>970ed7a2-0aca-4425-acf1-0453c9ecbca1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>70b42736-efee-4bce-80d5-50358ed94990</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>3dd96caa-0b5f-4a85-b929-acfac4646cc2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>db78d14b-10e5-4e6e-84b1-dace6327b1ec</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>846646e3-2af1-428c-ac5d-271eccfa6faf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>04c686f1-e0cd-4812-88e1-4e038410074c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ec49cbfd-fae4-45f3-81b1-860526d66e3f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>e77c89f6-9c85-49ea-b95b-5f960fe5be92</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>c0c1e744-0f37-445e-924a-1846f0839f69</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>60263b4a-6801-4587-911d-919c37ed733b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>7782d4b3-e23e-432b-9742-d9528432e771</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>78f1ec6f-5659-41ea-bd48-d0a142dce4f2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>ad296c0d-8131-4d6b-b030-1b0e73a99ad3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>034d0aee-620f-4bf7-b7fb-efdf661fdb9e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>571254d8-aa6a-432e-9725-535d3ef04d69</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|IAM Access Key Is Exposed<br/><sup><sub>7081f85c-b94d-40fd-8b45-a4f1cac75e46</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
-|IAM Group Without Users<br/><sup><sub>fc101ca7-c9dd-4198-a1eb-0fbe92e80044</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_membership#users">Documentation</a><br/>|
-|IAM Policies Attached To User<br/><sup><sub>b4378389-a9aa-44ee-91e7-ef183f11079e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment">Documentation</a><br/>|
-|IAM Policies With Full Privileges<br/><sup><sub>2f37c4a3-58b9-4afe-8a87-d7f1d2286f84</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>bcdcbdc6-a350-4855-ae7c-d1e6436f7c97</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
-|IAM Role Allows All Principals To Assume<br/><sup><sub>12b7e704-37f0-4d1e-911a-44bf60c48c21</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
-|IAM Role Policy passRole Allows All<br/><sup><sub>e39bee8c-fe54-4a3f-824d-e5e2d1cca40a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-security-warning-pass-role-with-star-in-resource">Documentation</a><br/>|
-|IAM User With Access To Console<br/><sup><sub>9ec311bf-dfd9-421f-8498-0b063c8bc552</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
-|Lambda Permission Principal Is Wildcard<br/><sup><sub>e08ed7eb-f3ef-494d-9d22-2e3db756a347</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
-|Policy Without Principal<br/><sup><sub>bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html">Documentation</a><br/>|
-|Public and Private EC2 Share Role<br/><sup><sub>c53c7a89-f9d7-4c7b-8b66-8a555be99593</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
-|Public Lambda via API Gateway<br/><sup><sub>3ef8696c-e4ae-4872-92c7-520bb44dfe77</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
-|REST API With Vulnerable Policy<br/><sup><sub>b161c11b-a59b-4431-9a29-4e19f63e6b27</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>be2aa235-bd93-4b68-978a-1cc65d49082f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>30b88745-eebe-4ecb-a3a9-5cf886e96204</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>0a592060-8166-49f5-8e65-99ac6dce9871</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>eda48c88-2b7d-4e34-b6ca-04c0194aee17</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>b8a31292-509d-4b61-bc40-13b167db7e9c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>f906113d-cdc0-415a-ba60-609cc6daaf4d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>f465fff1-0a0f-457d-aa4d-1bddb6f204ff</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>7c96920c-6fd0-449d-9a52-0aa431b6beaf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>5b4d4aee-ac94-4810-9611-833636e5916d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>9a205ba3-0dd1-42eb-8d54-2ffec836b51a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ee49557d-750c-4cc1-aa95-94ab36cbefde</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>d6047119-a0b2-4b59-a4f2-127a36fb685b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>8f75840d-9ee7-42f3-b203-b40e3979eb12</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>118281d0-6471-422e-a7c5-051bc667926e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>f1173d8c-3264-4148-9fdb-61181e031b51</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>35ccf766-0e4d-41ed-9ec4-2dab155082b4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>fa62ac4f-f5b9-45b9-97c1-625c8b6253ca</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>c583f0f9-7dfd-476b-a056-f47c62b47b46</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|S3 Bucket Allows Public ACL<br/><sup><sub>d0cc8694-fcad-43ff-ac86-32331d7e867f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>5ea624e4-c8b1-4bb3-87a4-4235a776adcc</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy">Documentation</a><br/>|
-|SQS Policy With Public Access<br/><sup><sub>730675f9-52ed-49b6-8ead-0acb5dd7df7f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
-|SSO Identity User Unsafe Creation<br/><sup><sub>4003118b-046b-4640-b200-b8c7a4c8b89f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_user">Documentation</a><br/>|
-|SSO Policy with full privileges<br/><sup><sub>132a8c31-9837-4203-9fd1-15ca210c7b73</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set_inline_policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>19ffbe31-9d72-4379-9768-431195eae328</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>89561b03-cb35-44a9-a7e9-8356e71606f4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>94fbe150-27e3-4eba-9ca6-af32865e4503</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>9b877bd8-94b4-4c10-a060-8e0436cc09fa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>bf9d42c7-c2f9-4dfe-942c-c8cc8249a081</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>6d23d87e-1c5b-4308-b224-92624300f29b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>e227091e-2228-4b40-b046-fc13650d8e88</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>70cb518c-d990-46f6-bc05-44a5041493d6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>113208f2-a886-4526-9ecc-f3218600e12c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>0fd7d920-4711-46bd-aff2-d307d82cd8b7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>1743f5f1-0bb0-4934-acef-c80baa5dadfa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>8bfbf7ab-d5e8-4100-8618-798956e101e0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eeb4d37a-3c59-4789-a00c-1509bc3af1e5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>0c10d7da-85c4-4d62-b2a8-d6c104f1bd77</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>43a41523-386a-4cb1-becb-42af6b414433</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>33627268-1445-4385-988a-318fd9d1a512</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>6deb34e2-5d9c-499a-801b-ea6d9eda894f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>8055dec2-efb8-4fe6-8837-d9bed6ff202a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>b69247e5-7e73-464e-ba74-ec9b715c6e12</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|Auto Scaling Group With No Associated ELB<br/><sup><sub>8e94dced-9bcc-4203-8eb7-7e41202b2505</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#load_balancers">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>7350fa23-dcf7-4938-916d-6a60b0c73b50</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
-|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>6db03a91-f933-4f13-ab38-a8b87a7de54d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster">Documentation</a><br/>|
-|ElastiCache Redis Cluster Without Backup<br/><sup><sub>8fdb08a0-a868-4fdf-9c27-ccab0237f1ab</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#snapshot_retention_limit">Documentation</a><br/>|
-|RDS Cluster With Backup Disabled<br/><sup><sub>e542bd46-58c4-4e0f-a52a-1fb4f9548e02</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#backup_retention_period">Documentation</a><br/>|
-|RDS With Backup Disabled<br/><sup><sub>1dc73fb4-5b51-430c-8c5f-25dcf9090b02</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
-|S3 Bucket Without Versioning<br/><sup><sub>568a4d22-3517-44a6-a7ad-6a7eed88722c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning">Documentation</a><br/>|
-|Stack Retention Disabled<br/><sup><sub>6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set_instance#stack_set_name">Documentation</a><br/>|
-|ALB Not Dropping Invalid Headers<br/><sup><sub>6e3fd2ed-5c83-4c68-9679-7700d224d379</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#drop_invalid_header_fields">Documentation</a><br/>|
-|AMI Not Encrypted<br/><sup><sub>8bbb242f-6e38-4127-86d4-d8f0b2687ae2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami">Documentation</a><br/>|
-|CA Certificate Identifier Is Outdated<br/><sup><sub>9f40c07e-699e-4410-8856-3ba0f2e3a2dd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
-|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>55af1353-2f62-4fa0-a8e1-a210ca2708f5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|CloudWatch Log Group Without KMS<br/><sup><sub>0afbcfe9-d341-4b92-a64c-7e6de0543879</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
-|ElastiCache Replication Group Not Encrypted At Transit<br/><sup><sub>1afbb3fa-cf6c-4a3d-b730-95e9f4df343e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#transit_encryption_enabled">Documentation</a><br/>|
-|Elasticsearch Domain Not Encrypted Node To Node<br/><sup><sub>967eb3e6-26fc-497d-8895-6428beb6e8e2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#node_to_node_encryption">Documentation</a><br/>|
-|ELB Using Insecure Protocols<br/><sup><sub>126c1788-23c2-4a10-906c-ef179f4f96ec</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
-|IAM Database Auth Not Enabled<br/><sup><sub>88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#iam_database_authentication_enabled">Documentation</a><br/>|
-|S3 Bucket Policy Accepts HTTP Requests<br/><sup><sub>4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy#policy">Documentation</a><br/>|
-|Secretsmanager Secret Encrypted With AWS Managed Key<br/><sup><sub>b0d3ef3f-845d-4b1b-83d6-63a5a380375f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
-|Secretsmanager Secret Without KMS<br/><sup><sub>a2f548f2-188c-4fff-b172-e9a6acb216bd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
-|Secure Ciphers Disabled<br/><sup><sub>5c0003fb-9aa0-42c1-9da3-eb0e332bef21</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|SNS Topic Encrypted With AWS Managed Key<br/><sup><sub>b1a72f66-2236-4f3b-87ba-0da1b366956f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>6e8849c1-3aa7-40e3-9063-b85ee300f29f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue">Documentation</a><br/>|
-|SSM Session Transit Encryption Disabled<br/><sup><sub>ce60cc6b-6831-4bd7-84a2-cc7f8ee71433</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_document#content">Documentation</a><br/>|
-|ALB Deletion Protection Disabled<br/><sup><sub>afecd1f1-6378-4f7e-bb3b-60c35801fdd4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#enable_deletion_protection">Documentation</a><br/>|
-|API Gateway With Open Access<br/><sup><sub>15ccec05-5476-4890-ad19-53991eba1db8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
-|API Gateway Without Security Policy<br/><sup><sub>4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_domain_name#security_policy">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>0b4869fc-a842-4597-aa00-1294df425440</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#client_certificate_id">Documentation</a><br/>|
-|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>874d68a3-bfbe-4a4b-aaa0-9e74d7da634b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>00e5e55e-c2ff-46b3-a757-a7a1cd802456</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|ECR Image Tag Not Immutable<br/><sup><sub>d1846b12-20c5-4d45-8798-fc35b79268eb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository">Documentation</a><br/>|
-|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>9f4a9409-9c60-4671-be96-9716dbf63db1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#network_mode">Documentation</a><br/>|
-|EKS Cluster Has Public Access<br/><sup><sub>42f4b905-3736-4213-bfe9-c0660518cda8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
-|IAM User Has Too Many Access Keys<br/><sup><sub>3561130e-9c5f-485b-9e16-2764c82763e5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#user">Documentation</a><br/>|
-|No Password Policy Enabled<br/><sup><sub>b592ffd4-0577-44b6-bd35-8c5ee81b5918</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
-|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>98a8f708-121b-455b-ae2f-da3fb59d17e1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#cors_rule">Documentation</a><br/>|
-|S3 Bucket Without Ignore Public ACL<br/><sup><sub>4fa66806-0dd9-4f8d-9480-3174d39c7c91</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>1ec253ab-c220-4d63-b2de-5b40e0af9293</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|Service Control Policies Disabled<br/><sup><sub>5ba6229c-8057-433e-91d0-21cf13569ca9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy">Documentation</a><br/>|
-|Default VPC Exists<br/><sup><sub>96ed3526-0179-4c73-b1b2-372fde2e0d13</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc">Documentation</a><br/>|
-|Vulnerable Default SSL Certificate<br/><sup><sub>3a1e94df-6847-4c0e-a3b6-6c6af4e128ef</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|ALB Is Not Integrated With WAF<br/><sup><sub>0afa6ab8-a047-48cf-be07-93a2f8c34cf7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>de7f5e83-da88-4046-871f-ea18504b1d43</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener">Documentation</a><br/>|
-|API Gateway Endpoint Config is Not Private<br/><sup><sub>6b2739db-9c49-4db7-b980-7816e0c248c1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|API Gateway without WAF<br/><sup><sub>a186e82c-1078-4a7b-85d8-579561fde884</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association#resource_arn">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>1419b4c6-6d5c-4534-9cf6-6a5266085333</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|EC2 Instance Has Public IP<br/><sup><sub>5a2486aa-facf-477d-a5c1-b010789459ce</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#associate_public_ip_address">Documentation</a><br/>|
-|EKS Cluster Has Public Access CIDRs<br/><sup><sub>61cf9883-1752-4768-b18c-0d57f2737709</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
-|EKS node group remote access disabled<br/><sup><sub>ba40ace1-a047-483c-8a8d-bc2d3a67a82d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group#remote_access">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#enforce_https">Documentation</a><br/>|
-|HTTP Port Open To Internet<br/><sup><sub>ffac8a12-322e-42c1-b9b9-81ff85c39ef7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Network ACL With Unrestricted Access To SSH<br/><sup><sub>3af7f2fd-06e6-4dab-b996-2912bea19ba4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
-|Security Group With Unrestricted Access To SSH<br/><sup><sub>65905cec-d691-4320-b320-2000436cb696</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e35c16a2-d54e-419d-8546-a804d8e024d0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>54c417bf-c762-48b9-9d31-b3d87047e3f0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|VPC Subnet Assigns Public IP<br/><sup><sub>52f04a44-6bfa-4c41-b1d3-4ae99a2de05c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch">Documentation</a><br/>|
-|VPC Without Network Firewall<br/><sup><sub>fd632aaf-b8a1-424d-a4d1-0de22fd3247a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall#vpc_id">Documentation</a><br/>|
-|API Gateway Access Logging Disabled<br/><sup><sub>1b6799eb-4a7a-4b04-9001-8cceb9999326</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#access_log_settings">Documentation</a><br/>|
-|API Gateway Deployment Without Access Log Setting<br/><sup><sub>625abc0e-f980-4ac9-a775-f7519ee34296</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
-|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>982aa526-6970-4c59-8b9b-2ce7e019fe36</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#managing-the-api-logging-cloudwatch-log-group">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>94690d79-b3b0-43de-b656-84ebef5753e5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|CloudTrail Log Files S3 Bucket with Logging Disabled<br/><sup><sub>ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
-|CloudTrail Logging Disabled<br/><sup><sub>4bb76f17-3d63-4529-bdca-2b454529d774</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_logging">Documentation</a><br/>|
-|CloudWatch AWS Config Configuration Changes Alarm Missing<br/><sup><sub>5b8d7527-de8e-4114-b9dd-9d988f1f418f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Changes To NACL Alarm Missing<br/><sup><sub>0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|Cloudwatch Cloudtrail Configuration Changes Alarm Missing<br/><sup><sub>0f6cbf69-41bb-47dc-93f3-3844640bf480</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing<br/><sup><sub>56a585f5-555c-48b2-8395-e64e4740a9cf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Logging Disabled<br/><sup><sub>7dbba512-e244-42dc-98bb-422339827967</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_query_log">Documentation</a><br/>|
-|CloudWatch Management Console Auth Failed Alarm Missing<br/><sup><sub>5864d189-ee9a-4009-ac0c-8a582e6b7919</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Metrics Disabled<br/><sup><sub>081069cb-588b-4ce1-884c-2a1ce3029fe5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#metrics_enabled">Documentation</a><br/>|
-|CloudWatch Root Account Use Missing<br/><sup><sub>8b1b1e67-6248-4dca-bbad-93486bb181c0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch S3 policy Change Alarm Missing<br/><sup><sub>27c6a499-895a-4dc7-9617-5c485218db13</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|Cloudwatch Security Group Changes Alarm Missing<br/><sup><sub>4beaf898-9f8b-4237-89e2-5ffdc7ee6006</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch VPC Changes Alarm Missing<br/><sup><sub>9d0d4512-1959-43a2-a17f-72360ff06d1b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>56f6a008-1b14-4af4-b9b2-ab7cf7e27641</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
-|EC2 Instance Monitoring Disabled<br/><sup><sub>23b70e32-032e-4fa6-ba5c-82f56b9980e6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#monitoring">Documentation</a><br/>|
-|EKS cluster logging is not enabled<br/><sup><sub>37304d3f-f852-40b8-ae3f-725e87a7cedf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabled_cluster_log_types">Documentation</a><br/>|
-|Elasticsearch Log Disabled<br/><sup><sub>acb6b4e2-a086-4f35-aefd-4db6ea51ada2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
-|ELB Access Log Disabled<br/><sup><sub>20018359-6fd7-4d05-ab26-d4dffccbdf79</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elb#enabled">Documentation</a><br/>|
-|Global Accelerator Flow Logs Disabled<br/><sup><sub>96e8183b-e985-457b-90cd-61c0503a3369</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/globalaccelerator_accelerator#flow_logs_enabled">Documentation</a><br/>|
-|GuardDuty Detector Disabled<br/><sup><sub>704dadd3-54fc-48ac-b6a0-02f170011473</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector#example-usage">Documentation</a><br/>|
-|Missing Cluster Log Types<br/><sup><sub>66f130d9-b81d-4e8e-9b08-da74b9c891df</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/eks_cluster.html">Documentation</a><br/>|
-|MQ Broker Logging Disabled<br/><sup><sub>31245f98-a6a9-4182-9fc1-45482b9d030a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
-|MSK Cluster Logging Disabled<br/><sup><sub>2f56b7ab-7fba-4e93-82f0-247e5ddeb239</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#broker_logs">Documentation</a><br/>|
-|Neptune Logging Is Disabled<br/><sup><sub>45cff7b6-3b80-40c1-ba7b-2cf480678bb8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#enable_cloudwatch_logs_exports">Documentation</a><br/>|
-|RDS Without Logging<br/><sup><sub>8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
-|Redshift Cluster Logging Disabled<br/><sup><sub>15ffbacc-fa42-4f6f-a57d-2feac7365caa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#enable">Documentation</a><br/>|
-|S3 Bucket Logging Disabled<br/><sup><sub>f861041c-8c9f-4156-acfc-5e6e524f5884</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
-|S3 Bucket Object Level CloudTrail Logging Disabled<br/><sup><sub>a8fc2180-b3ac-4c93-bd0d-a55b974e4b07</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#event_selector">Documentation</a><br/>|
-|Stack Notifications Disabled<br/><sup><sub>b72d0026-f649-4c91-a9ea-15d8f681ac09</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
-|VPC FlowLogs Disabled<br/><sup><sub>f83121ea-03da-434f-9277-9cd247ab3047</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc">Documentation</a><br/>|
-|No Stack Policy<br/><sup><sub>2f01fb2d-828a-499d-b98e-b83747305052</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
-|Authentication Without MFA<br/><sup><sub>3ddfa124-6407-4845-a501-179f90c65097</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy">Documentation</a><br/>|
-|CloudWatch Logs Destination With Vulnerable Policy<br/><sup><sub>db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_destination_policy#access_policy">Documentation</a><br/>|
-|EC2 Instance Using API Keys<br/><sup><sub>0b93729a-d882-4803-bdc3-ac429a21f158</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
-|SSO Permission With Inadequate User Session Duration<br/><sup><sub>ce9dfce0-5fc8-433b-944a-3b16153111a8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set">Documentation</a><br/>|
-|Autoscaling Groups Supply Tags<br/><sup><sub>ba48df05-eaa1-4d64-905e-4a4b051e7587</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#tag-and-tags">Documentation</a><br/>|
-|ECS Service Without Running Tasks<br/><sup><sub>91f16d09-689e-4926-aca7-155157f634ed</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
-|Automatic Minor Upgrades Disabled<br/><sup><sub>3b6d777b-76e3-4133-80a3-0d6f667ade7f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#auto_minor_version_upgrade">Documentation</a><br/>|
-|CDN Configuration Is Missing<br/><sup><sub>1bc367f6-901d-4870-ad0c-71d79762ef52</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|Cognito UserPool Without MFA<br/><sup><sub>ec28bf61-a474-4dbe-b414-6dd3a067d6f0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool">Documentation</a><br/>|
-|ECR Repository Without Policy<br/><sup><sub>69e7c320-b65d-41bb-be02-d63ecc0bcc9d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
-|IAM Access Analyzer Not Enabled<br/><sup><sub>e592a0c5-5bdb-414c-9066-5dba7cdea370</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/accessanalyzer_analyzer">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>1bc1c685-e593-450e-88fb-19db4c82aa1d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
-|Lambda IAM InvokeFunction Misconfigured<br/><sup><sub>0ca1017d-3b80-423e-bb9c-6cd5898d34bd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
-|Lambda Permission Misconfigured<br/><sup><sub>75ec6890-83af-4bf1-9f16-e83726df0bd0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
-|Misconfigured Password Policy Expiration<br/><sup><sub>ce60d060-efb8-4bfd-9cf7-ff8945d00d90</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
-|Password Without Reuse Prevention<br/><sup><sub>89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
-|Stack Without Template<br/><sup><sub>91bea7b8-0c31-4863-adc9-93f6177266c4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
-|API Gateway With Invalid Compression<br/><sup><sub>ed35928e-195c-4405-a252-98ccb664ab7b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>5d9e3164-9265-470c-9a10-57ae454ac0c7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#kms_key_id">Documentation</a><br/>|
-|CodeBuild Project Encrypted With AWS Managed Key<br/><sup><sub>3deec14b-03d2-4d27-9670-7d79322e3340</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codebuild_project#encryption_key">Documentation</a><br/>|
-|DOCDB Cluster Encrypted With AWS Managed Key<br/><sup><sub>2134641d-30a4-4b16-8ffc-2cd4c4ffd15d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
-|ECR Repository Not Encrypted With CMK<br/><sup><sub>0e32d561-4b5a-4664-a6e3-a3fa85649157</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#encryption_configuration">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>25d251f3-f348-4f95-845c-1090e41a615c</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#kms_key_id">Documentation</a><br/>|
-|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>9ef7d25d-9764-4224-9968-fa321c56ef76</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
-|IAM User Policy Without MFA<br/><sup><sub>b5681959-6c09-4f55-b42b-c40fa12d03ec</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html">Documentation</a><br/>|
-|Instance With No VPC<br/><sup><sub>a31a5a29-718a-4ff4-8001-a69e5e4d029e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
-|Redis Disabled<br/><sup><sub>4bd15dd9-8d5e-4008-8532-27eb0c3706d3</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine">Documentation</a><br/>|
-|Redshift Cluster Without VPC<br/><sup><sub>0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#vpc_security_group_ids">Documentation</a><br/>|
-|S3 Bucket Without Enabled MFA Delete<br/><sup><sub>c5b31ab9-0f26-4a49-b8aa-4cc064392f4d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#mfa_delete">Documentation</a><br/>|
-|Dynamodb VPC Endpoint Without Route Table Association<br/><sup><sub>0bc534c5-13d1-4353-a7fe-b8665d5c1d7d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint#vpc_id">Documentation</a><br/>|
-|EC2 Instance Using Default VPC<br/><sup><sub>7e4a6e76-568d-43ef-8c4e-36dea481bff1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#subnet_id">Documentation</a><br/>|
-|ElastiCache Using Default Port<br/><sup><sub>5d89db57-8b51-4b38-bb76-b9bd42bd40f0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#port">Documentation</a><br/>|
-|ElastiCache Without VPC<br/><sup><sub>8c849af7-a399-46f7-a34c-32d3dc96f1fc</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#subnet_group_name">Documentation</a><br/>|
-|EMR Without VPC<br/><sup><sub>2b3c8a6d-9856-43e6-ab1d-d651094f03b4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/emr_cluster#subnet_id">Documentation</a><br/>|
-|RDS Using Default Port<br/><sup><sub>bca7cc4d-b3a4-4345-9461-eb69c68fcd26</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#port">Documentation</a><br/>|
-|Redshift Using Default Port<br/><sup><sub>41abc6cc-dde1-4217-83d3-fb5f0cc09d8f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#port">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>92fe237e-074c-4262-81a4-2077acb928c1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Shield Advanced Not In Use<br/><sup><sub>084c6686-2a70-4710-91b1-000393e54c12</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/shield_protection#resource_arn">Documentation</a><br/>|
-|SQS VPC Endpoint Without DNS Resolution<br/><sup><sub>e9b7acf9-9ba0-4837-a744-31e7df1e434d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_dns_support">Documentation</a><br/>|
-|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>b3a59b8e-94a3-403e-b6e2-527abaf12034</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
-|API Gateway X-Ray Disabled<br/><sup><sub>5813ef56-fa94-406a-b35d-977d4a56ff2b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#xray_tracing_enabled">Documentation</a><br/>|
-|CloudTrail Log File Validation Disabled<br/><sup><sub>52ffcfa6-6c70-4ea6-8376-d828d3961669</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_log_file_validation">Documentation</a><br/>|
-|CloudTrail Multi Region Disabled<br/><sup><sub>8173d5eb-96b5-4aa6-a71b-ecfa153c123d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#is_multi_region_trail">Documentation</a><br/>|
-|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>17b30f8f-8dfb-4597-adf6-57600b6cf25e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
-|CloudTrail SNS Topic Name Undefined<br/><sup><sub>482b7d26-0bdb-4b5f-bf6f-545826c0a3dd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
-|CloudWatch Console Sign-in Without MFA Alarm Missing<br/><sup><sub>44ceb4fa-0897-4fd2-b676-30e7a58f2933</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch IAM Policy Changes Alarm Missing<br/><sup><sub>eaaba502-2f94-411a-a3c2-83d63cc1776d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Network Gateways Changes Alarm Missing<br/><sup><sub>6b6874fe-4c2f-4eea-8b90-7cceaa4a125e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Route Table Changes Alarm Missing<br/><sup><sub>2285e608-ddbc-47f3-ba54-ce7121e31216</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CMK Rotation Disabled<br/><sup><sub>22fbfeac-7b5a-421a-8a27-7a2178bb910b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#enable_key_rotation">Documentation</a><br/>|
-|Configuration Aggregator to All Regions Disabled<br/><sup><sub>ac5a0bc0-a54c-45aa-90c3-15f7703b9132</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator#all_regions">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>97cb0688-369a-4d26-b1f7-86c4c91231bc</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster#setting">Documentation</a><br/>|
-|ElasticSearch Without Slow Logs<br/><sup><sub>e979fcbc-df6c-422d-9458-c33d65e71c45</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
-|KMS Key With No Deletion Window<br/><sup><sub>0b530315-0ea4-497f-b34c-4ff86268f59d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
-|Lambda Functions Without X-Ray Tracing<br/><sup><sub>8152e0cf-d2f0-47ad-96d5-d003a76eabd1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#tracing_config">Documentation</a><br/>|
-|Unscanned ECR Image<br/><sup><sub>9630336b-3fed-4096-8173-b9afdfe346a7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#scan_on_push">Documentation</a><br/>|
-|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>c999cf62-0920-40f8-8dda-0caccd66ed7e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage">Documentation</a><br/>|
-|Security Group Not Used<br/><sup><sub>4849211b-ac39-479e-ae78-5694d506cb24</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>741f1291-47ac-4a85-a07b-3d32a9d6bd3e</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#point_in_time_recovery">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>60224630-175a-472a-9e23-133827040766</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/60224630-175a-472a-9e23-133827040766" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs_optimized">Documentation</a><br/>|
-|Resource Not Using Tags<br/><sup><sub>e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/resource-tagging">Documentation</a><br/>|
-|Security Group Rule Without Description<br/><sup><sub>68eb4bf3-f9bf-463d-b5cf-e029bb446d2e</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
-|Security Group Rule Without Description<br/><sup><sub>cb3f5ed6-0d18-40de-a93d-b3538db31e8c</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
-|CloudWatch AWS Organizations Changes Missing Alarm<br/><sup><sub>38b85c45-e772-4de8-a247-69619ca137b3</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Without Retention Period Specified<br/><sup><sub>ef0b316a-211e-42f1-888e-64efe172b755</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
-|BOM - AWS DynamoDB<br/><sup><sub>23edf35f-7c22-4ff9-87e6-0ca74261cfbf</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EBS<br/><sup><sub>86571149-eef3-4280-a645-01e60df854b0</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EFS<br/><sup><sub>f53f16d6-46a9-4277-9fbe-617b1e24cdca</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Elasticache<br/><sup><sub>54229498-850b-4f78-b3a7-218d24ef2c37</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Kinesis<br/><sup><sub>0e59d33e-bba2-4037-8f88-9765647ca7ad</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MQ<br/><sup><sub>fcb1b388-f558-4b7f-9b6e-f4e98abb7380</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MSK<br/><sup><sub>051f2063-2517-4295-ad8e-ba88c1bf5cfc</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS RDS<br/><sup><sub>12933609-c5bf-44b4-9a41-a6467c3b685b</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS S3 Buckets<br/><sup><sub>2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SNS<br/><sup><sub>eccc4d59-74b9-4974-86f1-74386e0c7f33</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SQS<br/><sup><sub>baecd2da-492a-4d59-b9dc-29540a1398e0</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>c2a3efb6-8a58-481c-82f2-bfddf34bb4b7</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account#ip_range_filter">Documentation</a><br/>|
-|Redis Entirely Accessible<br/><sup><sub>fd8da341-6760-4450-b26c-9f6d8850575e</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
-|Redis Publicly Accessible<br/><sup><sub>5089d055-53ff-421b-9482-a5267bdce629</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
-|SQLServer Ingress From Any IP<br/><sup><sub>25c0ea09-f1c5-4380-b055-3b83863f2bb8</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
-|Unrestricted SQL Server Access<br/><sup><sub>d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
-|Public Storage Account<br/><sup><sub>17f75827-0684-48f4-8747-61129c7e4198</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
-|Storage Container Is Publicly Accessible<br/><sup><sub>dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container#container_access_type">Documentation</a><br/>|
-|Azure Container Registry With No Locks<br/><sup><sub>a187ac47-8163-42ce-8a63-c115236be6fb</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry">Documentation</a><br/>|
-|Security Group is Not Configured<br/><sup><sub>5c822443-e1ea-46b8-84eb-758ec602e844</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azure/r/virtual_network.html">Documentation</a><br/>|
-|MariaDB Server Public Network Access Enabled<br/><sup><sub>7f0a8696-7159-4337-ad0d-8a3ab4a78195</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#public_network_access_enabled">Documentation</a><br/>|
-|MSSQL Server Public Network Access Enabled<br/><sup><sub>ade36cf4-329f-4830-a83d-9db72c800507</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server#public_network_access_enabled">Documentation</a><br/>|
-|MySQL Server Public Access Enabled<br/><sup><sub>f118890b-2468-42b1-9ce9-af35146b425b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server#public_network_access_enabled">Documentation</a><br/>|
-|RDP Is Exposed To The Internet<br/><sup><sub>efbf6449-5ec5-4cfe-8f15-acc51e0d787c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>594c198b-4d79-41b8-9b36-fde13348b619</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Admin User Enabled For Container Registry<br/><sup><sub>b897dfbf-322c-45a8-b67c-1e698beeaa51</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/container_registry.html">Documentation</a><br/>|
-|AKS RBAC Disabled<br/><sup><sub>86f92117-eed8-4614-9c6c-b26da20ff37f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#role_based_access_control">Documentation</a><br/>|
-|App Service Authentication Disabled<br/><sup><sub>c7fc1481-2899-4490-bbd8-544a3a61a2f3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#enabled">Documentation</a><br/>|
-|Function App Authentication Disabled<br/><sup><sub>e65a0733-94a0-4826-82f4-df529f4c593f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#auth_settings">Documentation</a><br/>|
-|Role Assignment Not Limit Guest User Permissions<br/><sup><sub>8e75e431-449f-49e9-b56a-c8f1378025cf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment">Documentation</a><br/>|
-|Role Definition Allows Custom Role Creation<br/><sup><sub>3fa5900f-9aac-4982-96b2-a6143d9c99fb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_definition#actions">Documentation</a><br/>|
-|Storage Share File Allows All ACL Permissions<br/><sup><sub>48bbe0fd-57e4-4678-a4a1-119e79c90fc3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_share_file">Documentation</a><br/>|
-|Storage Table Allows All ACL Permissions<br/><sup><sub>3ac3e75c-6374-4a32-8ba0-6ed69bda404e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table#permissions">Documentation</a><br/>|
-|Azure Instance Using Basic Authentication<br/><sup><sub>dafe30ec-325d-4516-85d1-e8e6776f012c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#admin_ssh_key">Documentation</a><br/>|
-|Key Vault Secrets Content Type Undefined<br/><sup><sub>f8e08a38-fc6e-4915-abbe-a7aadf1d59ef</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type">Documentation</a><br/>|
-|Security Contact Email<br/><sup><sub>34664094-59e0-4524-b69f-deaa1a68cce3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact#email">Documentation</a><br/>|
-|App Service Not Using Latest TLS Encryption Version<br/><sup><sub>b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version">Documentation</a><br/>|
-|Encryption On Managed Disk Disabled<br/><sup><sub>a99130ab-4c0e-43aa-97f8-78d4fcb30024</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk#encryption_settings">Documentation</a><br/>|
-|Function App Not Using Latest TLS Encryption Version<br/><sup><sub>45fc717a-bd86-415c-bdd8-677901be1aa6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#min_tls_version">Documentation</a><br/>|
-|MySQL SSL Connection Disabled<br/><sup><sub>73e42469-3a86-4f39-ad78-098f325b4e9f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server">Documentation</a><br/>|
-|SSL Enforce Disabled<br/><sup><sub>0437633b-daa6-4bbc-8526-c0d2443b946e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
-|Storage Account Not Forcing HTTPS<br/><sup><sub>12944ec4-1fa0-47be-8b17-42a034f937c2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
-|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>8263f146-5e03-43e0-9cfe-db960d56d1e7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
-|AD Admin Not Configured For SQL Server<br/><sup><sub>a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
-|AKS Private Cluster Disabled<br/><sup><sub>599318f2-6653-4569-9e21-041d06c63a89</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#private_cluster_enabled">Documentation</a><br/>|
-|App Service FTPS Enforce Disabled<br/><sup><sub>85da374f-b00f-4832-9d44-84a1ca1e89f8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#ftps_state">Documentation</a><br/>|
-|App Service HTTP2 Disabled<br/><sup><sub>525b53be-62ed-4244-b4df-41aecfcb4071</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled">Documentation</a><br/>|
-|Azure App Service Client Certificate Disabled<br/><sup><sub>a81573f9-3691-4d83-88a0-7d4af63e17a3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled">Documentation</a><br/>|
-|Function App Client Certificates Unrequired<br/><sup><sub>9bb3c639-5edf-458c-8ee5-30c17c7d671d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#client_cert_mode">Documentation</a><br/>|
-|Function App FTPS Enforce Disabled<br/><sup><sub>9dab0179-433d-4dff-af8f-0091025691df</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#ftps_state">Documentation</a><br/>|
-|Function App HTTP2 Disabled<br/><sup><sub>ace823d1-4432-4dee-945b-cdf11a5a6bd0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled">Documentation</a><br/>|
-|Function App Managed Identity Disabled<br/><sup><sub>c87749b3-ff10-41f5-9df2-c421e8151759</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#identity">Documentation</a><br/>|
-|Network Watcher Flow Disabled<br/><sup><sub>b90842e5-6779-44d4-9760-972f4c03ba1c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>e29a75e6-aba3-4896-b42d-b87818c16b58</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache">Documentation</a><br/>|
-|Redis Not Updated Regularly<br/><sup><sub>b947809d-dd2f-4de9-b724-04d101c515aa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache#patch_schedule">Documentation</a><br/>|
-|Security Center Pricing Tier Is Not Standard<br/><sup><sub>819d50fd-1cdf-45c3-9936-be408aaad93e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_subscription_pricing">Documentation</a><br/>|
-|Small Flow Logs Retention Period<br/><sup><sub>7750fcca-dd03-4d38-b663-4b70289bcfd4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
-|VM Not Attached To Network<br/><sup><sub>bbf6b3df-4b65-4f87-82cc-da9f30f8c033</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#network_interface_ids">Documentation</a><br/>|
-|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only">Documentation</a><br/>|
-|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>a5613650-32ec-4975-a305-31af783153ea</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action">Documentation</a><br/>|
-|Azure Cognitive Search Public Network Access Enabled<br/><sup><sub>4a9e0f00-0765-4f72-a0d4-d31110b78279</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/search_service#public_network_access_enabled">Documentation</a><br/>|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>a829b715-cf75-4e92-b645-54c9b739edfb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
-|Network Interfaces IP Forwarding Enabled<br/><sup><sub>4216ebac-d74c-4423-b437-35025cb88af5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#enable_ip_forwarding">Documentation</a><br/>|
-|Network Interfaces With Public IP<br/><sup><sub>c1573577-e494-4417-8854-7e119368dc8b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#public_ip_address_id">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e9dee01f-2505-4df2-b9bf-7804d1fd9082</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|SSH Is Exposed To The Internet<br/><sup><sub>3e3c175e-aadf-4e2b-a464-3fdac5748d24</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Trusted Microsoft Services Not Enabled<br/><sup><sub>5400f379-a347-4bdd-a032-446465fdcc6f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass">Documentation</a><br/>|
-|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2e48d91c-50e4-45c8-9312-27b625868a72</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway">Documentation</a><br/>|
-|Email Alerts Disabled<br/><sup><sub>9db38e87-f6aa-4b5e-a1ec-7266df259409</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact">Documentation</a><br/>|
-|Log Retention Is Not Set<br/><sup><sub>ffb02aca-0d12-475e-b77c-a726f7aeff4b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|MSSQL Server Auditing Disabled<br/><sup><sub>609839ae-bd81-4375-9910-5bce72ae7b92</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
-|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>3790d386-be81-4dcf-9850-eaa7df6c10d9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Log Connections Not Set<br/><sup><sub>c640d783-10c5-4071-b6c1-23507300d333</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Log Disconnections Not Set<br/><sup><sub>07f7134f-9f37-476e-8664-670c218e4702</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Log Duration Not Set<br/><sup><sub>16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Server Without Connection Throttling<br/><sup><sub>2b3c671f-1b76-4741-8789-ed1fe0785dc4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|SQL Server Auditing Disabled<br/><sup><sub>f7e296b0-6660-4bc5-8f87-22ac4a815edf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
-|Vault Auditing Disabled<br/><sup><sub>38c71c00-c177-4cd7-8d36-cd1007cdb190</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/key_vault.html">Documentation</a><br/>|
-|PostgreSQL Server Threat Detection Policy Disabled<br/><sup><sub>c407c3cf-c409-4b29-b590-db5f4138d332</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#threat_detection_policy">Documentation</a><br/>|
-|SQL Database Audit Disabled<br/><sup><sub>83a229ba-483e-47c6-8db7-dc96969bce5a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/sql_database.html">Documentation</a><br/>|
-|Key Expiration Not Set<br/><sup><sub>4d080822-5ee2-49a4-8984-68f3d4c890fc</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key">Documentation</a><br/>|
-|Secret Expiration Not Set<br/><sup><sub>dfa20ffa-f476-428f-a490-424b41e91c7f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret">Documentation</a><br/>|
-|Azure Active Directory Authentication<br/><sup><sub>a21c8da9-41bf-40cf-941d-330cf0d11fc7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_fabric_cluster#tenant_id">Documentation</a><br/>|
-|Virtual Network with DDoS Protection Plan disabled<br/><sup><sub>b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network#ddos_protection_plan">Documentation</a><br/>|
-|Geo Redundancy Is Disabled<br/><sup><sub>8b042c30-e441-453f-b162-7696982ebc58</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
-|MariaDB Server Geo-redundant Backup Disabled<br/><sup><sub>0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#geo_redundant_backup_enabled">Documentation</a><br/>|
-|AKS Uses Azure Policies Add-On Disabled<br/><sup><sub>43789711-161b-4708-b5bb-9d1c626f7492</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#azure_policy">Documentation</a><br/>|
-|App Service Without Latest PHP Version<br/><sup><sub>96fe318e-d631-4156-99fa-9080d57280ae</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#php_version">Documentation</a><br/>|
-|App Service Without Latest Python Version<br/><sup><sub>cc4aaa9d-1070-461a-b519-04e00f42db8a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#python_version">Documentation</a><br/>|
-|SQL Server Predictable Active Directory Account Name<br/><sup><sub>bcd3fc01-5902-4f2a-b05a-227f9bbf5450</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
-|SQL Server Predictable Admin Account Name<br/><sup><sub>2ab6de9a-0136-415c-be92-79d2e4fd750f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
-|Cosmos DB Account Without Tags<br/><sup><sub>56dad03e-e94f-4dd6-93a4-c253a03ff7a0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account">Documentation</a><br/>|
-|AKS Disk Encryption Set ID Undefined<br/><sup><sub>b17d8bb8-4c08-4785-867e-cb9e62a622aa</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#disk_encryption_set_id">Documentation</a><br/>|
-|PostgreSQL Server Infrastructure Encryption Disabled<br/><sup><sub>6425c98b-ca4e-41fe-896a-c78772c131f8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#infrastructure_encryption_enabled">Documentation</a><br/>|
-|AKS Network Policy Misconfigured<br/><sup><sub>f5342045-b935-402d-adf1-8dbbd09c0eef</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster">Documentation</a><br/>|
-|Dashboard Is Enabled<br/><sup><sub>61c3cb8b-0715-47e4-b788-86dde40dd2db</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster">Documentation</a><br/>|
-|Azure Front Door WAF Disabled<br/><sup><sub>835a4f2f-df43-437d-9943-545ccfc55961</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor#web_application_firewall_policy_link_id">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Small Activity Log Retention Period<br/><sup><sub>2b856bf9-8e8c-4005-875f-303a8cba3918</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_log_profile">Documentation</a><br/>|
-|Small MSSQL Audit Retention Period<br/><sup><sub>9c301481-e6ec-44f7-8a49-8ec63e2969ea</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
-|Small MSSQL Server Audit Retention<br/><sup><sub>59acb56b-2b10-4c2c-ba38-f2223c3f5cfc</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
-|Small PostgreSQL DB Server Log Retention Period<br/><sup><sub>261a83f8-dd72-4e8c-b5e1-ebf06e8fe606</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|App Service Managed Identity Disabled<br/><sup><sub>b61cce4b-0cc4-472b-8096-15617a6d769b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity">Documentation</a><br/>|
-|SQL Server Alert Email Disabled<br/><sup><sub>55975007-f6e7-4134-83c3-298f1fe4b519</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server_security_alert_policy#email_account_admins">Documentation</a><br/>|
-|(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)<br/><sup><sub>a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permissions">Documentation</a><br/>|
-|(Beta) Unrestricted Databricks ACL<br/><sup><sub>2c4fe4a9-f44b-4c70-b09b-5b75cd251805</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/ip_access_list">Documentation</a><br/>|
-|(Beta) Job's Task is Legacy (spark_submit_task)<br/><sup><sub>375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/job#spark_submit_task-configuration-block">Documentation</a><br/>|
-|(Beta) Indefinitely Databricks OBO Token Lifetime<br/><sup><sub>23e1f5f0-12b7-4d7e-9087-f60f42ccd514</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/obo_token">Documentation</a><br/>|
-|(Beta) Indefinitely Databricks Token Lifetime<br/><sup><sub>7d05ca25-91b4-42ee-b6f6-b06611a87ce8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/token">Documentation</a><br/>|
-|(Beta) Databricks Autoscale Badly Setup<br/><sup><sub>953c0cc6-5f30-44cb-a803-bf4ef2571be8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster">Documentation</a><br/>|
-|(Beta) Databricks Group Without User Or Instance Profile<br/><sup><sub>23c3067a-8cc9-480c-b645-7c1e0ad4bf60</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group">Documentation</a><br/>|
-|(Beta) Check Databricks Cluster AWS Attribute Best Practices<br/><sup><sub>b0749c53-e3ff-4d09-bbe4-dca94e2e7a38</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38" target="_blank">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
-|(Beta) Check Databricks Cluster Azure Attribute Best Practices<br/><sup><sub>38028698-e663-4ef7-aa92-773fef0ca86f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f" target="_blank">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
-|(Beta) Check Databricks Cluster GCP Attribute Best Practices<br/><sup><sub>539e4557-d2b5-4d57-a001-cb01140a4e2d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d" target="_blank">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
-|(Beta) Check use no LTS Spark Version<br/><sup><sub>5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/spark_version">Documentation</a><br/>|
-|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>a6cd52a1-3056-4910-96a5-894de9f3f3b3</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#google_storage_bucket_iam_binding">Documentation</a><br/>|
-|SQL DB Instance Publicly Accessible<br/><sup><sub>b187edca-b81e-4fdc-aff4-aab57db45edb</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
-|BigQuery Dataset Is Public<br/><sup><sub>e576ce44-dd03-4022-a8c0-3906acca2ab4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/r/bigquery_dataset.html">Documentation</a><br/>|
-|Google Project IAM Binding Service Account has Token Creator or Account User Role<br/><sup><sub>617ef6ff-711e-4bd7-94ae-e965911b1b40</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
-|Google Project IAM Member Service Account Has Admin Role<br/><sup><sub>84d36481-fd63-48cb-838e-635c44806ec2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
-|Google Project IAM Member Service Account has Token Creator or Account User Role<br/><sup><sub>c68b4e6d-4e01-4ca1-b256-1e18e875785c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
-|KMS Crypto Key is Publicly Accessible<br/><sup><sub>16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_kms_crypto_key_iam#google_kms_crypto_key_iam_policy">Documentation</a><br/>|
-|SQL DB Instance With SSL Disabled<br/><sup><sub>02474449-71aa-40a1-87ae-e14497747b00</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#require_ssl">Documentation</a><br/>|
-|GKE Legacy Authorization Enabled<br/><sup><sub>5baa92d2-d8ee-4c75-88a4-52d9d8bb8067</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Google Storage Bucket Level Access Disabled<br/><sup><sub>bb0db090-5509-4853-a827-75ced0b3caa0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket">Documentation</a><br/>|
-|RDP Access Is Not Restricted<br/><sup><sub>678fd659-96f2-454a-a2a0-c2571f83a4a3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
-|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>c010082c-76e0-4b91-91d9-6e8439e455dd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#member/members">Documentation</a><br/>|
-|KMS Admin and CryptoKey Roles In Use<br/><sup><sub>92e4464a-4139-4d57-8742-b5acc0347680</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#policy_data">Documentation</a><br/>|
-|OSLogin Disabled<br/><sup><sub>32ecd6eb-0711-421f-9627-1a28d9eff217</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_project_metadata#metadata">Documentation</a><br/>|
-|VM With Full Cloud Access<br/><sup><sub>bc280331-27b9-4acb-a010-018e8098aa5d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#scopes">Documentation</a><br/>|
-|SQL DB Instance Backup Disabled<br/><sup><sub>cf3c7631-cd1e-42f3-8801-a561214a6e79</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>b1d51728-7270-4991-ac2f-fc26e2695b38</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk">Documentation</a><br/>|
-|DNSSEC Using RSASHA1<br/><sup><sub>ccc3100c-0fdd-4a5e-9908-c10107291860</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone#algorithm">Documentation</a><br/>|
-|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>14a457f0-473d-4d1d-9e37-6d99b355b336</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_ssl_policy">Documentation</a><br/>|
-|Cloud DNS Without DNSSEC<br/><sup><sub>5ef61c88-bbb4-4725-b1df-55d23c9676bb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/d/dns_managed_zone.html">Documentation</a><br/>|
-|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>acfdbec6-4a17-471f-b412-169d77553332</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool">Documentation</a><br/>|
-|Google Project Auto Create Network Disabled<br/><sup><sub>59571246-3f62-4965-a96f-c7d97e269351</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project">Documentation</a><br/>|
-|IP Aliasing Disabled<br/><sup><sub>c606ba1d-d736-43eb-ac24-e16108f3a9e0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Network Policy Disabled<br/><sup><sub>11e7550e-c4b6-472e-adff-c698f157cdd7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|OSLogin Is Disabled For VM Instance<br/><sup><sub>d0b4d550-c001-46c3-bbdb-d5d75d33f05f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|Pod Security Policy Disabled<br/><sup><sub>9192e0f9-eca5-4056-9282-ae2a736a4088</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Private Cluster Disabled<br/><sup><sub>6ccb85d7-0420-4907-9380-50313f80946b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Shielded GKE Nodes Disabled<br/><sup><sub>579a0727-9c29-4d58-8195-fc5802a8bdb4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#enable_shielded_nodes">Documentation</a><br/>|
-|Shielded VM Disabled<br/><sup><sub>1b44e234-3d73-41a8-9954-0b154135280e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#shielded_instance_config">Documentation</a><br/>|
-|GKE Using Default Service Account<br/><sup><sub>1c8eef02-17b1-4a3e-b01d-dcc3292d2c38</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#node_config">Documentation</a><br/>|
-|Using Default Service Account<br/><sup><sub>3cb4af0b-056d-4fb1-8b95-fdc4593625ff</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|Google Compute Network Using Default Firewall Rule<br/><sup><sub>40abce54-95b1-478c-8e5f-ea0bf0bb0e33</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#name">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>22ef1d26-80f8-4a6c-8c15-f35aab3cac78</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
-|IP Forwarding Enabled<br/><sup><sub>f34c0c25-47b4-41eb-9c79-249b4dd47b89</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_instance">Documentation</a><br/>|
-|Serial Ports Are Enabled For VM Instances<br/><sup><sub>97fa667a-d05b-4f16-9071-58b939f34751</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|SSH Access Is Not Restricted<br/><sup><sub>c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>d6cabc3a-d57e-48c2-b341-bf3dd4f4a120</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#log_bucket">Documentation</a><br/>|
-|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>e7e961ac-d17e-4413-84bc-8a1fbe242944</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#enabled">Documentation</a><br/>|
-|Google Compute Subnetwork Logging Disabled<br/><sup><sub>40430747-442d-450a-a34f-dc57149f4609</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork">Documentation</a><br/>|
-|Stackdriver Logging Disabled<br/><sup><sub>4c7ebcb2-eae2-461e-bc83-456ee2d4f694</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#logging_service">Documentation</a><br/>|
-|Stackdriver Monitoring Disabled<br/><sup><sub>30e8dfd2-3591-4d19-8d11-79e93106c93d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#monitoring_service">Documentation</a><br/>|
-|Node Auto Upgrade Disabled<br/><sup><sub>b139213e-7d24-49c2-8025-c18faa21ecaa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#auto_upgrade">Documentation</a><br/>|
-|Service Account with Improper Privileges<br/><sup><sub>cefdad16-0dd5-4ac5-8ed2-a37502c78672</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
-|High Google KMS Crypto Key Rotation Period<br/><sup><sub>d8c57c4e-bf6f-4e32-a2bf-8643532de77b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/kms_crypto_key">Documentation</a><br/>|
-|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>3e4d5ce6-3280-4027-8010-c26eeea1ec01</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|User with IAM Role<br/><sup><sub>704fcc44-a58f-4af5-82e2-93f2a58ef918</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
-|Outdated GKE Version<br/><sup><sub>128df7ec-f185-48bc-8913-ce756a3ccb85</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#master_version">Documentation</a><br/>|
-|Cluster Labels Disabled<br/><sup><sub>65c1bc7a-4835-4ac4-a2b6-13d310b0648d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|COS Node Image Not Used<br/><sup><sub>8a893e46-e267-485a-8690-51f39951de58</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#node_config">Documentation</a><br/>|
-|Legacy Client Certificate Auth Enabled<br/><sup><sub>73fb21a1-b19a-45b1-b648-b47b1678681e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Not Proper Email Account In Use<br/><sup><sub>9356962e-4a4f-4d06-ac59-dc8008775eaa</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>e6f61c37-106b-449f-a5bb-81bfcaceb8b4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
-|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>ee7b93c1-b3f8-4a3b-9588-146d481814f5</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork#private_ip_google_access">Documentation</a><br/>|
-|IAM Audit Not Properly Configured<br/><sup><sub>89fe890f-b480-460c-8b6b-7d8b1468adb4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_audit_config">Documentation</a><br/>|
-|BOM - GCP Dataflow<br/><sup><sub>895ed0d9-6fec-4567-8614-d7a74b599a53</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP FI<br/><sup><sub>c9d81239-c818-4869-9917-1570c62b81fd</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP PD<br/><sup><sub>dd7d70aa-a6ec-460d-b5d2-38b40253b16f</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP PST<br/><sup><sub>4b82202a-b18e-4891-a1eb-a0989850bbb3</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP Redis<br/><sup><sub>bc75ce52-a60a-4660-b533-bce837a5019b</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP SB<br/><sup><sub>2f06d22c-56bd-4f73-8a51-db001fcf2150</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|Github Organization Webhook With SSL Disabled<br/><sup><sub>ce7c874e-1b88-450b-a5e4-cb76ada3c8a9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/github/latest/docs/resources/organization_webhook">Documentation</a><br/>|
-|GitHub Repository Set To Public<br/><sup><sub>15d8a7fd-465a-4d15-a868-add86552f17b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/github/r/repository.html">Documentation</a><br/>|
-|Non Kube System Pod With Host Mount<br/><sup><sub>86a947ea-f577-4efb-a8b0-5fc00257d521</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
-|Cluster Allows Unsafe Sysctls<br/><sup><sub>a9174d31-d526-4ad9-ace4-ce7ddbf52e03</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_unsafe_sysctls">Documentation</a><br/>|
-|Container Is Privileged<br/><sup><sub>87065ef8-de9b-40d8-9753-f4a4303e27a4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
-|Container Runs Unmasked<br/><sup><sub>0ad60203-c050-4115-83b6-b94bde92541d</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_proc_mount_types">Documentation</a><br/>|
-|Containers With Sys Admin Capabilities<br/><sup><sub>3f55386d-75cd-4e9a-ac47-167b26c04724</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
-|Privilege Escalation Allowed<br/><sup><sub>c878abb4-cca5-4724-92b9-289be68bd47c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#allow_privilege_escalation">Documentation</a><br/>|
-|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>4950837c-0ce5-4e42-9bee-a25eae73740b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_network">Documentation</a><br/>|
-|PSP Allows Privilege Escalation<br/><sup><sub>2bff9906-4e9b-4f71-9346-8ebedfdf43ef</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allow_privilege_escalation">Documentation</a><br/>|
-|PSP Allows Sharing Host IPC<br/><sup><sub>51bed0ac-a8ae-407a-895e-90c6cb0610ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_ipc">Documentation</a><br/>|
-|PSP Set To Privileged<br/><sup><sub>a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
-|PSP With Added Capabilities<br/><sup><sub>48388bd2-7201-4dcc-b56d-e8a9efa58fad</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_capabilities">Documentation</a><br/>|
-|Tiller (Helm v2) Is Deployed<br/><sup><sub>ca2fba76-c1a7-4afd-be67-5249f861cb0e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
-|Workload Mounting With Sensitive OS Directory<br/><sup><sub>a737be28-37d8-4bff-aa6d-1be8aa0a0015</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
-|Volume Mount With OS Directory Write Permissions<br/><sup><sub>a62a99d1-8196-432f-8f80-3c100b05d62a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Resource Management|<a href="../terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#volume_mount">Documentation</a><br/>|
-|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>4e203a65-c8d8-49a2-b749-b124d43c9dc1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
-|Missing App Armor Config<br/><sup><sub>bd6bd46c-57db-4887-956d-d372f21291b6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
-|Permissive Access to Create Pods<br/><sup><sub>522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
-|RBAC Roles with Read Secrets Permissions<br/><sup><sub>826abb30-3cd5-4e0b-a93b-67729b4f7e63</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
-|Readiness Probe Is Not Configured<br/><sup><sub>8657197e-3f87-4694-892b-8144701d83c1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/8657197e-3f87-4694-892b-8144701d83c1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#readiness_probe">Documentation</a><br/>|
-|Root Containers Admitted<br/><sup><sub>4c415497-7410-4559-90e8-f2c8ac64ee38</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#run_as_user">Documentation</a><br/>|
-|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>26b047a9-0329-48fd-8fb7-05bbe5ba80ee</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
-|Container Host Pid Is True<br/><sup><sub>587d5d82-70cf-449b-9817-f60f9bccb88c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_pid">Documentation</a><br/>|
-|Container Resources Limits Undefined<br/><sup><sub>60af03ff-a421-45c8-b214-6741035476fa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/60af03ff-a421-45c8-b214-6741035476fa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
-|Containers With Added Capabilities<br/><sup><sub>fe771ff7-ba15-4f8f-ad7a-8aa232b49a28</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
-|Ingress Controller Exposes Workload<br/><sup><sub>e2c83c1f-84d7-4467-966c-ed41fd015bb9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress#http">Documentation</a><br/>|
-|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>9aa32890-ac1a-45ee-81ca-5164e2098556</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#required_drop_capabilities">Documentation</a><br/>|
-|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>e5587d53-a673-4a6b-b3f2-ba07ec274def</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
-|Seccomp Profile Is Not Configured<br/><sup><sub>455f2e0c-686d-4fcb-8b5f-3f953f12c43c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
-|Role Binding To Default Service Account<br/><sup><sub>3360c01e-c8c0-4812-96a2-a6329b9b7f9f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
-|Service Account Name Undefined Or Empty<br/><sup><sub>24b132df-5cc7-4823-8029-f898e1c50b72</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
-|Service Account Token Automount Not Disabled<br/><sup><sub>a9a13d4f-f17a-491b-b074-f54bffffcb4a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#automount_service_account_token">Documentation</a><br/>|
-|Service With External Load Balancer<br/><sup><sub>2a52567c-abb8-4651-a038-52fa27c77aed</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service">Documentation</a><br/>|
-|Memory Limits Not Defined<br/><sup><sub>fd097ed0-7fe6-4f58-8b71-fef9f0820a21</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
-|Memory Requests Not Defined<br/><sup><sub>21719347-d02b-497d-bda4-04a03c8e5b61</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
-|Shared Host IPC Namespace<br/><sup><sub>e94d3121-c2d1-4e34-a295-139bfeb73ea3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_ipc">Documentation</a><br/>|
-|Shared Host Network Namespace<br/><sup><sub>ac1564a3-c324-4747-9fa1-9dfc234dace0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_network">Documentation</a><br/>|
-|Service Account Allows Access Secrets<br/><sup><sub>07fc3413-e572-42f7-9877-5c8fc6fccfb5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
-|Shared Service Account<br/><sup><sub>f74b9c43-161a-4799-bc95-0b0ec81801b9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
-|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>17172bc2-56fb-4f17-916f-a014147706cd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding#name">Documentation</a><br/>|
-|Deployment Without PodDisruptionBudget<br/><sup><sub>a05331ee-1653-45cb-91e6-13637a76e4f0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#selector">Documentation</a><br/>|
-|HPA Targets Invalid Object<br/><sup><sub>17e52ca3-ddd0-4610-9d56-ce107442e110</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/horizontal_pod_autoscaler#metric">Documentation</a><br/>|
-|StatefulSet Without PodDisruptionBudget<br/><sup><sub>7249e3b0-9231-4af3-bc5f-5daf4988ecbf</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
-|StatefulSet Without Service Name<br/><sup><sub>420e6360-47bb-46f6-9072-b20ed22c842d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
-|Metadata Label Is Invalid<br/><sup><sub>bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#labels">Documentation</a><br/>|
-|No Drop Capabilities for Containers<br/><sup><sub>21cef75f-289f-470e-8038-c7cee0664164</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/21cef75f-289f-470e-8038-c7cee0664164" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
-|Root Container Not Mounted As Read-only<br/><sup><sub>d532566b-8d9d-4f3b-80bd-361fe802f9c2</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#read_only_root_filesystem">Documentation</a><br/>|
-|StatefulSet Requests Storage<br/><sup><sub>fcc2612a-1dfe-46e4-8ce6-0320959f0040</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
-|Default Service Account In Use<br/><sup><sub>737a0dd9-0aaa-4145-8118-f01778262b8a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account#automount_service_account_token">Documentation</a><br/>|
-|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>aa737abf-6b1d-4aba-95aa-5c160bd7f96e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image_pull_policy">Documentation</a><br/>|
-|Image Without Digest<br/><sup><sub>228c4c19-feeb-4c18-848c-800ac70fdfb7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
-|Pod or Container Without Security Context<br/><sup><sub>ad69e38a-d92e-4357-a8da-f2f29d545883</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#security_context">Documentation</a><br/>|
-|Using Default Namespace<br/><sup><sub>abcb818b-5af7-4d72-aba9-6dd84956b451</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#namespace">Documentation</a><br/>|
-|Network Policy Is Not Targeting Any Pod<br/><sup><sub>b80b14c6-aaa2-4876-b651-8a48b6c32fbf</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/network_policy#match_labels">Documentation</a><br/>|
-|Service Type is NodePort<br/><sup><sub>5c281bf8-d9bb-47f2-b909-3f6bb11874ad</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service#type">Documentation</a><br/>|
-|Workload Host Port Not Specified<br/><sup><sub>4e74cf4f-ff65-4c1a-885c-67ab608206ce</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_port">Documentation</a><br/>|
-|CPU Limits Not Set<br/><sup><sub>5f4735ce-b9ba-4d95-a089-a37a767b716f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
-|CPU Requests Not Set<br/><sup><sub>577ac19c-6a77-46d7-9f14-e049cdd15ec2</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
-|CronJob Deadline Not Configured<br/><sup><sub>58876b44-a690-4e9f-9214-7735fa0dd15d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cron_job#starting_deadline_seconds">Documentation</a><br/>|
-|Deployment Has No PodAntiAffinity<br/><sup><sub>461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#affinity">Documentation</a><br/>|
-|Secrets As Environment Variables<br/><sup><sub>6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#secret_key_ref">Documentation</a><br/>|
-|Invalid Image<br/><sup><sub>e76cca7c-c3f9-4fc9-884c-b2831168ebd8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
-|Liveness Probe Is Not Defined<br/><sup><sub>5b6d53dd-3ba3-4269-b4d7-f82e880e43c3</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Availability|<a href="../terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#liveness_probe">Documentation</a><br/>|
-|(Beta) Nifcloud DNS Has Verified Record<br/><sup><sub>a1defcb6-55e8-4511-8c2a-30b615b0e057</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/dns_record#record">Documentation</a><br/>|
-|(Beta) Nifcloud ELB Listener Use HTTP Protocol<br/><sup><sub>afcb0771-4f94-44ed-ad4a-9f73f11ce6e0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb_listener#protocol">Documentation</a><br/>|
-|(Beta) Nifcloud ELB Use HTTP Protocol<br/><sup><sub>e2de2b80-2fc2-4502-a764-40930dfcc70a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#protocol">Documentation</a><br/>|
-|(Beta) Nifcloud LB Listener Use HTTP Port<br/><sup><sub>9f751a80-31f0-43a3-926c-20772791a038</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer_listener#load_balancer_port">Documentation</a><br/>|
-|(Beta) Nifcloud LB Use HTTP Port<br/><sup><sub>94e47f3f-b90b-43a1-a36d-521580bae863</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#load_balancer_port">Documentation</a><br/>|
-|(Beta) Nifcloud LB Use Insecure TLS Policy ID<br/><sup><sub>944439c7-b4b8-476a-8f83-14641ea876ba</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_id">Documentation</a><br/>|
-|(Beta) Nifcloud LB Use Insecure TLS Policy Name<br/><sup><sub>675e8eaa-2754-42b7-bf33-bfa295d1601d</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_name">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Has Public Ingress Security Group Rule<br/><sup><sub>b2ea2367-8dc9-4231-a035-d0b28bfa3dde</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Undefined Security Group To Instance<br/><sup><sub>89218b48-75c9-4cb3-aaba-5299e852e8bc</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#security_group">Documentation</a><br/>|
-|(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule<br/><sup><sub>8d7758a7-d9cd-499a-a83e-c9bdcbff728d</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#cidr_ip">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Public DB Access<br/><sup><sub>fb387023-e4bb-42a8-9a70-6708aa7ff21b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule<br/><sup><sub>a0b846e8-815f-4f15-b660-bc4ab9fa1e1a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#cidr_ip">Documentation</a><br/>|
-|(Beta) Nifcloud Router Undefined Security Group To Router<br/><sup><sub>e7dada38-af20-4899-8955-dabea84ab1f0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#security_group">Documentation</a><br/>|
-|(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway<br/><sup><sub>b3535a48-910c-47f8-8b3b-14222f29ef80</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/vpn_gateway#security_group">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day<br/><sup><sub>e5071f76-cbe7-468d-bb2b-d10f02d2b713</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#backup_retention_period">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Has Common Private Network<br/><sup><sub>df58dd45-8009-43c2-90f7-c90eb9d53ed9</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Undefined Description To Security Group<br/><sup><sub>41c127a9-3a85-4bc3-a333-ed374eb9c3e4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group#description">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Undefined Description To Security Group Rule<br/><sup><sub>e4610872-0b1c-4fb7-ab57-d81c0afdb291</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#description">Documentation</a><br/>|
-|(Beta) Nifcloud ELB Has Common Private Network<br/><sup><sub>5061f84c-ab66-4660-90b9-680c9df346c0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud NAS Has Common Private Network<br/><sup><sub>4b801c38-ebb4-4c81-984b-1ba525d43adf</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_instance#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud NAS Undefined Description To NAS Security Group<br/><sup><sub>e840c54a-7a4c-405f-b8c1-c49a54b87d11</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#description">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Common Private Network<br/><sup><sub>9bf57c23-fbab-4222-85f3-3f207a53c6a8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Undefined Description To DB Security Group<br/><sup><sub>940ddce2-26bd-4e31-a9b4-382714f73231</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#description">Documentation</a><br/>|
-|(Beta) Nifcloud Router Has Common Private Network<br/><sup><sub>30c2760c-740e-4672-9d7f-2c29e0cb385d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#network_id">Documentation</a><br/>|
-|Generic Git Module Without Revision<br/><sup><sub>3a81fc06-566f-492a-91dd-7448e409e2cd</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/modules/sources.html#selecting-a-revision">Documentation</a><br/>|
-|Name Is Not Snake Case<br/><sup><sub>1e434b25-8763-4b00-a5ca-ca03b7abbb66</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/extend/best-practices/naming.html#naming">Documentation</a><br/>|
-|Output Without Description<br/><sup><sub>59312e8a-a64e-41e7-a252-618533dd1ea8</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/values/outputs.html#description-output-value-documentation">Documentation</a><br/>|
-|Variable Without Description<br/><sup><sub>2a153952-2544-4687-bcc9-cc8fea814a9b</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
-|Variable Without Type<br/><sup><sub>fc5109bf-01fd-49fb-8bde-4492b543c34a</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
-|(Beta) CLB Listener Using Insecure Protocols<br/><sup><sub>fe08b81c-12e9-4b5e-9006-4218fca750fd</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_listener#protocol">Documentation</a><br/>|
-|(Beta) TKE Cluster Encryption Protection Disabled<br/><sup><sub>3ed47402-e322-465f-a0f0-8681135a17b0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_encryption_protection">Documentation</a><br/>|
-|(Beta) CDB Instance Internet Service Enabled<br/><sup><sub>5d820574-4a60-4916-b049-0810b8629731</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#internet_service">Documentation</a><br/>|
-|(Beta) CVM Instance Has Public IP<br/><sup><sub>a74b4602-a62c-4a02-956a-e19f86ea24b5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#allocate_public_ip">Documentation</a><br/>|
-|(Beta) Security Group Rule Set Accepts All Traffic<br/><sup><sub>d135a36e-c474-452f-b891-76db1e6d1cd5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/security_group_rule_set#ingress">Documentation</a><br/>|
-|(Beta) CDB Instance Without Backup Policy<br/><sup><sub>ca94be07-7de3-4ae7-85ef-67e0462ec694</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_backup_policy">Documentation</a><br/>|
-|(Beta) CLB Instance Log Setting Disabled<br/><sup><sub>ada01ed1-b10c-4f2a-b110-b20fa4f9baa6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_instance#log_set_id">Documentation</a><br/>|
-|(Beta) Disk Encryption Disabled<br/><sup><sub>1ee0f202-31da-49ba-bbce-04a989912e4b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/cbs_storage#encrypt">Documentation</a><br/>|
-|(Beta) TKE Cluster Has Public Access<br/><sup><sub>df6928ed-02f4-421f-9a67-a529860dd7e7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#public_ip_assigned">Documentation</a><br/>|
-|(Beta) CVM Instance Using Default Security Group<br/><sup><sub>93bb2065-63ec-45a2-a466-f106b56f2e32</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#orderly_security_groups">Documentation</a><br/>|
-|(Beta) CVM Instance Using User Data<br/><sup><sub>5bb6fa08-5e84-4760-a54a-cdcd66626976</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#user_data">Documentation</a><br/>|
-|(Beta) CDB Instance Internet Using Default Intranet Port<br/><sup><sub>18d6aa4b-7570-4d95-9c75-90363ef1abd9</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#intranet_port">Documentation</a><br/>|
-|(Beta) CVM Instance Using Default VPC<br/><sup><sub>b4e75c5c-83d5-4568-90e3-57ed5ec4051b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#vpc_id">Documentation</a><br/>|
-|(Beta) TKE Cluster Log Agent Is Not Enabled<br/><sup><sub>fe405074-7e18-40f9-9aef-024aa1d0a889</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#log_agent">Documentation</a><br/>|
-|(Beta) VPC Flow Logs Disabled<br/><sup><sub>a3240001-40db-47b7-abb9-2bcd6a04c430</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/vpc_flow_log_config#enable">Documentation</a><br/>|
-|(Beta) CVM Instance Disable Monitor Service<br/><sup><sub>966ed4f7-b8a5-4e8d-b2bf-098657c98960</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#disable_monitor_service">Documentation</a><br/>|
+|Type Has Invalid Keyword (v3)<br/><sup><sub>a9228976-10cf-4b5f-b902-9e962aad037a</sub></sup>|OpenAPI|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a" onclick="newWindowOpenerSafe(event, '../openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>bccb296f-362c-4b05-9221-86d1437a1016</sub></sup>|Pulumi|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dms/replicationinstance/">Documentation</a><br/>|
+|DynamoDB Table Not Encrypted<br/><sup><sub>b6a7e0ae-aed8-4a19-a993-a95760bf8836</sub></sup>|Pulumi|<span style="color:#bb2124">High</span>|Encryption|<a href="../pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#serversideencryption_yaml">Documentation</a><br/>|
+|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>9b18fc19-7fb8-49b1-8452-9c757c70f926</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Availability|<a href="../pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#azmode_yaml">Documentation</a><br/>|
+|ElastiCache Redis Cluster Without Backup<br/><sup><sub>e93bbe63-a631-4c0f-b6ef-700d48441ff2</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Backup|<a href="../pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#snapshotretentionlimit_yaml">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>f27791a5-e2ae-4905-8910-6f995c576d09</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#clientcertificateid_yaml">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>647de8aa-5a42-41b5-9faf-22136f117380</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/rds/instance/#publiclyaccessible_yaml">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>00603add-7f72-448f-a6c0-9e456a7a3f94</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#enforcehttps_yaml">Documentation</a><br/>|
+|API Gateway Access Logging Disabled<br/><sup><sub>bf4b48b9-fc1f-4552-984a-4becdb5bf503</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#accesslogsettings_yaml">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>2ca87964-fe7e-4cdc-899c-427f0f3525f8</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/docdb/cluster/#enabledcloudwatchlogsexports_yaml">Documentation</a><br/>|
+|EC2 Instance Monitoring Disabled<br/><sup><sub>daa581ef-731c-4121-832d-cf078f67759d</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#monitoring_yaml">Documentation</a><br/>|
+|Elasticsearch Logs Disabled<br/><sup><sub>a1120ee4-a712-42d9-8fb5-22595fed643b</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#logpublishingoptions_yaml">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>9850d621-7485-44f7-8bdd-b3cf426315cf</sub></sup>|Pulumi|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/iam/accountpasswordpolicy/#minimumpasswordlength_yaml">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>abcefee4-a0c1-4245-9f82-a473f79a9e2f</sub></sup>|Pulumi|<span style="color:#edd57e">Low</span>|Observability|<a href="../pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ecs/cluster/#settings_yaml">Documentation</a><br/>|
+|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>327b0729-4c5c-4c44-8b5c-e476cd9c7290</sub></sup>|Pulumi|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#pointintimerecovery_yaml">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>d991e4ae-42ab-429b-ab43-d5e5fa9ca633</sub></sup>|Pulumi|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#ebsoptimized_yaml">Documentation</a><br/>|
+|Storage Account Not Forcing HTTPS<br/><sup><sub>cb8e4bf0-903d-45c6-a278-9a947d82a27b</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b" onclick="newWindowOpenerSafe(event, '../pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/storage/storageaccount/#enablehttpstrafficonly_yaml">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>49e30ac8-f58e-4222-b488-3dcb90158ec1</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1" onclick="newWindowOpenerSafe(event, '../pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/cache/redis/#enablenonsslport_yaml">Documentation</a><br/>|
+|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>965e8830-2bec-4b9b-a7f0-24dbc200a68f</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f" onclick="newWindowOpenerSafe(event, '../pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/compute/sslpolicy/#mintlsversion_yaml">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>48f7e44d-d1d1-44c2-b336-9f11b65c4fb0</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0" onclick="newWindowOpenerSafe(event, '../pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/storage/bucket/#logging_yaml">Documentation</a><br/>|
+|PSP Set To Privileged<br/><sup><sub>ee305555-6b1d-4055-94cf-e22131143c34</sub></sup>|Pulumi|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34" onclick="newWindowOpenerSafe(event, '../pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/policy/v1beta1/podsecuritypolicy/#privileged_yaml">Documentation</a><br/>|
+|Missing App Armor Config<br/><sup><sub>95588189-1abd-4df1-9588-b0a5034f9e87</sub></sup>|Pulumi|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87" onclick="newWindowOpenerSafe(event, '../pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/core/v1/pod/#objectmeta">Documentation</a><br/>|
+|Serverless Role With Full Privileges<br/><sup><sub>59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd</sub></sup>|ServerlessFW|<span style="color:#bb2124">High</span>|Access Control|<a href="../serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/iam">Documentation</a><br/>|
+|Serverless Function Without Unique IAM Role<br/><sup><sub>165aae3b-a56a-48f3-b76d-d2b5083f5b8f</sub></sup>|ServerlessFW|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#functions">Documentation</a><br/>|
+|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>4495bc5d-4d1e-4a26-ae92-152d18195648</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#kms-keys">Documentation</a><br/>|
+|Serverless API Endpoint Config Not Private<br/><sup><sub>4d424558-c6d1-453c-be98-9a7f877abd9a</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#configuring-endpoint-types">Documentation</a><br/>|
+|Serverless API Access Logging Setting Undefined<br/><sup><sub>a4d32883-aac7-42e1-b403-9415af0f3846</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#logs">Documentation</a><br/>|
+|Serverless API X-Ray Tracing Disabled<br/><sup><sub>434945e5-4dfd-41b1-aba1-47075ccd9265</sub></sup>|ServerlessFW|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#aws-x-ray-tracing">Documentation</a><br/>|
+|Serverless API Without Content Encoding<br/><sup><sub>d5d1fe08-89db-440c-8725-b93223387309</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Encryption|<a href="../serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#compression">Documentation</a><br/>|
+|Serverless Function Without Dead Letter Queue<br/><sup><sub>dec7bc85-d156-4f64-9a33-96ed3d9f3fed</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#dead-letter-queue-dlq">Documentation</a><br/>|
+|Serverless Function Without Tags<br/><sup><sub>f99d3482-fa8c-4f79-bad9-35212dded164</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#tags">Documentation</a><br/>|
+|Serverless Function Without X-Ray Tracing<br/><sup><sub>0d7ef70f-e176-44e6-bdba-add3e429788d</sub></sup>|ServerlessFW|<span style="color:#edd57e">Low</span>|Observability|<a href="../serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#aws-x-ray-tracing">Documentation</a><br/>|
+|OSS Bucket Allows All Actions From All Principals<br/><sup><sub>ec62a32c-a297-41ca-a850-cab40b42094a</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|OSS Bucket Allows Delete Action From All Principals<br/><sup><sub>8c0695d8-2378-4cd6-8243-7fd5894fa574</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|OSS Bucket Allows Put Action From All Principals<br/><sup><sub>fe286195-e75c-4359-bd58-00847c4f855a</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>faaefc15-51a5-419e-bb5e-51a4b5ab3485</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#address">Documentation</a><br/>|
+|OSS Bucket Allows List Action From All Principals<br/><sup><sub>88541597-6f88-42c8-bac6-7e0b855e8ff6</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|OSS Bucket Public Access Enabled<br/><sup><sub>62232513-b16f-4010-83d7-51d0e1d45426</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#acl">Documentation</a><br/>|
+|Ecs Data Disk Kms Key Id Undefined<br/><sup><sub>f262118c-1ac6-4bb3-8495-cc48f1775b85</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#kms_key_id">Documentation</a><br/>|
+|Launch Template Is Not Encrypted<br/><sup><sub>1455cb21-1d48-46d6-8ae3-cef911b71fd5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/launch_template#encrypted">Documentation</a><br/>|
+|NAS File System Not Encrypted<br/><sup><sub>67bfdff1-31ce-4525-b564-e94368735360</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#encrypt_type">Documentation</a><br/>|
+|NAS File System Without KMS<br/><sup><sub>5f670f9d-b1b4-4c90-8618-2288f1ab9676</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#kms_key_id">Documentation</a><br/>|
+|RDS Instance TDE Status Disabled<br/><sup><sub>44d434ca-a9bf-4203-8828-4c81a8d5a598</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#tde_status">Documentation</a><br/>|
+|OSS Bucket Has Static Website<br/><sup><sub>2b13c6ff-b87a-484d-86fd-21ef6e97d426</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#website">Documentation</a><br/>|
+|OSS Bucket Ip Restriction Disabled<br/><sup><sub>6107c530-7178-464a-88bc-df9cdd364ac8</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|Public Security Group Rule All Ports or Protocols<br/><sup><sub>60587dbd-6b67-432e-90f7-a8cf1892d968</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
+|Public Security Group Rule Sensitive Port<br/><sup><sub>2ae9d554-23fb-4065-bfd1-fe43d5f7c419</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
+|Public Security Group Rule Unknown Port<br/><sup><sub>dd706080-b7a8-47dc-81fb-3e8184430ec0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
+|ActionTrail Trail OSS Bucket is Publicly Accessible<br/><sup><sub>69b5d7da-a5db-4db9-a42e-90b65d0efb0b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail">Documentation</a><br/>|
+|Ram Policy Admin Access Not Attached to Users Groups Roles<br/><sup><sub>e8e62026-da63-4904-b402-65adfe3ca975</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_policy">Documentation</a><br/>|
+|Ram Policy Attached to User<br/><sup><sub>66505003-7aba-45a1-8d83-5162d5706ef5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_user_policy_attachment">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>ed6e3ba0-278f-47b6-a1f5-173576b40b7e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
+|OSS Bucket Versioning Disabled<br/><sup><sub>70919c0b-2548-4e6b-8d7a-3d84ab6dabba</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#versioning">Documentation</a><br/>|
+|ROS Stack Retention Disabled<br/><sup><sub>4bb06fa1-2114-4a00-b7b5-6aeab8b896f0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack_instance#retain_stacks">Documentation</a><br/>|
+|ROS Stack Without Template<br/><sup><sub>92d65c51-5d82-4507-a2a1-d252e9706855</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>39750e32-3fe9-453b-8c33-dd277acdb2cc</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#encrypted">Documentation</a><br/>|
+|OSS Bucket Encryption Using CMK Disabled<br/><sup><sub>f20e97f9-4919-43f1-9be9-f203cd339cdd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#server_side_encryption_rule">Documentation</a><br/>|
+|SLB Policy With Insecure TLS Version In Use<br/><sup><sub>dbfc834a-56e5-4750-b5da-73fda8e73f70</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/slb_tls_cipher_policy">Documentation</a><br/>|
+|CS Kubernetes Node Pool Auto Repair Disabled<br/><sup><sub>81ce9394-013d-4731-8fcc-9d229b474073</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes_node_pool#auto_repair">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>1b4565c0-4877-49ac-ab03-adebbccd42ae</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#security_ips">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>ee3b1557-9fb5-4685-a95d-93f1edf2a0d7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/alb_listener">Documentation</a><br/>|
+|API Gateway API Protocol Not HTTPS<br/><sup><sub>1bcdf9f0-b1aa-40a4-b8c6-cd7785836843</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/api_gateway_api#protocol">Documentation</a><br/>|
+|OSS Buckets Secure Transport Disabled<br/><sup><sub>c01d10de-c468-4790-b3a0-fc887a56f289</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|RDS Instance SSL Action Disabled<br/><sup><sub>7a1ee8a9-71be-4b11-bb70-efb62d16863b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#ssl_action">Documentation</a><br/>|
+|Action Trail Logging For All Regions Disabled<br/><sup><sub>c065b98e-1515-4991-9dca-b602bd6a2fbb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail#trail_region">Documentation</a><br/>|
+|OSS Bucket Logging Disabled<br/><sup><sub>05db341e-de7d-4972-a106-3e2bd5ee53e1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#logging">Documentation</a><br/>|
+|RDS Instance Events Not Logged<br/><sup><sub>b9c524a4-fe76-4021-a6a2-cb978fb4fde1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_audit">Documentation</a><br/>|
+|RDS Instance Log Connections Disabled<br/><sup><sub>140869ea-25f2-40d4-a595-0c0da135114e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
+|RDS Instance Log Disconnections Disabled<br/><sup><sub>d53f4123-f8d8-4224-8cb3-f920b151cc98</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
+|RDS Instance Log Duration Disabled<br/><sup><sub>a597e05a-c065-44e7-9cc8-742f572a504a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
+|VPC Flow Logs Disabled<br/><sup><sub>d2731f3d-a992-44ed-812e-f4f1c2747d71</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc_flow_log">Documentation</a><br/>|
+|No ROS Stack Policy<br/><sup><sub>72ceb736-0aee-43ea-a191-3a69ab135681</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
+|High KMS Key Rotation Period<br/><sup><sub>cb319d87-b90f-485e-a7e7-f2408380f309</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key">Documentation</a><br/>|
+|Ram Account Password Policy Max Login Attempts Unrecommended<br/><sup><sub>e76fd7ab-7333-40c6-a2d8-ea28af4a319e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_login_attempts">Documentation</a><br/>|
+|Ram Account Password Policy Max Password Age Unrecommended<br/><sup><sub>2bb13841-7575-439e-8e0a-cccd9ede2fa8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_password_age">Documentation</a><br/>|
+|RAM Account Password Policy without Reuse Prevention<br/><sup><sub>a8128dd2-89b0-464b-98e9-5d629041dfe0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
+|RAM Security Preference Not Enforce MFA Login<br/><sup><sub>dcda2d32-e482-43ee-a926-75eaabeaa4e0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_security_preference#enforce_mfa_for_login">Documentation</a><br/>|
+|OSS Bucket Transfer Acceleration Disabled<br/><sup><sub>8f98334a-99aa-4d85-b72a-1399ca010413</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#transfer_acceleration">Documentation</a><br/>|
+|OSS Bucket Lifecycle Rule Disabled<br/><sup><sub>7db8bd7e-9772-478c-9ec5-4bc202c5686f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#lifecycle_rule">Documentation</a><br/>|
+|Kubernetes Cluster Without Terway as CNI Network Plugin<br/><sup><sub>b9b7ada8-3868-4a35-854e-6100a2bb863d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes#cluster_network_type">Documentation</a><br/>|
+|Log Retention Is Not Greater Than 90 Days<br/><sup><sub>ed6cf6ff-9a1f-491c-9f88-e03c0807f390</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_store#retention_period">Documentation</a><br/>|
+|RDS Instance Retention Period Not Recommended<br/><sup><sub>dc158941-28ce-481d-a7fa-dc80761edf46</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#sql_collector_config_value">Documentation</a><br/>|
+|ROS Stack Notifications Disabled<br/><sup><sub>9ef08939-ea40-489c-8851-667870b2ef50</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack#notification_urls">Documentation</a><br/>|
+|Ram Account Password Policy Not Require At Least one Lowercase Character<br/><sup><sub>89143358-cec6-49f5-9392-920c591c669c</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_lowercase_characters">Documentation</a><br/>|
+|RAM Account Password Policy Not Require at Least one Uppercase Character<br/><sup><sub>5e0fb613-ba9b-44c3-88f0-b44188466bfd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_uppercase_characters">Documentation</a><br/>|
+|Ram Account Password Policy Not Required Minimum Length<br/><sup><sub>a9dfec39-a740-4105-bbd6-721ba163c053</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#minimum_password_length">Documentation</a><br/>|
+|Ram Account Password Policy Not Required Numbers<br/><sup><sub>063234c0-91c0-4ab5-bbd0-47ddb5f23786</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_numbers">Documentation</a><br/>|
+|RAM Account Password Policy Not Required Symbols<br/><sup><sub>41a38329-d81b-4be4-aef4-55b2615d3282</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_symbols">Documentation</a><br/>|
+|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>030d3b18-1821-45b4-9e08-50efbe7becbb</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dms_replication_instance">Documentation</a><br/>|
+|ECR Repository Is Publicly Accessible<br/><sup><sub>e86e26fc-489e-44f0-9bcd-97305e4ba69a</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
+|S3 Bucket Access to Any Principal<br/><sup><sub>7af43613-6bb9-4a0e-8c4d-1314b799425e</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>38c5ee0d-7f22-4260-ab72-5073048df100</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
+|S3 Bucket ACL Grants WRITE_ACP Permission<br/><sup><sub>64a222aa-7793-4e40-915f-4b302c76e4d4</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl">Documentation</a><br/>|
+|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>ffdf4b37-7703-4dfe-a682-9d2e99bc6c09</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>d24c0755-c028-44b1-b503-8e719c898832</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket With All Permissions<br/><sup><sub>a4966c4f-9141-48b8-a564-ffe9959945bc</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
+|SNS Topic is Publicly Accessible<br/><sup><sub>b26d2b7e-60f6-413d-a3a1-a57db24aa2b3</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>35113e6f-2c6b-414d-beec-7a9482d3b2d1</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
+|DB Security Group With Public Scope<br/><sup><sub>1e0ef61b-ad85-4518-a3d3-85eaad164885</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
+|RDS Associated with Public Subnet<br/><sup><sub>2f737336-b18a-4602-8ea0-b200312e1ac1</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#db_subnet_group_name">Documentation</a><br/>|
+|CloudWatch Unauthorized Access Alarm Missing<br/><sup><sub>4c18a45b-4ab1-4790-9f83-399ac695f1e5</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Observability|<a href="../terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>09c35abf-5852-4622-ac7a-b987b331232e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role#assume_role_policy">Documentation</a><br/>|
+|ECS Service Admin Role Is Present<br/><sup><sub>3206240f-2e87-4e58-8d24-3e19e7c83d7c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
+|IAM Policy Grants Full Permissions<br/><sup><sub>575a2155-6af1-4026-b1af-d5bc8fe2a904</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
+|IAM Role With Full Privileges<br/><sup><sub>b1ffa705-19a3-4b73-b9d0-0c97d0663842</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
+|Lambda With Vulnerable Policy<br/><sup><sub>ad9dabc7-7839-4bae-a957-aa9120013f39</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission#action">Documentation</a><br/>|
+|MSK Broker Is Publicly Accessible<br/><sup><sub>54378d69-dd7c-4b08-a43e-80d563396857</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#public_access">Documentation</a><br/>|
+|Neptune Cluster Instance is Publicly Accessible<br/><sup><sub>9ba198e0-fef4-464a-8a4d-75ea55300de7</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster_instance#publicly_accessible">Documentation</a><br/>|
+|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>c91d7ea0-d4d1-403b-8fe1-c9961ac082c5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>57b9893d-33b1-4419-bcea-a717ea87e139</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl">Documentation</a><br/>|
+|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>1df37f4b-7197-45ce-83f8-9994d2fcf885</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket Allows List Action From All Principals<br/><sup><sub>66c6f96f-2d9e-417e-a998-9058aeeecd44</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket Allows Public Policy<br/><sup><sub>1a4bc881-9f69-4d44-8c9a-d37d08f54c50</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|S3 Bucket Public ACL Overridden By Public Access Block<br/><sup><sub>bf878b1a-7418-4de3-b13c-3a86cf894920</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block#bucket">Documentation</a><br/>|
+|Secrets Manager With Vulnerable Policy<br/><sup><sub>fa00ce45-386d-4718-8392-fb485e1f3c5b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_policy#policy">Documentation</a><br/>|
+|SES Policy With Allowed IAM Actions<br/><sup><sub>34b921bd-90a0-402e-a0a5-dc73371fd963</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ses_identity_policy#policy">Documentation</a><br/>|
+|SQS Policy Allows All Actions<br/><sup><sub>816ea8cf-d589-442d-a917-2dd0ce0e45e3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
+|SQS Queue Exposed<br/><sup><sub>abb06e5f-ef9a-4a99-98c6-376d396bfcdf</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#policy">Documentation</a><br/>|
+|AmazonMQ Broker Encryption Disabled<br/><sup><sub>3db3f534-e3a3-487f-88c7-0a9fbf64b702</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
+|API Gateway Method Settings Cache Not Encrypted<br/><sup><sub>b7c9a40c-23e4-4a2d-8d39-a3352f10f288</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#cache_data_encrypted">Documentation</a><br/>|
+|Athena Database Not Encrypted<br/><sup><sub>b2315cae-b110-4426-81e0-80bb8640cdd3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_database#encryption_configuration">Documentation</a><br/>|
+|Athena Workgroup Not Encrypted<br/><sup><sub>d364984a-a222-4b5f-a8b0-e23ab19ebff3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup#encryption_configuration">Documentation</a><br/>|
+|Aurora With Disabled at Rest Encryption<br/><sup><sub>1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
+|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>abdb29d4-5ca1-4e91-800b-b3569bbd788c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule">Documentation</a><br/>|
+|DAX Cluster Not Encrypted<br/><sup><sub>f11aec39-858f-4b6f-b946-0a1bf46c0c87</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dax_cluster#enabled">Documentation</a><br/>|
+|DB Instance Storage Not Encrypted<br/><sup><sub>08bd0760-8752-44e1-9779-7bb369b2b4e4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#storage_encrypted">Documentation</a><br/>|
+|DOCDB Cluster Not Encrypted<br/><sup><sub>bc1f9009-84a0-490f-ae09-3e0ea6d74ad6</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#storage_encrypted">Documentation</a><br/>|
+|DOCDB Cluster Without KMS<br/><sup><sub>4766d3ea-241c-4ee6-93ff-c380c996bd1a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
+|DynamoDB Table Not Encrypted<br/><sup><sub>ce089fd4-1406-47bd-8aad-c259772bb294</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#server_side_encryption">Documentation</a><br/>|
+|EBS Default Encryption Disabled<br/><sup><sub>3d3f6270-546b-443c-adb4-bb6fb2187ca6</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_encryption_by_default">Documentation</a><br/>|
+|EBS Volume Encryption Disabled<br/><sup><sub>cc997676-481b-4e93-aa81-d19f8c5e9b12</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted">Documentation</a><br/>|
+|EBS Volume Snapshot Not Encrypted<br/><sup><sub>e6b4b943-6883-47a9-9739-7ada9568f8ca</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_snapshot#encrypted">Documentation</a><br/>|
+|ECS Task Definition Volume Not Encrypted<br/><sup><sub>4d46ff3b-7160-41d1-a310-71d6d370b08f</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#transit_encryption">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>48207659-729f-4b5c-9402-f884257d794f</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#encrypted">Documentation</a><br/>|
+|EKS Cluster Encryption Disabled<br/><sup><sub>63ebcb19-2739-4d3f-aa5c-e8bbb9b85281</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#encryption_config">Documentation</a><br/>|
+|ElastiCache Replication Group Not Encrypted At Rest<br/><sup><sub>76976de7-c7b1-4f64-a94f-90c1345914c2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#at_rest_encryption_enabled">Documentation</a><br/>|
+|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
+|ElasticSearch Not Encrypted At Rest<br/><sup><sub>24e16922-4330-4e9d-be8a-caa90299466a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>4a800e14-c94a-442d-9067-5a2e9f6c0a4c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
+|Glue Data Catalog Encryption Disabled<br/><sup><sub>01d50b14-e933-4c99-b314-6d08cd37ad35</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_data_catalog_encryption_settings#data_catalog_encryption_settings">Documentation</a><br/>|
+|Glue Security Configuration Encryption Disabled<br/><sup><sub>ad5b4e97-2850-4adf-be17-1d293e0b85ee</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_security_configuration#encryption_configuration">Documentation</a><br/>|
+|Kinesis Not Encrypted With KMS<br/><sup><sub>862fe4bf-3eec-4767-a517-40f378886b88</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream">Documentation</a><br/>|
+|Kinesis SSE Not Configured<br/><sup><sub>5c6dd5e7-1fe0-4cae-8f81-4c122717cef3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream#server_side_encryption">Documentation</a><br/>|
+|Launch Configuration Is Not Encrypted<br/><sup><sub>4de9de27-254e-424f-bd70-4c1e95790838</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#encrypted">Documentation</a><br/>|
+|MSK Cluster Encryption Disabled<br/><sup><sub>6db52fa6-d4da-4608-908a-89f0c59e743e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#encryption_info">Documentation</a><br/>|
+|Neptune Database Cluster Encryption Disabled<br/><sup><sub>98d59056-f745-4ef5-8613-32bca8d40b7e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
+|RDS Database Cluster not Encrypted<br/><sup><sub>656880aa-1388-488f-a6d4-8f73c23149b2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_cluster_snapshot">Documentation</a><br/>|
+|RDS Storage Not Encrypted<br/><sup><sub>3199c26c-7871-4cb3-99c2-10a59244ce7f</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
+|Redis Not Compliant<br/><sup><sub>254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine_version">Documentation</a><br/>|
+|Redshift Not Encrypted<br/><sup><sub>cfdcabb0-fc06-427c-865b-c59f13e898ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
+|S3 Bucket Object Not Encrypted<br/><sup><sub>5fb49a69-8d46-4495-a2f8-9c8c622b2b6e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_object#server_side_encryption">Documentation</a><br/>|
+|Sagemaker Endpoint Configuration Encryption Disabled<br/><sup><sub>58b35504-0287-4154-bf69-02c0573deab8</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_endpoint_configuration#kms_key_arn">Documentation</a><br/>|
+|Sagemaker Notebook Instance Without KMS<br/><sup><sub>f3674e0c-f6be-43fa-b71c-bf346d1aed99</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_notebook_instance#kms_key_id">Documentation</a><br/>|
+|SNS Topic Not Encrypted<br/><sup><sub>28545147-2fc6-42d5-a1f9-cf226658e591</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
+|User Data Contains Encoded Private Key<br/><sup><sub>443488f5-c734-460b-a36d-5b3f330174dc</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#user_data_base64">Documentation</a><br/>|
+|Workspaces Workspace Volume Not Encrypted<br/><sup><sub>b9033580-6886-401a-8631-5f19f5bb24c7</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_workspace#root_volume_encryption_enabled">Documentation</a><br/>|
+|Batch Job Definition With Privileged Container Properties<br/><sup><sub>66cd88ac-9ddf-424a-b77e-e55e17630bee</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/batch_job_definition">Documentation</a><br/>|
+|DB Security Group Has Public Interface<br/><sup><sub>f0d8781f-99bf-4958-9917-d39283b168a0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
+|KMS Key With Vulnerable Policy<br/><sup><sub>7ebc9038-0bde-479a-acc4-6ed7b6758899</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
+|Lambda Function With Privileged Role<br/><sup><sub>1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
+|MQ Broker Is Publicly Accessible<br/><sup><sub>4eb5f791-c861-4afd-9f94-f2a6a3fe49cb</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
+|Redshift Publicly Accessible<br/><sup><sub>af173fde-95ea-4584-b904-bb3923ac4bda</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster">Documentation</a><br/>|
+|Root Account Has Active Access Keys<br/><sup><sub>970d224d-b42a-416b-81f9-8f4dfe70c4bc</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
+|S3 Static Website Host Enabled<br/><sup><sub>42bb6b7f-6d54-4428-b707-666f669d94fb</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#website">Documentation</a><br/>|
+|DB Security Group Open To Large Scope<br/><sup><sub>4f615f3e-fb9c-4fad-8b70-2e9f781806ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
+|Default Security Groups With Unrestricted Traffic<br/><sup><sub>46883ce1-dc3e-4b17-9195-c6a601624c73</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
+|Network ACL With Unrestricted Access To RDP<br/><sup><sub>a20be318-cac7-457b-911d-04cc6e812c25</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
+|Remote Desktop Port Open To Internet<br/><sup><sub>151187cb-0efc-481c-babd-ad24e3c9bc22</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Route53 Record Undefined<br/><sup><sub>25db74bf-fa3b-44da-934e-8c3e005c0453</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>381c3f2a-ef6f-4eff-99f7-b169cda3422c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Unknown Port Exposed To Internet<br/><sup><sub>590d878b-abdc-428f-895a-e2b68a0e1998</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Unrestricted Security Group Ingress<br/><sup><sub>4728cd65-a20c-49da-8b31-9c08b423e4db</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db')">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/security_group.html">Documentation</a><br/>|
+|VPC Default Security Group Accepts All Traffic<br/><sup><sub>9a4ef195-74b9-4c58-b8ed-2b2fe4353a75</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
+|VPC Peering Route Table with Unrestricted CIDR<br/><sup><sub>b3a41501-f712-4c4f-81e5-db9a7dc0e34e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route">Documentation</a><br/>|
+|CloudTrail Log Files S3 Bucket is Publicly Accessible<br/><sup><sub>bd0088a5-c133-4b20-b129-ec9968b16ef3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
+|Hardcoded AWS Access Key<br/><sup><sub>d7b9d850-3e06-4a75-852f-c46c2e92240b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
+|Hardcoded AWS Access Key In Lambda<br/><sup><sub>1402afd8-a95c-4e84-8b0b-6fb43758e6ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
+|AMI Shared With Multiple Accounts<br/><sup><sub>ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ami_launch_permission">Documentation</a><br/>|
+|API Gateway Method Does Not Contains An API Key<br/><sup><sub>671211c5-5d2a-4e97-8867-30fc28b02216</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
+|API Gateway Without Configured Authorizer<br/><sup><sub>0a96ce49-4163-4ee6-8169-eb3b0797d694</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_authorizer">Documentation</a><br/>|
+|Certificate Has Expired<br/><sup><sub>c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|EC2 Instance Using Default Security Group<br/><sup><sub>f1adc521-f79a-4d71-b55b-a68294687432</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#security_groups">Documentation</a><br/>|
+|EFS With Vulnerable Policy<br/><sup><sub>fae52418-bb8b-4ac2-b287-0b9082d6a3fd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system_policy#policy">Documentation</a><br/>|
+|Elasticsearch Domain With Vulnerable Policy<br/><sup><sub>16c4216a-50d3-4785-bfb2-4adb5144a8ba</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain_policy#access_policies">Documentation</a><br/>|
+|Elasticsearch Without IAM Authentication<br/><sup><sub>e7530c3c-b7cf-4149-8db9-d037a0b5268e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
+|Glue With Vulnerable Policy<br/><sup><sub>d25edb51-07fb-4a73-97d4-41cecdc53a22</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_resource_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>9b0ffadc-a61f-4c2a-b1e6-68fab60f6267</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>15e6ad8c-f420-49a6-bafb-074f5eb1ec74</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>7d544dad-8a6c-431c-84c1-5f07fe9afc0e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>8f3c16b3-354d-45db-8ad5-5066778a9485</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>970ed7a2-0aca-4425-acf1-0453c9ecbca1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>70b42736-efee-4bce-80d5-50358ed94990</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>3dd96caa-0b5f-4a85-b929-acfac4646cc2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>db78d14b-10e5-4e6e-84b1-dace6327b1ec</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>846646e3-2af1-428c-ac5d-271eccfa6faf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>04c686f1-e0cd-4812-88e1-4e038410074c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ec49cbfd-fae4-45f3-81b1-860526d66e3f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>e77c89f6-9c85-49ea-b95b-5f960fe5be92</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>c0c1e744-0f37-445e-924a-1846f0839f69</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>60263b4a-6801-4587-911d-919c37ed733b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>7782d4b3-e23e-432b-9742-d9528432e771</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>78f1ec6f-5659-41ea-bd48-d0a142dce4f2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>ad296c0d-8131-4d6b-b030-1b0e73a99ad3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>034d0aee-620f-4bf7-b7fb-efdf661fdb9e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>571254d8-aa6a-432e-9725-535d3ef04d69</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|IAM Access Key Is Exposed<br/><sup><sub>7081f85c-b94d-40fd-8b45-a4f1cac75e46</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
+|IAM Group Without Users<br/><sup><sub>fc101ca7-c9dd-4198-a1eb-0fbe92e80044</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_membership#users">Documentation</a><br/>|
+|IAM Policies Attached To User<br/><sup><sub>b4378389-a9aa-44ee-91e7-ef183f11079e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment">Documentation</a><br/>|
+|IAM Policies With Full Privileges<br/><sup><sub>2f37c4a3-58b9-4afe-8a87-d7f1d2286f84</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>bcdcbdc6-a350-4855-ae7c-d1e6436f7c97</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
+|IAM Role Allows All Principals To Assume<br/><sup><sub>12b7e704-37f0-4d1e-911a-44bf60c48c21</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
+|IAM Role Policy passRole Allows All<br/><sup><sub>e39bee8c-fe54-4a3f-824d-e5e2d1cca40a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-security-warning-pass-role-with-star-in-resource">Documentation</a><br/>|
+|IAM User With Access To Console<br/><sup><sub>9ec311bf-dfd9-421f-8498-0b063c8bc552</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
+|Lambda Permission Principal Is Wildcard<br/><sup><sub>e08ed7eb-f3ef-494d-9d22-2e3db756a347</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
+|Policy Without Principal<br/><sup><sub>bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html">Documentation</a><br/>|
+|Public and Private EC2 Share Role<br/><sup><sub>c53c7a89-f9d7-4c7b-8b66-8a555be99593</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
+|Public Lambda via API Gateway<br/><sup><sub>3ef8696c-e4ae-4872-92c7-520bb44dfe77</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
+|REST API With Vulnerable Policy<br/><sup><sub>b161c11b-a59b-4431-9a29-4e19f63e6b27</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>be2aa235-bd93-4b68-978a-1cc65d49082f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>30b88745-eebe-4ecb-a3a9-5cf886e96204</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>0a592060-8166-49f5-8e65-99ac6dce9871</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>eda48c88-2b7d-4e34-b6ca-04c0194aee17</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>b8a31292-509d-4b61-bc40-13b167db7e9c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>f906113d-cdc0-415a-ba60-609cc6daaf4d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>f465fff1-0a0f-457d-aa4d-1bddb6f204ff</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>7c96920c-6fd0-449d-9a52-0aa431b6beaf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>5b4d4aee-ac94-4810-9611-833636e5916d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>9a205ba3-0dd1-42eb-8d54-2ffec836b51a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ee49557d-750c-4cc1-aa95-94ab36cbefde</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>d6047119-a0b2-4b59-a4f2-127a36fb685b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>8f75840d-9ee7-42f3-b203-b40e3979eb12</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>118281d0-6471-422e-a7c5-051bc667926e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>f1173d8c-3264-4148-9fdb-61181e031b51</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>35ccf766-0e4d-41ed-9ec4-2dab155082b4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>fa62ac4f-f5b9-45b9-97c1-625c8b6253ca</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>c583f0f9-7dfd-476b-a056-f47c62b47b46</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|S3 Bucket Allows Public ACL<br/><sup><sub>d0cc8694-fcad-43ff-ac86-32331d7e867f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>5ea624e4-c8b1-4bb3-87a4-4235a776adcc</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy">Documentation</a><br/>|
+|SQS Policy With Public Access<br/><sup><sub>730675f9-52ed-49b6-8ead-0acb5dd7df7f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
+|SSO Identity User Unsafe Creation<br/><sup><sub>4003118b-046b-4640-b200-b8c7a4c8b89f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_user">Documentation</a><br/>|
+|SSO Policy with full privileges<br/><sup><sub>132a8c31-9837-4203-9fd1-15ca210c7b73</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set_inline_policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>19ffbe31-9d72-4379-9768-431195eae328</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>89561b03-cb35-44a9-a7e9-8356e71606f4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>94fbe150-27e3-4eba-9ca6-af32865e4503</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>9b877bd8-94b4-4c10-a060-8e0436cc09fa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>bf9d42c7-c2f9-4dfe-942c-c8cc8249a081</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>6d23d87e-1c5b-4308-b224-92624300f29b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>e227091e-2228-4b40-b046-fc13650d8e88</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>70cb518c-d990-46f6-bc05-44a5041493d6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>113208f2-a886-4526-9ecc-f3218600e12c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>0fd7d920-4711-46bd-aff2-d307d82cd8b7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>1743f5f1-0bb0-4934-acef-c80baa5dadfa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>8bfbf7ab-d5e8-4100-8618-798956e101e0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eeb4d37a-3c59-4789-a00c-1509bc3af1e5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>0c10d7da-85c4-4d62-b2a8-d6c104f1bd77</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>43a41523-386a-4cb1-becb-42af6b414433</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>33627268-1445-4385-988a-318fd9d1a512</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>6deb34e2-5d9c-499a-801b-ea6d9eda894f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>8055dec2-efb8-4fe6-8837-d9bed6ff202a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>b69247e5-7e73-464e-ba74-ec9b715c6e12</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|Auto Scaling Group With No Associated ELB<br/><sup><sub>8e94dced-9bcc-4203-8eb7-7e41202b2505</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#load_balancers">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>7350fa23-dcf7-4938-916d-6a60b0c73b50</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
+|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>6db03a91-f933-4f13-ab38-a8b87a7de54d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster">Documentation</a><br/>|
+|ElastiCache Redis Cluster Without Backup<br/><sup><sub>8fdb08a0-a868-4fdf-9c27-ccab0237f1ab</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#snapshot_retention_limit">Documentation</a><br/>|
+|RDS Cluster With Backup Disabled<br/><sup><sub>e542bd46-58c4-4e0f-a52a-1fb4f9548e02</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#backup_retention_period">Documentation</a><br/>|
+|RDS With Backup Disabled<br/><sup><sub>1dc73fb4-5b51-430c-8c5f-25dcf9090b02</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
+|S3 Bucket Without Versioning<br/><sup><sub>568a4d22-3517-44a6-a7ad-6a7eed88722c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning">Documentation</a><br/>|
+|Stack Retention Disabled<br/><sup><sub>6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set_instance#stack_set_name">Documentation</a><br/>|
+|ALB Not Dropping Invalid Headers<br/><sup><sub>6e3fd2ed-5c83-4c68-9679-7700d224d379</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#drop_invalid_header_fields">Documentation</a><br/>|
+|AMI Not Encrypted<br/><sup><sub>8bbb242f-6e38-4127-86d4-d8f0b2687ae2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami">Documentation</a><br/>|
+|CA Certificate Identifier Is Outdated<br/><sup><sub>9f40c07e-699e-4410-8856-3ba0f2e3a2dd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
+|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>55af1353-2f62-4fa0-a8e1-a210ca2708f5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|CloudWatch Log Group Without KMS<br/><sup><sub>0afbcfe9-d341-4b92-a64c-7e6de0543879</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
+|ElastiCache Replication Group Not Encrypted At Transit<br/><sup><sub>1afbb3fa-cf6c-4a3d-b730-95e9f4df343e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#transit_encryption_enabled">Documentation</a><br/>|
+|Elasticsearch Domain Not Encrypted Node To Node<br/><sup><sub>967eb3e6-26fc-497d-8895-6428beb6e8e2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#node_to_node_encryption">Documentation</a><br/>|
+|ELB Using Insecure Protocols<br/><sup><sub>126c1788-23c2-4a10-906c-ef179f4f96ec</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
+|IAM Database Auth Not Enabled<br/><sup><sub>88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#iam_database_authentication_enabled">Documentation</a><br/>|
+|S3 Bucket Policy Accepts HTTP Requests<br/><sup><sub>4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy#policy">Documentation</a><br/>|
+|Secretsmanager Secret Encrypted With AWS Managed Key<br/><sup><sub>b0d3ef3f-845d-4b1b-83d6-63a5a380375f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
+|Secretsmanager Secret Without KMS<br/><sup><sub>a2f548f2-188c-4fff-b172-e9a6acb216bd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
+|Secure Ciphers Disabled<br/><sup><sub>5c0003fb-9aa0-42c1-9da3-eb0e332bef21</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|SNS Topic Encrypted With AWS Managed Key<br/><sup><sub>b1a72f66-2236-4f3b-87ba-0da1b366956f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>6e8849c1-3aa7-40e3-9063-b85ee300f29f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue">Documentation</a><br/>|
+|SSM Session Transit Encryption Disabled<br/><sup><sub>ce60cc6b-6831-4bd7-84a2-cc7f8ee71433</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_document#content">Documentation</a><br/>|
+|ALB Deletion Protection Disabled<br/><sup><sub>afecd1f1-6378-4f7e-bb3b-60c35801fdd4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#enable_deletion_protection">Documentation</a><br/>|
+|API Gateway With Open Access<br/><sup><sub>15ccec05-5476-4890-ad19-53991eba1db8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
+|API Gateway Without Security Policy<br/><sup><sub>4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_domain_name#security_policy">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>0b4869fc-a842-4597-aa00-1294df425440</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#client_certificate_id">Documentation</a><br/>|
+|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>874d68a3-bfbe-4a4b-aaa0-9e74d7da634b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>00e5e55e-c2ff-46b3-a757-a7a1cd802456</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|ECR Image Tag Not Immutable<br/><sup><sub>d1846b12-20c5-4d45-8798-fc35b79268eb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository">Documentation</a><br/>|
+|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>9f4a9409-9c60-4671-be96-9716dbf63db1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#network_mode">Documentation</a><br/>|
+|EKS Cluster Has Public Access<br/><sup><sub>42f4b905-3736-4213-bfe9-c0660518cda8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
+|IAM User Has Too Many Access Keys<br/><sup><sub>3561130e-9c5f-485b-9e16-2764c82763e5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#user">Documentation</a><br/>|
+|No Password Policy Enabled<br/><sup><sub>b592ffd4-0577-44b6-bd35-8c5ee81b5918</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
+|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>98a8f708-121b-455b-ae2f-da3fb59d17e1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#cors_rule">Documentation</a><br/>|
+|S3 Bucket Without Ignore Public ACL<br/><sup><sub>4fa66806-0dd9-4f8d-9480-3174d39c7c91</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>1ec253ab-c220-4d63-b2de-5b40e0af9293</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|Service Control Policies Disabled<br/><sup><sub>5ba6229c-8057-433e-91d0-21cf13569ca9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy">Documentation</a><br/>|
+|Default VPC Exists<br/><sup><sub>96ed3526-0179-4c73-b1b2-372fde2e0d13</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc">Documentation</a><br/>|
+|Vulnerable Default SSL Certificate<br/><sup><sub>3a1e94df-6847-4c0e-a3b6-6c6af4e128ef</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|ALB Is Not Integrated With WAF<br/><sup><sub>0afa6ab8-a047-48cf-be07-93a2f8c34cf7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>de7f5e83-da88-4046-871f-ea18504b1d43</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener">Documentation</a><br/>|
+|API Gateway Endpoint Config is Not Private<br/><sup><sub>6b2739db-9c49-4db7-b980-7816e0c248c1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|API Gateway without WAF<br/><sup><sub>a186e82c-1078-4a7b-85d8-579561fde884</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association#resource_arn">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>1419b4c6-6d5c-4534-9cf6-6a5266085333</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|EC2 Instance Has Public IP<br/><sup><sub>5a2486aa-facf-477d-a5c1-b010789459ce</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#associate_public_ip_address">Documentation</a><br/>|
+|EKS Cluster Has Public Access CIDRs<br/><sup><sub>61cf9883-1752-4768-b18c-0d57f2737709</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
+|EKS node group remote access disabled<br/><sup><sub>ba40ace1-a047-483c-8a8d-bc2d3a67a82d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group#remote_access">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#enforce_https">Documentation</a><br/>|
+|HTTP Port Open To Internet<br/><sup><sub>ffac8a12-322e-42c1-b9b9-81ff85c39ef7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Network ACL With Unrestricted Access To SSH<br/><sup><sub>3af7f2fd-06e6-4dab-b996-2912bea19ba4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
+|Security Group With Unrestricted Access To SSH<br/><sup><sub>65905cec-d691-4320-b320-2000436cb696</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e35c16a2-d54e-419d-8546-a804d8e024d0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>54c417bf-c762-48b9-9d31-b3d87047e3f0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|VPC Subnet Assigns Public IP<br/><sup><sub>52f04a44-6bfa-4c41-b1d3-4ae99a2de05c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch">Documentation</a><br/>|
+|VPC Without Network Firewall<br/><sup><sub>fd632aaf-b8a1-424d-a4d1-0de22fd3247a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall#vpc_id">Documentation</a><br/>|
+|API Gateway Access Logging Disabled<br/><sup><sub>1b6799eb-4a7a-4b04-9001-8cceb9999326</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#access_log_settings">Documentation</a><br/>|
+|API Gateway Deployment Without Access Log Setting<br/><sup><sub>625abc0e-f980-4ac9-a775-f7519ee34296</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
+|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>982aa526-6970-4c59-8b9b-2ce7e019fe36</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#managing-the-api-logging-cloudwatch-log-group">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>94690d79-b3b0-43de-b656-84ebef5753e5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|CloudTrail Log Files S3 Bucket with Logging Disabled<br/><sup><sub>ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
+|CloudTrail Logging Disabled<br/><sup><sub>4bb76f17-3d63-4529-bdca-2b454529d774</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_logging">Documentation</a><br/>|
+|CloudWatch AWS Config Configuration Changes Alarm Missing<br/><sup><sub>5b8d7527-de8e-4114-b9dd-9d988f1f418f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Changes To NACL Alarm Missing<br/><sup><sub>0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|Cloudwatch Cloudtrail Configuration Changes Alarm Missing<br/><sup><sub>0f6cbf69-41bb-47dc-93f3-3844640bf480</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing<br/><sup><sub>56a585f5-555c-48b2-8395-e64e4740a9cf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Logging Disabled<br/><sup><sub>7dbba512-e244-42dc-98bb-422339827967</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_query_log">Documentation</a><br/>|
+|CloudWatch Management Console Auth Failed Alarm Missing<br/><sup><sub>5864d189-ee9a-4009-ac0c-8a582e6b7919</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Metrics Disabled<br/><sup><sub>081069cb-588b-4ce1-884c-2a1ce3029fe5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#metrics_enabled">Documentation</a><br/>|
+|CloudWatch Root Account Use Missing<br/><sup><sub>8b1b1e67-6248-4dca-bbad-93486bb181c0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch S3 policy Change Alarm Missing<br/><sup><sub>27c6a499-895a-4dc7-9617-5c485218db13</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|Cloudwatch Security Group Changes Alarm Missing<br/><sup><sub>4beaf898-9f8b-4237-89e2-5ffdc7ee6006</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch VPC Changes Alarm Missing<br/><sup><sub>9d0d4512-1959-43a2-a17f-72360ff06d1b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>56f6a008-1b14-4af4-b9b2-ab7cf7e27641</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
+|EC2 Instance Monitoring Disabled<br/><sup><sub>23b70e32-032e-4fa6-ba5c-82f56b9980e6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#monitoring">Documentation</a><br/>|
+|EKS cluster logging is not enabled<br/><sup><sub>37304d3f-f852-40b8-ae3f-725e87a7cedf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabled_cluster_log_types">Documentation</a><br/>|
+|Elasticsearch Log Disabled<br/><sup><sub>acb6b4e2-a086-4f35-aefd-4db6ea51ada2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
+|ELB Access Log Disabled<br/><sup><sub>20018359-6fd7-4d05-ab26-d4dffccbdf79</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elb#enabled">Documentation</a><br/>|
+|Global Accelerator Flow Logs Disabled<br/><sup><sub>96e8183b-e985-457b-90cd-61c0503a3369</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/globalaccelerator_accelerator#flow_logs_enabled">Documentation</a><br/>|
+|GuardDuty Detector Disabled<br/><sup><sub>704dadd3-54fc-48ac-b6a0-02f170011473</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector#example-usage">Documentation</a><br/>|
+|Missing Cluster Log Types<br/><sup><sub>66f130d9-b81d-4e8e-9b08-da74b9c891df</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df')">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/eks_cluster.html">Documentation</a><br/>|
+|MQ Broker Logging Disabled<br/><sup><sub>31245f98-a6a9-4182-9fc1-45482b9d030a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
+|MSK Cluster Logging Disabled<br/><sup><sub>2f56b7ab-7fba-4e93-82f0-247e5ddeb239</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#broker_logs">Documentation</a><br/>|
+|Neptune Logging Is Disabled<br/><sup><sub>45cff7b6-3b80-40c1-ba7b-2cf480678bb8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#enable_cloudwatch_logs_exports">Documentation</a><br/>|
+|RDS Without Logging<br/><sup><sub>8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
+|Redshift Cluster Logging Disabled<br/><sup><sub>15ffbacc-fa42-4f6f-a57d-2feac7365caa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#enable">Documentation</a><br/>|
+|S3 Bucket Logging Disabled<br/><sup><sub>f861041c-8c9f-4156-acfc-5e6e524f5884</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
+|S3 Bucket Object Level CloudTrail Logging Disabled<br/><sup><sub>a8fc2180-b3ac-4c93-bd0d-a55b974e4b07</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#event_selector">Documentation</a><br/>|
+|Stack Notifications Disabled<br/><sup><sub>b72d0026-f649-4c91-a9ea-15d8f681ac09</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
+|VPC FlowLogs Disabled<br/><sup><sub>f83121ea-03da-434f-9277-9cd247ab3047</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc">Documentation</a><br/>|
+|No Stack Policy<br/><sup><sub>2f01fb2d-828a-499d-b98e-b83747305052</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
+|Authentication Without MFA<br/><sup><sub>3ddfa124-6407-4845-a501-179f90c65097</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy">Documentation</a><br/>|
+|CloudWatch Logs Destination With Vulnerable Policy<br/><sup><sub>db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_destination_policy#access_policy">Documentation</a><br/>|
+|EC2 Instance Using API Keys<br/><sup><sub>0b93729a-d882-4803-bdc3-ac429a21f158</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
+|SSO Permission With Inadequate User Session Duration<br/><sup><sub>ce9dfce0-5fc8-433b-944a-3b16153111a8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set">Documentation</a><br/>|
+|Autoscaling Groups Supply Tags<br/><sup><sub>ba48df05-eaa1-4d64-905e-4a4b051e7587</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#tag-and-tags">Documentation</a><br/>|
+|ECS Service Without Running Tasks<br/><sup><sub>91f16d09-689e-4926-aca7-155157f634ed</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
+|Automatic Minor Upgrades Disabled<br/><sup><sub>3b6d777b-76e3-4133-80a3-0d6f667ade7f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#auto_minor_version_upgrade">Documentation</a><br/>|
+|CDN Configuration Is Missing<br/><sup><sub>1bc367f6-901d-4870-ad0c-71d79762ef52</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|Cognito UserPool Without MFA<br/><sup><sub>ec28bf61-a474-4dbe-b414-6dd3a067d6f0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool">Documentation</a><br/>|
+|ECR Repository Without Policy<br/><sup><sub>69e7c320-b65d-41bb-be02-d63ecc0bcc9d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
+|IAM Access Analyzer Not Enabled<br/><sup><sub>e592a0c5-5bdb-414c-9066-5dba7cdea370</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/accessanalyzer_analyzer">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>1bc1c685-e593-450e-88fb-19db4c82aa1d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
+|Lambda IAM InvokeFunction Misconfigured<br/><sup><sub>0ca1017d-3b80-423e-bb9c-6cd5898d34bd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
+|Lambda Permission Misconfigured<br/><sup><sub>75ec6890-83af-4bf1-9f16-e83726df0bd0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
+|Misconfigured Password Policy Expiration<br/><sup><sub>ce60d060-efb8-4bfd-9cf7-ff8945d00d90</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
+|Password Without Reuse Prevention<br/><sup><sub>89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
+|Stack Without Template<br/><sup><sub>91bea7b8-0c31-4863-adc9-93f6177266c4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
+|API Gateway With Invalid Compression<br/><sup><sub>ed35928e-195c-4405-a252-98ccb664ab7b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>5d9e3164-9265-470c-9a10-57ae454ac0c7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#kms_key_id">Documentation</a><br/>|
+|CodeBuild Project Encrypted With AWS Managed Key<br/><sup><sub>3deec14b-03d2-4d27-9670-7d79322e3340</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codebuild_project#encryption_key">Documentation</a><br/>|
+|DOCDB Cluster Encrypted With AWS Managed Key<br/><sup><sub>2134641d-30a4-4b16-8ffc-2cd4c4ffd15d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
+|ECR Repository Not Encrypted With CMK<br/><sup><sub>0e32d561-4b5a-4664-a6e3-a3fa85649157</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#encryption_configuration">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>25d251f3-f348-4f95-845c-1090e41a615c</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#kms_key_id">Documentation</a><br/>|
+|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>9ef7d25d-9764-4224-9968-fa321c56ef76</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
+|IAM User Policy Without MFA<br/><sup><sub>b5681959-6c09-4f55-b42b-c40fa12d03ec</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html">Documentation</a><br/>|
+|Instance With No VPC<br/><sup><sub>a31a5a29-718a-4ff4-8001-a69e5e4d029e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
+|Redis Disabled<br/><sup><sub>4bd15dd9-8d5e-4008-8532-27eb0c3706d3</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine">Documentation</a><br/>|
+|Redshift Cluster Without VPC<br/><sup><sub>0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#vpc_security_group_ids">Documentation</a><br/>|
+|S3 Bucket Without Enabled MFA Delete<br/><sup><sub>c5b31ab9-0f26-4a49-b8aa-4cc064392f4d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#mfa_delete">Documentation</a><br/>|
+|Dynamodb VPC Endpoint Without Route Table Association<br/><sup><sub>0bc534c5-13d1-4353-a7fe-b8665d5c1d7d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint#vpc_id">Documentation</a><br/>|
+|EC2 Instance Using Default VPC<br/><sup><sub>7e4a6e76-568d-43ef-8c4e-36dea481bff1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#subnet_id">Documentation</a><br/>|
+|ElastiCache Using Default Port<br/><sup><sub>5d89db57-8b51-4b38-bb76-b9bd42bd40f0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#port">Documentation</a><br/>|
+|ElastiCache Without VPC<br/><sup><sub>8c849af7-a399-46f7-a34c-32d3dc96f1fc</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#subnet_group_name">Documentation</a><br/>|
+|EMR Without VPC<br/><sup><sub>2b3c8a6d-9856-43e6-ab1d-d651094f03b4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/emr_cluster#subnet_id">Documentation</a><br/>|
+|RDS Using Default Port<br/><sup><sub>bca7cc4d-b3a4-4345-9461-eb69c68fcd26</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#port">Documentation</a><br/>|
+|Redshift Using Default Port<br/><sup><sub>41abc6cc-dde1-4217-83d3-fb5f0cc09d8f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#port">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>92fe237e-074c-4262-81a4-2077acb928c1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Shield Advanced Not In Use<br/><sup><sub>084c6686-2a70-4710-91b1-000393e54c12</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/shield_protection#resource_arn">Documentation</a><br/>|
+|SQS VPC Endpoint Without DNS Resolution<br/><sup><sub>e9b7acf9-9ba0-4837-a744-31e7df1e434d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_dns_support">Documentation</a><br/>|
+|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>b3a59b8e-94a3-403e-b6e2-527abaf12034</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
+|API Gateway X-Ray Disabled<br/><sup><sub>5813ef56-fa94-406a-b35d-977d4a56ff2b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#xray_tracing_enabled">Documentation</a><br/>|
+|CloudTrail Log File Validation Disabled<br/><sup><sub>52ffcfa6-6c70-4ea6-8376-d828d3961669</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_log_file_validation">Documentation</a><br/>|
+|CloudTrail Multi Region Disabled<br/><sup><sub>8173d5eb-96b5-4aa6-a71b-ecfa153c123d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#is_multi_region_trail">Documentation</a><br/>|
+|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>17b30f8f-8dfb-4597-adf6-57600b6cf25e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
+|CloudTrail SNS Topic Name Undefined<br/><sup><sub>482b7d26-0bdb-4b5f-bf6f-545826c0a3dd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
+|CloudWatch Console Sign-in Without MFA Alarm Missing<br/><sup><sub>44ceb4fa-0897-4fd2-b676-30e7a58f2933</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch IAM Policy Changes Alarm Missing<br/><sup><sub>eaaba502-2f94-411a-a3c2-83d63cc1776d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Network Gateways Changes Alarm Missing<br/><sup><sub>6b6874fe-4c2f-4eea-8b90-7cceaa4a125e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Route Table Changes Alarm Missing<br/><sup><sub>2285e608-ddbc-47f3-ba54-ce7121e31216</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CMK Rotation Disabled<br/><sup><sub>22fbfeac-7b5a-421a-8a27-7a2178bb910b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#enable_key_rotation">Documentation</a><br/>|
+|Configuration Aggregator to All Regions Disabled<br/><sup><sub>ac5a0bc0-a54c-45aa-90c3-15f7703b9132</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator#all_regions">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>97cb0688-369a-4d26-b1f7-86c4c91231bc</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster#setting">Documentation</a><br/>|
+|ElasticSearch Without Slow Logs<br/><sup><sub>e979fcbc-df6c-422d-9458-c33d65e71c45</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
+|KMS Key With No Deletion Window<br/><sup><sub>0b530315-0ea4-497f-b34c-4ff86268f59d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
+|Lambda Functions Without X-Ray Tracing<br/><sup><sub>8152e0cf-d2f0-47ad-96d5-d003a76eabd1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#tracing_config">Documentation</a><br/>|
+|Unscanned ECR Image<br/><sup><sub>9630336b-3fed-4096-8173-b9afdfe346a7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#scan_on_push">Documentation</a><br/>|
+|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>c999cf62-0920-40f8-8dda-0caccd66ed7e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage">Documentation</a><br/>|
+|Security Group Not Used<br/><sup><sub>4849211b-ac39-479e-ae78-5694d506cb24</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>741f1291-47ac-4a85-a07b-3d32a9d6bd3e</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#point_in_time_recovery">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>60224630-175a-472a-9e23-133827040766</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/60224630-175a-472a-9e23-133827040766" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/60224630-175a-472a-9e23-133827040766')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs_optimized">Documentation</a><br/>|
+|Resource Not Using Tags<br/><sup><sub>e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/resource-tagging">Documentation</a><br/>|
+|Security Group Rule Without Description<br/><sup><sub>cb3f5ed6-0d18-40de-a93d-b3538db31e8c</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
+|Security Group Rule Without Description<br/><sup><sub>68eb4bf3-f9bf-463d-b5cf-e029bb446d2e</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
+|CloudWatch AWS Organizations Changes Missing Alarm<br/><sup><sub>38b85c45-e772-4de8-a247-69619ca137b3</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Without Retention Period Specified<br/><sup><sub>ef0b316a-211e-42f1-888e-64efe172b755</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
+|BOM - AWS DynamoDB<br/><sup><sub>23edf35f-7c22-4ff9-87e6-0ca74261cfbf</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EBS<br/><sup><sub>86571149-eef3-4280-a645-01e60df854b0</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EFS<br/><sup><sub>f53f16d6-46a9-4277-9fbe-617b1e24cdca</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Elasticache<br/><sup><sub>54229498-850b-4f78-b3a7-218d24ef2c37</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Kinesis<br/><sup><sub>0e59d33e-bba2-4037-8f88-9765647ca7ad</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MQ<br/><sup><sub>fcb1b388-f558-4b7f-9b6e-f4e98abb7380</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MSK<br/><sup><sub>051f2063-2517-4295-ad8e-ba88c1bf5cfc</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS RDS<br/><sup><sub>12933609-c5bf-44b4-9a41-a6467c3b685b</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS S3 Buckets<br/><sup><sub>2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SNS<br/><sup><sub>eccc4d59-74b9-4974-86f1-74386e0c7f33</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SQS<br/><sup><sub>baecd2da-492a-4d59-b9dc-29540a1398e0</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>c2a3efb6-8a58-481c-82f2-bfddf34bb4b7</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account#ip_range_filter">Documentation</a><br/>|
+|Redis Entirely Accessible<br/><sup><sub>fd8da341-6760-4450-b26c-9f6d8850575e</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
+|Redis Publicly Accessible<br/><sup><sub>5089d055-53ff-421b-9482-a5267bdce629</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
+|SQLServer Ingress From Any IP<br/><sup><sub>25c0ea09-f1c5-4380-b055-3b83863f2bb8</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
+|Unrestricted SQL Server Access<br/><sup><sub>d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
+|Public Storage Account<br/><sup><sub>17f75827-0684-48f4-8747-61129c7e4198</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
+|Storage Container Is Publicly Accessible<br/><sup><sub>dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container#container_access_type">Documentation</a><br/>|
+|Azure Container Registry With No Locks<br/><sup><sub>a187ac47-8163-42ce-8a63-c115236be6fb</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry">Documentation</a><br/>|
+|Security Group is Not Configured<br/><sup><sub>5c822443-e1ea-46b8-84eb-758ec602e844</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azure/r/virtual_network.html">Documentation</a><br/>|
+|MariaDB Server Public Network Access Enabled<br/><sup><sub>7f0a8696-7159-4337-ad0d-8a3ab4a78195</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#public_network_access_enabled">Documentation</a><br/>|
+|MSSQL Server Public Network Access Enabled<br/><sup><sub>ade36cf4-329f-4830-a83d-9db72c800507</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server#public_network_access_enabled">Documentation</a><br/>|
+|MySQL Server Public Access Enabled<br/><sup><sub>f118890b-2468-42b1-9ce9-af35146b425b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server#public_network_access_enabled">Documentation</a><br/>|
+|RDP Is Exposed To The Internet<br/><sup><sub>efbf6449-5ec5-4cfe-8f15-acc51e0d787c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>594c198b-4d79-41b8-9b36-fde13348b619</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Admin User Enabled For Container Registry<br/><sup><sub>b897dfbf-322c-45a8-b67c-1e698beeaa51</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/container_registry.html">Documentation</a><br/>|
+|AKS RBAC Disabled<br/><sup><sub>86f92117-eed8-4614-9c6c-b26da20ff37f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#role_based_access_control">Documentation</a><br/>|
+|App Service Authentication Disabled<br/><sup><sub>c7fc1481-2899-4490-bbd8-544a3a61a2f3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#enabled">Documentation</a><br/>|
+|Function App Authentication Disabled<br/><sup><sub>e65a0733-94a0-4826-82f4-df529f4c593f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#auth_settings">Documentation</a><br/>|
+|Role Assignment Not Limit Guest User Permissions<br/><sup><sub>8e75e431-449f-49e9-b56a-c8f1378025cf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment">Documentation</a><br/>|
+|Role Definition Allows Custom Role Creation<br/><sup><sub>3fa5900f-9aac-4982-96b2-a6143d9c99fb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_definition#actions">Documentation</a><br/>|
+|Storage Share File Allows All ACL Permissions<br/><sup><sub>48bbe0fd-57e4-4678-a4a1-119e79c90fc3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_share_file">Documentation</a><br/>|
+|Storage Table Allows All ACL Permissions<br/><sup><sub>3ac3e75c-6374-4a32-8ba0-6ed69bda404e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table#permissions">Documentation</a><br/>|
+|Azure Instance Using Basic Authentication<br/><sup><sub>dafe30ec-325d-4516-85d1-e8e6776f012c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#admin_ssh_key">Documentation</a><br/>|
+|Key Vault Secrets Content Type Undefined<br/><sup><sub>f8e08a38-fc6e-4915-abbe-a7aadf1d59ef</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type">Documentation</a><br/>|
+|Security Contact Email<br/><sup><sub>34664094-59e0-4524-b69f-deaa1a68cce3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact#email">Documentation</a><br/>|
+|App Service Not Using Latest TLS Encryption Version<br/><sup><sub>b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version">Documentation</a><br/>|
+|Encryption On Managed Disk Disabled<br/><sup><sub>a99130ab-4c0e-43aa-97f8-78d4fcb30024</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk#encryption_settings">Documentation</a><br/>|
+|Function App Not Using Latest TLS Encryption Version<br/><sup><sub>45fc717a-bd86-415c-bdd8-677901be1aa6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#min_tls_version">Documentation</a><br/>|
+|MySQL SSL Connection Disabled<br/><sup><sub>73e42469-3a86-4f39-ad78-098f325b4e9f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server">Documentation</a><br/>|
+|SSL Enforce Disabled<br/><sup><sub>0437633b-daa6-4bbc-8526-c0d2443b946e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
+|Storage Account Not Forcing HTTPS<br/><sup><sub>12944ec4-1fa0-47be-8b17-42a034f937c2</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
+|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>8263f146-5e03-43e0-9cfe-db960d56d1e7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
+|AD Admin Not Configured For SQL Server<br/><sup><sub>a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
+|AKS Private Cluster Disabled<br/><sup><sub>599318f2-6653-4569-9e21-041d06c63a89</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#private_cluster_enabled">Documentation</a><br/>|
+|App Service FTPS Enforce Disabled<br/><sup><sub>85da374f-b00f-4832-9d44-84a1ca1e89f8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#ftps_state">Documentation</a><br/>|
+|App Service HTTP2 Disabled<br/><sup><sub>525b53be-62ed-4244-b4df-41aecfcb4071</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled">Documentation</a><br/>|
+|Azure App Service Client Certificate Disabled<br/><sup><sub>a81573f9-3691-4d83-88a0-7d4af63e17a3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled">Documentation</a><br/>|
+|Function App Client Certificates Unrequired<br/><sup><sub>9bb3c639-5edf-458c-8ee5-30c17c7d671d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#client_cert_mode">Documentation</a><br/>|
+|Function App FTPS Enforce Disabled<br/><sup><sub>9dab0179-433d-4dff-af8f-0091025691df</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#ftps_state">Documentation</a><br/>|
+|Function App HTTP2 Disabled<br/><sup><sub>ace823d1-4432-4dee-945b-cdf11a5a6bd0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled">Documentation</a><br/>|
+|Function App Managed Identity Disabled<br/><sup><sub>c87749b3-ff10-41f5-9df2-c421e8151759</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#identity">Documentation</a><br/>|
+|Network Watcher Flow Disabled<br/><sup><sub>b90842e5-6779-44d4-9760-972f4c03ba1c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>e29a75e6-aba3-4896-b42d-b87818c16b58</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache">Documentation</a><br/>|
+|Redis Not Updated Regularly<br/><sup><sub>b947809d-dd2f-4de9-b724-04d101c515aa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache#patch_schedule">Documentation</a><br/>|
+|Security Center Pricing Tier Is Not Standard<br/><sup><sub>819d50fd-1cdf-45c3-9936-be408aaad93e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_subscription_pricing">Documentation</a><br/>|
+|Small Flow Logs Retention Period<br/><sup><sub>7750fcca-dd03-4d38-b663-4b70289bcfd4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
+|VM Not Attached To Network<br/><sup><sub>bbf6b3df-4b65-4f87-82cc-da9f30f8c033</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#network_interface_ids">Documentation</a><br/>|
+|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only">Documentation</a><br/>|
+|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>a5613650-32ec-4975-a305-31af783153ea</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action">Documentation</a><br/>|
+|Azure Cognitive Search Public Network Access Enabled<br/><sup><sub>4a9e0f00-0765-4f72-a0d4-d31110b78279</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/search_service#public_network_access_enabled">Documentation</a><br/>|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>a829b715-cf75-4e92-b645-54c9b739edfb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
+|Network Interfaces IP Forwarding Enabled<br/><sup><sub>4216ebac-d74c-4423-b437-35025cb88af5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#enable_ip_forwarding">Documentation</a><br/>|
+|Network Interfaces With Public IP<br/><sup><sub>c1573577-e494-4417-8854-7e119368dc8b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#public_ip_address_id">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e9dee01f-2505-4df2-b9bf-7804d1fd9082</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|SSH Is Exposed To The Internet<br/><sup><sub>3e3c175e-aadf-4e2b-a464-3fdac5748d24</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Trusted Microsoft Services Not Enabled<br/><sup><sub>5400f379-a347-4bdd-a032-446465fdcc6f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass">Documentation</a><br/>|
+|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2e48d91c-50e4-45c8-9312-27b625868a72</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway">Documentation</a><br/>|
+|Email Alerts Disabled<br/><sup><sub>9db38e87-f6aa-4b5e-a1ec-7266df259409</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact">Documentation</a><br/>|
+|Log Retention Is Not Set<br/><sup><sub>ffb02aca-0d12-475e-b77c-a726f7aeff4b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|MSSQL Server Auditing Disabled<br/><sup><sub>609839ae-bd81-4375-9910-5bce72ae7b92</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
+|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>3790d386-be81-4dcf-9850-eaa7df6c10d9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Log Connections Not Set<br/><sup><sub>c640d783-10c5-4071-b6c1-23507300d333</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Log Disconnections Not Set<br/><sup><sub>07f7134f-9f37-476e-8664-670c218e4702</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Log Duration Not Set<br/><sup><sub>16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Server Without Connection Throttling<br/><sup><sub>2b3c671f-1b76-4741-8789-ed1fe0785dc4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|SQL Server Auditing Disabled<br/><sup><sub>f7e296b0-6660-4bc5-8f87-22ac4a815edf</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
+|Vault Auditing Disabled<br/><sup><sub>38c71c00-c177-4cd7-8d36-cd1007cdb190</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/key_vault.html">Documentation</a><br/>|
+|PostgreSQL Server Threat Detection Policy Disabled<br/><sup><sub>c407c3cf-c409-4b29-b590-db5f4138d332</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#threat_detection_policy">Documentation</a><br/>|
+|SQL Database Audit Disabled<br/><sup><sub>83a229ba-483e-47c6-8db7-dc96969bce5a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/sql_database.html">Documentation</a><br/>|
+|Key Expiration Not Set<br/><sup><sub>4d080822-5ee2-49a4-8984-68f3d4c890fc</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key">Documentation</a><br/>|
+|Secret Expiration Not Set<br/><sup><sub>dfa20ffa-f476-428f-a490-424b41e91c7f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret">Documentation</a><br/>|
+|Azure Active Directory Authentication<br/><sup><sub>a21c8da9-41bf-40cf-941d-330cf0d11fc7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_fabric_cluster#tenant_id">Documentation</a><br/>|
+|Virtual Network with DDoS Protection Plan disabled<br/><sup><sub>b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network#ddos_protection_plan">Documentation</a><br/>|
+|Geo Redundancy Is Disabled<br/><sup><sub>8b042c30-e441-453f-b162-7696982ebc58</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
+|MariaDB Server Geo-redundant Backup Disabled<br/><sup><sub>0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#geo_redundant_backup_enabled">Documentation</a><br/>|
+|AKS Uses Azure Policies Add-On Disabled<br/><sup><sub>43789711-161b-4708-b5bb-9d1c626f7492</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#azure_policy">Documentation</a><br/>|
+|App Service Without Latest PHP Version<br/><sup><sub>96fe318e-d631-4156-99fa-9080d57280ae</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#php_version">Documentation</a><br/>|
+|App Service Without Latest Python Version<br/><sup><sub>cc4aaa9d-1070-461a-b519-04e00f42db8a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#python_version">Documentation</a><br/>|
+|SQL Server Predictable Active Directory Account Name<br/><sup><sub>bcd3fc01-5902-4f2a-b05a-227f9bbf5450</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
+|SQL Server Predictable Admin Account Name<br/><sup><sub>2ab6de9a-0136-415c-be92-79d2e4fd750f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
+|Cosmos DB Account Without Tags<br/><sup><sub>56dad03e-e94f-4dd6-93a4-c253a03ff7a0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account">Documentation</a><br/>|
+|AKS Disk Encryption Set ID Undefined<br/><sup><sub>b17d8bb8-4c08-4785-867e-cb9e62a622aa</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#disk_encryption_set_id">Documentation</a><br/>|
+|PostgreSQL Server Infrastructure Encryption Disabled<br/><sup><sub>6425c98b-ca4e-41fe-896a-c78772c131f8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#infrastructure_encryption_enabled">Documentation</a><br/>|
+|AKS Network Policy Misconfigured<br/><sup><sub>f5342045-b935-402d-adf1-8dbbd09c0eef</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster">Documentation</a><br/>|
+|Dashboard Is Enabled<br/><sup><sub>61c3cb8b-0715-47e4-b788-86dde40dd2db</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster">Documentation</a><br/>|
+|Azure Front Door WAF Disabled<br/><sup><sub>835a4f2f-df43-437d-9943-545ccfc55961</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor#web_application_firewall_policy_link_id">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Small Activity Log Retention Period<br/><sup><sub>2b856bf9-8e8c-4005-875f-303a8cba3918</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_log_profile">Documentation</a><br/>|
+|Small MSSQL Audit Retention Period<br/><sup><sub>9c301481-e6ec-44f7-8a49-8ec63e2969ea</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
+|Small MSSQL Server Audit Retention<br/><sup><sub>59acb56b-2b10-4c2c-ba38-f2223c3f5cfc</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
+|Small PostgreSQL DB Server Log Retention Period<br/><sup><sub>261a83f8-dd72-4e8c-b5e1-ebf06e8fe606</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|App Service Managed Identity Disabled<br/><sup><sub>b61cce4b-0cc4-472b-8096-15617a6d769b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity">Documentation</a><br/>|
+|SQL Server Alert Email Disabled<br/><sup><sub>55975007-f6e7-4134-83c3-298f1fe4b519</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server_security_alert_policy#email_account_admins">Documentation</a><br/>|
+|(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)<br/><sup><sub>a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5" onclick="newWindowOpenerSafe(event, '../terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permissions">Documentation</a><br/>|
+|(Beta) Unrestricted Databricks ACL<br/><sup><sub>2c4fe4a9-f44b-4c70-b09b-5b75cd251805</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805" onclick="newWindowOpenerSafe(event, '../terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/ip_access_list">Documentation</a><br/>|
+|(Beta) Job's Task is Legacy (spark_submit_task)<br/><sup><sub>375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7" onclick="newWindowOpenerSafe(event, '../terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/job#spark_submit_task-configuration-block">Documentation</a><br/>|
+|(Beta) Indefinitely Databricks OBO Token Lifetime<br/><sup><sub>23e1f5f0-12b7-4d7e-9087-f60f42ccd514</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514" onclick="newWindowOpenerSafe(event, '../terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/obo_token">Documentation</a><br/>|
+|(Beta) Indefinitely Databricks Token Lifetime<br/><sup><sub>7d05ca25-91b4-42ee-b6f6-b06611a87ce8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8" onclick="newWindowOpenerSafe(event, '../terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/token">Documentation</a><br/>|
+|(Beta) Databricks Autoscale Badly Setup<br/><sup><sub>953c0cc6-5f30-44cb-a803-bf4ef2571be8</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8" onclick="newWindowOpenerSafe(event, '../terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster">Documentation</a><br/>|
+|(Beta) Databricks Group Without User Or Instance Profile<br/><sup><sub>23c3067a-8cc9-480c-b645-7c1e0ad4bf60</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60" onclick="newWindowOpenerSafe(event, '../terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group">Documentation</a><br/>|
+|(Beta) Check Databricks Cluster AWS Attribute Best Practices<br/><sup><sub>b0749c53-e3ff-4d09-bbe4-dca94e2e7a38</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38" onclick="newWindowOpenerSafe(event, '../terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38')">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
+|(Beta) Check Databricks Cluster Azure Attribute Best Practices<br/><sup><sub>38028698-e663-4ef7-aa92-773fef0ca86f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f" onclick="newWindowOpenerSafe(event, '../terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f')">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
+|(Beta) Check Databricks Cluster GCP Attribute Best Practices<br/><sup><sub>539e4557-d2b5-4d57-a001-cb01140a4e2d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d" onclick="newWindowOpenerSafe(event, '../terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d')">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
+|(Beta) Check use no LTS Spark Version<br/><sup><sub>5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6" onclick="newWindowOpenerSafe(event, '../terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/spark_version">Documentation</a><br/>|
+|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>a6cd52a1-3056-4910-96a5-894de9f3f3b3</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#google_storage_bucket_iam_binding">Documentation</a><br/>|
+|SQL DB Instance Publicly Accessible<br/><sup><sub>b187edca-b81e-4fdc-aff4-aab57db45edb</sub></sup>|Terraform|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
+|BigQuery Dataset Is Public<br/><sup><sub>e576ce44-dd03-4022-a8c0-3906acca2ab4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4')">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/r/bigquery_dataset.html">Documentation</a><br/>|
+|Google Project IAM Binding Service Account has Token Creator or Account User Role<br/><sup><sub>617ef6ff-711e-4bd7-94ae-e965911b1b40</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
+|Google Project IAM Member Service Account Has Admin Role<br/><sup><sub>84d36481-fd63-48cb-838e-635c44806ec2</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
+|Google Project IAM Member Service Account has Token Creator or Account User Role<br/><sup><sub>c68b4e6d-4e01-4ca1-b256-1e18e875785c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
+|KMS Crypto Key is Publicly Accessible<br/><sup><sub>16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_kms_crypto_key_iam#google_kms_crypto_key_iam_policy">Documentation</a><br/>|
+|SQL DB Instance With SSL Disabled<br/><sup><sub>02474449-71aa-40a1-87ae-e14497747b00</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#require_ssl">Documentation</a><br/>|
+|GKE Legacy Authorization Enabled<br/><sup><sub>5baa92d2-d8ee-4c75-88a4-52d9d8bb8067</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Google Storage Bucket Level Access Disabled<br/><sup><sub>bb0db090-5509-4853-a827-75ced0b3caa0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket">Documentation</a><br/>|
+|RDP Access Is Not Restricted<br/><sup><sub>678fd659-96f2-454a-a2a0-c2571f83a4a3</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
+|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>c010082c-76e0-4b91-91d9-6e8439e455dd</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#member/members">Documentation</a><br/>|
+|KMS Admin and CryptoKey Roles In Use<br/><sup><sub>92e4464a-4139-4d57-8742-b5acc0347680</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#policy_data">Documentation</a><br/>|
+|OSLogin Disabled<br/><sup><sub>32ecd6eb-0711-421f-9627-1a28d9eff217</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_project_metadata#metadata">Documentation</a><br/>|
+|VM With Full Cloud Access<br/><sup><sub>bc280331-27b9-4acb-a010-018e8098aa5d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#scopes">Documentation</a><br/>|
+|SQL DB Instance Backup Disabled<br/><sup><sub>cf3c7631-cd1e-42f3-8801-a561214a6e79</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>b1d51728-7270-4991-ac2f-fc26e2695b38</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk">Documentation</a><br/>|
+|DNSSEC Using RSASHA1<br/><sup><sub>ccc3100c-0fdd-4a5e-9908-c10107291860</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone#algorithm">Documentation</a><br/>|
+|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>14a457f0-473d-4d1d-9e37-6d99b355b336</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_ssl_policy">Documentation</a><br/>|
+|Cloud DNS Without DNSSEC<br/><sup><sub>5ef61c88-bbb4-4725-b1df-55d23c9676bb</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb')">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/d/dns_managed_zone.html">Documentation</a><br/>|
+|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>acfdbec6-4a17-471f-b412-169d77553332</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool">Documentation</a><br/>|
+|Google Project Auto Create Network Disabled<br/><sup><sub>59571246-3f62-4965-a96f-c7d97e269351</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project">Documentation</a><br/>|
+|IP Aliasing Disabled<br/><sup><sub>c606ba1d-d736-43eb-ac24-e16108f3a9e0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Network Policy Disabled<br/><sup><sub>11e7550e-c4b6-472e-adff-c698f157cdd7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|OSLogin Is Disabled For VM Instance<br/><sup><sub>d0b4d550-c001-46c3-bbdb-d5d75d33f05f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|Pod Security Policy Disabled<br/><sup><sub>9192e0f9-eca5-4056-9282-ae2a736a4088</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Private Cluster Disabled<br/><sup><sub>6ccb85d7-0420-4907-9380-50313f80946b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Shielded GKE Nodes Disabled<br/><sup><sub>579a0727-9c29-4d58-8195-fc5802a8bdb4</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#enable_shielded_nodes">Documentation</a><br/>|
+|Shielded VM Disabled<br/><sup><sub>1b44e234-3d73-41a8-9954-0b154135280e</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#shielded_instance_config">Documentation</a><br/>|
+|GKE Using Default Service Account<br/><sup><sub>1c8eef02-17b1-4a3e-b01d-dcc3292d2c38</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#node_config">Documentation</a><br/>|
+|Using Default Service Account<br/><sup><sub>3cb4af0b-056d-4fb1-8b95-fdc4593625ff</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|Google Compute Network Using Default Firewall Rule<br/><sup><sub>40abce54-95b1-478c-8e5f-ea0bf0bb0e33</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#name">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>22ef1d26-80f8-4a6c-8c15-f35aab3cac78</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
+|IP Forwarding Enabled<br/><sup><sub>f34c0c25-47b4-41eb-9c79-249b4dd47b89</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_instance">Documentation</a><br/>|
+|Serial Ports Are Enabled For VM Instances<br/><sup><sub>97fa667a-d05b-4f16-9071-58b939f34751</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|SSH Access Is Not Restricted<br/><sup><sub>c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>d6cabc3a-d57e-48c2-b341-bf3dd4f4a120</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#log_bucket">Documentation</a><br/>|
+|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>e7e961ac-d17e-4413-84bc-8a1fbe242944</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#enabled">Documentation</a><br/>|
+|Google Compute Subnetwork Logging Disabled<br/><sup><sub>40430747-442d-450a-a34f-dc57149f4609</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork">Documentation</a><br/>|
+|Stackdriver Logging Disabled<br/><sup><sub>4c7ebcb2-eae2-461e-bc83-456ee2d4f694</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#logging_service">Documentation</a><br/>|
+|Stackdriver Monitoring Disabled<br/><sup><sub>30e8dfd2-3591-4d19-8d11-79e93106c93d</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#monitoring_service">Documentation</a><br/>|
+|Node Auto Upgrade Disabled<br/><sup><sub>b139213e-7d24-49c2-8025-c18faa21ecaa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#auto_upgrade">Documentation</a><br/>|
+|Service Account with Improper Privileges<br/><sup><sub>cefdad16-0dd5-4ac5-8ed2-a37502c78672</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
+|High Google KMS Crypto Key Rotation Period<br/><sup><sub>d8c57c4e-bf6f-4e32-a2bf-8643532de77b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/kms_crypto_key">Documentation</a><br/>|
+|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>3e4d5ce6-3280-4027-8010-c26eeea1ec01</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|User with IAM Role<br/><sup><sub>704fcc44-a58f-4af5-82e2-93f2a58ef918</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
+|Outdated GKE Version<br/><sup><sub>128df7ec-f185-48bc-8913-ce756a3ccb85</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#master_version">Documentation</a><br/>|
+|Cluster Labels Disabled<br/><sup><sub>65c1bc7a-4835-4ac4-a2b6-13d310b0648d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|COS Node Image Not Used<br/><sup><sub>8a893e46-e267-485a-8690-51f39951de58</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#node_config">Documentation</a><br/>|
+|Legacy Client Certificate Auth Enabled<br/><sup><sub>73fb21a1-b19a-45b1-b648-b47b1678681e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Not Proper Email Account In Use<br/><sup><sub>9356962e-4a4f-4d06-ac59-dc8008775eaa</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>e6f61c37-106b-449f-a5bb-81bfcaceb8b4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
+|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>ee7b93c1-b3f8-4a3b-9588-146d481814f5</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork#private_ip_google_access">Documentation</a><br/>|
+|IAM Audit Not Properly Configured<br/><sup><sub>89fe890f-b480-460c-8b6b-7d8b1468adb4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_audit_config">Documentation</a><br/>|
+|BOM - GCP Dataflow<br/><sup><sub>895ed0d9-6fec-4567-8614-d7a74b599a53</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP FI<br/><sup><sub>c9d81239-c818-4869-9917-1570c62b81fd</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PD<br/><sup><sub>dd7d70aa-a6ec-460d-b5d2-38b40253b16f</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PST<br/><sup><sub>4b82202a-b18e-4891-a1eb-a0989850bbb3</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP Redis<br/><sup><sub>bc75ce52-a60a-4660-b533-bce837a5019b</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP SB<br/><sup><sub>2f06d22c-56bd-4f73-8a51-db001fcf2150</sub></sup>|Terraform|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|Github Organization Webhook With SSL Disabled<br/><sup><sub>ce7c874e-1b88-450b-a5e4-cb76ada3c8a9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9" onclick="newWindowOpenerSafe(event, '../terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/github/latest/docs/resources/organization_webhook">Documentation</a><br/>|
+|GitHub Repository Set To Public<br/><sup><sub>15d8a7fd-465a-4d15-a868-add86552f17b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b" onclick="newWindowOpenerSafe(event, '../terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b')">Query details</a><br><a href="https://www.terraform.io/docs/providers/github/r/repository.html">Documentation</a><br/>|
+|Non Kube System Pod With Host Mount<br/><sup><sub>86a947ea-f577-4efb-a8b0-5fc00257d521</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521" onclick="newWindowOpenerSafe(event, '../terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
+|Cluster Allows Unsafe Sysctls<br/><sup><sub>a9174d31-d526-4ad9-ace4-ce7ddbf52e03</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03" onclick="newWindowOpenerSafe(event, '../terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_unsafe_sysctls">Documentation</a><br/>|
+|Container Is Privileged<br/><sup><sub>87065ef8-de9b-40d8-9753-f4a4303e27a4</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4" onclick="newWindowOpenerSafe(event, '../terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
+|Container Runs Unmasked<br/><sup><sub>0ad60203-c050-4115-83b6-b94bde92541d</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d" onclick="newWindowOpenerSafe(event, '../terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_proc_mount_types">Documentation</a><br/>|
+|Containers With Sys Admin Capabilities<br/><sup><sub>3f55386d-75cd-4e9a-ac47-167b26c04724</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724" onclick="newWindowOpenerSafe(event, '../terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
+|Privilege Escalation Allowed<br/><sup><sub>c878abb4-cca5-4724-92b9-289be68bd47c</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c" onclick="newWindowOpenerSafe(event, '../terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#allow_privilege_escalation">Documentation</a><br/>|
+|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>4950837c-0ce5-4e42-9bee-a25eae73740b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b" onclick="newWindowOpenerSafe(event, '../terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_network">Documentation</a><br/>|
+|PSP Allows Privilege Escalation<br/><sup><sub>2bff9906-4e9b-4f71-9346-8ebedfdf43ef</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef" onclick="newWindowOpenerSafe(event, '../terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allow_privilege_escalation">Documentation</a><br/>|
+|PSP Allows Sharing Host IPC<br/><sup><sub>51bed0ac-a8ae-407a-895e-90c6cb0610ce</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_ipc">Documentation</a><br/>|
+|PSP Set To Privileged<br/><sup><sub>a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9" onclick="newWindowOpenerSafe(event, '../terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
+|PSP With Added Capabilities<br/><sup><sub>48388bd2-7201-4dcc-b56d-e8a9efa58fad</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad" onclick="newWindowOpenerSafe(event, '../terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_capabilities">Documentation</a><br/>|
+|Tiller (Helm v2) Is Deployed<br/><sup><sub>ca2fba76-c1a7-4afd-be67-5249f861cb0e</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e" onclick="newWindowOpenerSafe(event, '../terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
+|Workload Mounting With Sensitive OS Directory<br/><sup><sub>a737be28-37d8-4bff-aa6d-1be8aa0a0015</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015" onclick="newWindowOpenerSafe(event, '../terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
+|Volume Mount With OS Directory Write Permissions<br/><sup><sub>a62a99d1-8196-432f-8f80-3c100b05d62a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Resource Management|<a href="../terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a" onclick="newWindowOpenerSafe(event, '../terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#volume_mount">Documentation</a><br/>|
+|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>4e203a65-c8d8-49a2-b749-b124d43c9dc1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1" onclick="newWindowOpenerSafe(event, '../terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
+|Missing App Armor Config<br/><sup><sub>bd6bd46c-57db-4887-956d-d372f21291b6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6" onclick="newWindowOpenerSafe(event, '../terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
+|Permissive Access to Create Pods<br/><sup><sub>522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba" onclick="newWindowOpenerSafe(event, '../terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
+|RBAC Roles with Read Secrets Permissions<br/><sup><sub>826abb30-3cd5-4e0b-a93b-67729b4f7e63</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63" onclick="newWindowOpenerSafe(event, '../terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
+|Readiness Probe Is Not Configured<br/><sup><sub>8657197e-3f87-4694-892b-8144701d83c1</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/8657197e-3f87-4694-892b-8144701d83c1" onclick="newWindowOpenerSafe(event, '../terraform-queries/8657197e-3f87-4694-892b-8144701d83c1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#readiness_probe">Documentation</a><br/>|
+|Root Containers Admitted<br/><sup><sub>4c415497-7410-4559-90e8-f2c8ac64ee38</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38" onclick="newWindowOpenerSafe(event, '../terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#run_as_user">Documentation</a><br/>|
+|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>26b047a9-0329-48fd-8fb7-05bbe5ba80ee</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee" onclick="newWindowOpenerSafe(event, '../terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
+|Container Host Pid Is True<br/><sup><sub>587d5d82-70cf-449b-9817-f60f9bccb88c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c" onclick="newWindowOpenerSafe(event, '../terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_pid">Documentation</a><br/>|
+|Container Resources Limits Undefined<br/><sup><sub>60af03ff-a421-45c8-b214-6741035476fa</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/60af03ff-a421-45c8-b214-6741035476fa" onclick="newWindowOpenerSafe(event, '../terraform-queries/60af03ff-a421-45c8-b214-6741035476fa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
+|Containers With Added Capabilities<br/><sup><sub>fe771ff7-ba15-4f8f-ad7a-8aa232b49a28</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28" onclick="newWindowOpenerSafe(event, '../terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
+|Ingress Controller Exposes Workload<br/><sup><sub>e2c83c1f-84d7-4467-966c-ed41fd015bb9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9" onclick="newWindowOpenerSafe(event, '../terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress#http">Documentation</a><br/>|
+|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>9aa32890-ac1a-45ee-81ca-5164e2098556</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556" onclick="newWindowOpenerSafe(event, '../terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#required_drop_capabilities">Documentation</a><br/>|
+|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>e5587d53-a673-4a6b-b3f2-ba07ec274def</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def" onclick="newWindowOpenerSafe(event, '../terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
+|Seccomp Profile Is Not Configured<br/><sup><sub>455f2e0c-686d-4fcb-8b5f-3f953f12c43c</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c" onclick="newWindowOpenerSafe(event, '../terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
+|Role Binding To Default Service Account<br/><sup><sub>3360c01e-c8c0-4812-96a2-a6329b9b7f9f</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f" onclick="newWindowOpenerSafe(event, '../terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
+|Service Account Name Undefined Or Empty<br/><sup><sub>24b132df-5cc7-4823-8029-f898e1c50b72</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72" onclick="newWindowOpenerSafe(event, '../terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
+|Service Account Token Automount Not Disabled<br/><sup><sub>a9a13d4f-f17a-491b-b074-f54bffffcb4a</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a" onclick="newWindowOpenerSafe(event, '../terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#automount_service_account_token">Documentation</a><br/>|
+|Service With External Load Balancer<br/><sup><sub>2a52567c-abb8-4651-a038-52fa27c77aed</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed" onclick="newWindowOpenerSafe(event, '../terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service">Documentation</a><br/>|
+|Memory Limits Not Defined<br/><sup><sub>fd097ed0-7fe6-4f58-8b71-fef9f0820a21</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21" onclick="newWindowOpenerSafe(event, '../terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
+|Memory Requests Not Defined<br/><sup><sub>21719347-d02b-497d-bda4-04a03c8e5b61</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61" onclick="newWindowOpenerSafe(event, '../terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
+|Shared Host IPC Namespace<br/><sup><sub>e94d3121-c2d1-4e34-a295-139bfeb73ea3</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3" onclick="newWindowOpenerSafe(event, '../terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_ipc">Documentation</a><br/>|
+|Shared Host Network Namespace<br/><sup><sub>ac1564a3-c324-4747-9fa1-9dfc234dace0</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0" onclick="newWindowOpenerSafe(event, '../terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_network">Documentation</a><br/>|
+|Service Account Allows Access Secrets<br/><sup><sub>07fc3413-e572-42f7-9877-5c8fc6fccfb5</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5" onclick="newWindowOpenerSafe(event, '../terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
+|Shared Service Account<br/><sup><sub>f74b9c43-161a-4799-bc95-0b0ec81801b9</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9" onclick="newWindowOpenerSafe(event, '../terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
+|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>17172bc2-56fb-4f17-916f-a014147706cd</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd" onclick="newWindowOpenerSafe(event, '../terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding#name">Documentation</a><br/>|
+|Deployment Without PodDisruptionBudget<br/><sup><sub>a05331ee-1653-45cb-91e6-13637a76e4f0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#selector">Documentation</a><br/>|
+|HPA Targets Invalid Object<br/><sup><sub>17e52ca3-ddd0-4610-9d56-ce107442e110</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110" onclick="newWindowOpenerSafe(event, '../terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/horizontal_pod_autoscaler#metric">Documentation</a><br/>|
+|StatefulSet Without PodDisruptionBudget<br/><sup><sub>7249e3b0-9231-4af3-bc5f-5daf4988ecbf</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf" onclick="newWindowOpenerSafe(event, '../terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
+|StatefulSet Without Service Name<br/><sup><sub>420e6360-47bb-46f6-9072-b20ed22c842d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d" onclick="newWindowOpenerSafe(event, '../terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
+|Metadata Label Is Invalid<br/><sup><sub>bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e" onclick="newWindowOpenerSafe(event, '../terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#labels">Documentation</a><br/>|
+|No Drop Capabilities for Containers<br/><sup><sub>21cef75f-289f-470e-8038-c7cee0664164</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/21cef75f-289f-470e-8038-c7cee0664164" onclick="newWindowOpenerSafe(event, '../terraform-queries/21cef75f-289f-470e-8038-c7cee0664164')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
+|Root Container Not Mounted As Read-only<br/><sup><sub>d532566b-8d9d-4f3b-80bd-361fe802f9c2</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2" onclick="newWindowOpenerSafe(event, '../terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#read_only_root_filesystem">Documentation</a><br/>|
+|StatefulSet Requests Storage<br/><sup><sub>fcc2612a-1dfe-46e4-8ce6-0320959f0040</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040" onclick="newWindowOpenerSafe(event, '../terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
+|Default Service Account In Use<br/><sup><sub>737a0dd9-0aaa-4145-8118-f01778262b8a</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a" onclick="newWindowOpenerSafe(event, '../terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account#automount_service_account_token">Documentation</a><br/>|
+|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>aa737abf-6b1d-4aba-95aa-5c160bd7f96e</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image_pull_policy">Documentation</a><br/>|
+|Image Without Digest<br/><sup><sub>228c4c19-feeb-4c18-848c-800ac70fdfb7</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7" onclick="newWindowOpenerSafe(event, '../terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
+|Pod or Container Without Security Context<br/><sup><sub>ad69e38a-d92e-4357-a8da-f2f29d545883</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883" onclick="newWindowOpenerSafe(event, '../terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#security_context">Documentation</a><br/>|
+|Using Default Namespace<br/><sup><sub>abcb818b-5af7-4d72-aba9-6dd84956b451</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451" onclick="newWindowOpenerSafe(event, '../terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#namespace">Documentation</a><br/>|
+|Network Policy Is Not Targeting Any Pod<br/><sup><sub>b80b14c6-aaa2-4876-b651-8a48b6c32fbf</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf" onclick="newWindowOpenerSafe(event, '../terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/network_policy#match_labels">Documentation</a><br/>|
+|Service Type is NodePort<br/><sup><sub>5c281bf8-d9bb-47f2-b909-3f6bb11874ad</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad" onclick="newWindowOpenerSafe(event, '../terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service#type">Documentation</a><br/>|
+|Workload Host Port Not Specified<br/><sup><sub>4e74cf4f-ff65-4c1a-885c-67ab608206ce</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_port">Documentation</a><br/>|
+|CPU Limits Not Set<br/><sup><sub>5f4735ce-b9ba-4d95-a089-a37a767b716f</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f" onclick="newWindowOpenerSafe(event, '../terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
+|CPU Requests Not Set<br/><sup><sub>577ac19c-6a77-46d7-9f14-e049cdd15ec2</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2" onclick="newWindowOpenerSafe(event, '../terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
+|CronJob Deadline Not Configured<br/><sup><sub>58876b44-a690-4e9f-9214-7735fa0dd15d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d" onclick="newWindowOpenerSafe(event, '../terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cron_job#starting_deadline_seconds">Documentation</a><br/>|
+|Deployment Has No PodAntiAffinity<br/><sup><sub>461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3" onclick="newWindowOpenerSafe(event, '../terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#affinity">Documentation</a><br/>|
+|Secrets As Environment Variables<br/><sup><sub>6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8" onclick="newWindowOpenerSafe(event, '../terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#secret_key_ref">Documentation</a><br/>|
+|Invalid Image<br/><sup><sub>e76cca7c-c3f9-4fc9-884c-b2831168ebd8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8" onclick="newWindowOpenerSafe(event, '../terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
+|Liveness Probe Is Not Defined<br/><sup><sub>5b6d53dd-3ba3-4269-b4d7-f82e880e43c3</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Availability|<a href="../terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3" onclick="newWindowOpenerSafe(event, '../terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#liveness_probe">Documentation</a><br/>|
+|(Beta) Nifcloud DNS Has Verified Record<br/><sup><sub>a1defcb6-55e8-4511-8c2a-30b615b0e057</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/dns_record#record">Documentation</a><br/>|
+|(Beta) Nifcloud ELB Listener Use HTTP Protocol<br/><sup><sub>afcb0771-4f94-44ed-ad4a-9f73f11ce6e0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb_listener#protocol">Documentation</a><br/>|
+|(Beta) Nifcloud ELB Use HTTP Protocol<br/><sup><sub>e2de2b80-2fc2-4502-a764-40930dfcc70a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#protocol">Documentation</a><br/>|
+|(Beta) Nifcloud LB Listener Use HTTP Port<br/><sup><sub>9f751a80-31f0-43a3-926c-20772791a038</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer_listener#load_balancer_port">Documentation</a><br/>|
+|(Beta) Nifcloud LB Use HTTP Port<br/><sup><sub>94e47f3f-b90b-43a1-a36d-521580bae863</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#load_balancer_port">Documentation</a><br/>|
+|(Beta) Nifcloud LB Use Insecure TLS Policy ID<br/><sup><sub>944439c7-b4b8-476a-8f83-14641ea876ba</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_id">Documentation</a><br/>|
+|(Beta) Nifcloud LB Use Insecure TLS Policy Name<br/><sup><sub>675e8eaa-2754-42b7-bf33-bfa295d1601d</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_name">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Has Public Ingress Security Group Rule<br/><sup><sub>b2ea2367-8dc9-4231-a035-d0b28bfa3dde</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Undefined Security Group To Instance<br/><sup><sub>89218b48-75c9-4cb3-aaba-5299e852e8bc</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#security_group">Documentation</a><br/>|
+|(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule<br/><sup><sub>8d7758a7-d9cd-499a-a83e-c9bdcbff728d</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#cidr_ip">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Public DB Access<br/><sup><sub>fb387023-e4bb-42a8-9a70-6708aa7ff21b</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule<br/><sup><sub>a0b846e8-815f-4f15-b660-bc4ab9fa1e1a</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#cidr_ip">Documentation</a><br/>|
+|(Beta) Nifcloud Router Undefined Security Group To Router<br/><sup><sub>e7dada38-af20-4899-8955-dabea84ab1f0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#security_group">Documentation</a><br/>|
+|(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway<br/><sup><sub>b3535a48-910c-47f8-8b3b-14222f29ef80</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/vpn_gateway#security_group">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day<br/><sup><sub>e5071f76-cbe7-468d-bb2b-d10f02d2b713</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#backup_retention_period">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Has Common Private Network<br/><sup><sub>df58dd45-8009-43c2-90f7-c90eb9d53ed9</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Undefined Description To Security Group<br/><sup><sub>41c127a9-3a85-4bc3-a333-ed374eb9c3e4</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group#description">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Undefined Description To Security Group Rule<br/><sup><sub>e4610872-0b1c-4fb7-ab57-d81c0afdb291</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#description">Documentation</a><br/>|
+|(Beta) Nifcloud ELB Has Common Private Network<br/><sup><sub>5061f84c-ab66-4660-90b9-680c9df346c0</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud NAS Has Common Private Network<br/><sup><sub>4b801c38-ebb4-4c81-984b-1ba525d43adf</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_instance#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud NAS Undefined Description To NAS Security Group<br/><sup><sub>e840c54a-7a4c-405f-b8c1-c49a54b87d11</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#description">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Common Private Network<br/><sup><sub>9bf57c23-fbab-4222-85f3-3f207a53c6a8</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Undefined Description To DB Security Group<br/><sup><sub>940ddce2-26bd-4e31-a9b4-382714f73231</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#description">Documentation</a><br/>|
+|(Beta) Nifcloud Router Has Common Private Network<br/><sup><sub>30c2760c-740e-4672-9d7f-2c29e0cb385d</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#network_id">Documentation</a><br/>|
+|Generic Git Module Without Revision<br/><sup><sub>3a81fc06-566f-492a-91dd-7448e409e2cd</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd" onclick="newWindowOpenerSafe(event, '../terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd')">Query details</a><br><a href="https://www.terraform.io/docs/language/modules/sources.html#selecting-a-revision">Documentation</a><br/>|
+|Name Is Not Snake Case<br/><sup><sub>1e434b25-8763-4b00-a5ca-ca03b7abbb66</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66" onclick="newWindowOpenerSafe(event, '../terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66')">Query details</a><br><a href="https://www.terraform.io/docs/extend/best-practices/naming.html#naming">Documentation</a><br/>|
+|Output Without Description<br/><sup><sub>59312e8a-a64e-41e7-a252-618533dd1ea8</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8" onclick="newWindowOpenerSafe(event, '../terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8')">Query details</a><br><a href="https://www.terraform.io/docs/language/values/outputs.html#description-output-value-documentation">Documentation</a><br/>|
+|Variable Without Description<br/><sup><sub>2a153952-2544-4687-bcc9-cc8fea814a9b</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b" onclick="newWindowOpenerSafe(event, '../terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b')">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
+|Variable Without Type<br/><sup><sub>fc5109bf-01fd-49fb-8bde-4492b543c34a</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a" onclick="newWindowOpenerSafe(event, '../terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a')">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
+|(Beta) CLB Listener Using Insecure Protocols<br/><sup><sub>fe08b81c-12e9-4b5e-9006-4218fca750fd</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_listener#protocol">Documentation</a><br/>|
+|(Beta) TKE Cluster Encryption Protection Disabled<br/><sup><sub>3ed47402-e322-465f-a0f0-8681135a17b0</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_encryption_protection">Documentation</a><br/>|
+|(Beta) CDB Instance Internet Service Enabled<br/><sup><sub>5d820574-4a60-4916-b049-0810b8629731</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#internet_service">Documentation</a><br/>|
+|(Beta) CVM Instance Has Public IP<br/><sup><sub>a74b4602-a62c-4a02-956a-e19f86ea24b5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#allocate_public_ip">Documentation</a><br/>|
+|(Beta) Security Group Rule Set Accepts All Traffic<br/><sup><sub>d135a36e-c474-452f-b891-76db1e6d1cd5</sub></sup>|Terraform|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/security_group_rule_set#ingress">Documentation</a><br/>|
+|(Beta) CDB Instance Without Backup Policy<br/><sup><sub>ca94be07-7de3-4ae7-85ef-67e0462ec694</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_backup_policy">Documentation</a><br/>|
+|(Beta) CLB Instance Log Setting Disabled<br/><sup><sub>ada01ed1-b10c-4f2a-b110-b20fa4f9baa6</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_instance#log_set_id">Documentation</a><br/>|
+|(Beta) Disk Encryption Disabled<br/><sup><sub>1ee0f202-31da-49ba-bbce-04a989912e4b</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/cbs_storage#encrypt">Documentation</a><br/>|
+|(Beta) TKE Cluster Has Public Access<br/><sup><sub>df6928ed-02f4-421f-9a67-a529860dd7e7</sub></sup>|Terraform|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#public_ip_assigned">Documentation</a><br/>|
+|(Beta) CVM Instance Using Default Security Group<br/><sup><sub>93bb2065-63ec-45a2-a466-f106b56f2e32</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#orderly_security_groups">Documentation</a><br/>|
+|(Beta) CVM Instance Using User Data<br/><sup><sub>5bb6fa08-5e84-4760-a54a-cdcd66626976</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#user_data">Documentation</a><br/>|
+|(Beta) CDB Instance Internet Using Default Intranet Port<br/><sup><sub>18d6aa4b-7570-4d95-9c75-90363ef1abd9</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#intranet_port">Documentation</a><br/>|
+|(Beta) CVM Instance Using Default VPC<br/><sup><sub>b4e75c5c-83d5-4568-90e3-57ed5ec4051b</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#vpc_id">Documentation</a><br/>|
+|(Beta) TKE Cluster Log Agent Is Not Enabled<br/><sup><sub>fe405074-7e18-40f9-9aef-024aa1d0a889</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#log_agent">Documentation</a><br/>|
+|(Beta) VPC Flow Logs Disabled<br/><sup><sub>a3240001-40db-47b7-abb9-2bcd6a04c430</sub></sup>|Terraform|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/vpc_flow_log_config#enable">Documentation</a><br/>|
+|(Beta) CVM Instance Disable Monitor Service<br/><sup><sub>966ed4f7-b8a5-4e8d-b2bf-098657c98960</sub></sup>|Terraform|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#disable_monitor_service">Documentation</a><br/>|
diff --git a/docs/queries/ansible-queries.md b/docs/queries/ansible-queries.md
index bb1a60c7092..eea9ed4db29 100644
--- a/docs/queries/ansible-queries.md
+++ b/docs/queries/ansible-queries.md
@@ -8,130 +8,130 @@ Below are listed queries related to Ansible AWS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|ECR Repository Is Publicly Accessible<br/><sup><sub>fb5a5df7-6d74-4243-ab82-ff779a958bfd</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html#parameter-policy">Documentation</a><br/>|
-|S3 Bucket Access to Any Principal<br/><sup><sub>3ab1f27d-52cc-4943-af1d-43c1939e739a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#ansible-collections-amazon-aws-s3-bucket-module">Documentation</a><br/>|
-|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>6fa44721-ef21-41c6-8665-330d59461163</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>a0f1bfe0-741e-473f-b3b2-13e66f856fab</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|S3 Bucket With All Permissions<br/><sup><sub>6a6d7e56-c913-4549-b5c5-5221e624d2ec</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-policy">Documentation</a><br/>|
-|S3 Bucket With Public Access<br/><sup><sub>c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>c09e3ca5-f08a-4717-9c87-3919c5e6d209</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
-|DB Security Group With Public Scope<br/><sup><sub>0956aedf-6a7a-478b-ab56-63e2b19923ad</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|RDS Associated with Public Subnet<br/><sup><sub>16732649-4ff6-4cd2-8746-e72c13fae4b8</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-db_subnet_group_name">Documentation</a><br/>|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>af167837-9636-4086-b815-c239186b9dda</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_role_module.html#parameter-assume_role_policy_document">Documentation</a><br/>|
-|ECS Service Admin Role Is Present<br/><sup><sub>7db727c1-1720-468e-b80e-06697f71e09e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html">Documentation</a><br/>|
-|IAM Policy Grants Full Permissions<br/><sup><sub>b5ed026d-a772-4f07-97f9-664ba0b116f8</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>a1ef9d2e-4163-40cb-bd92-04f0d602a15d</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>75480b31-f349-4b9a-861f-bce19588e674</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
-|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>53bce6a8-5492-4b1b-81cf-664385f0c4bf</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|S3 Bucket Allows List Action From All Principals<br/><sup><sub>d395a950-12ce-4314-a742-ac5a785ab44e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|SNS Topic is Publicly Accessible<br/><sup><sub>905f4741-f965-45c1-98db-f7a00a0e5c73</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sns_topic_module.html">Documentation</a><br/>|
-|SQS Policy Allows All Actions<br/><sup><sub>ed9b3beb-92cf-44d9-a9d2-171eeba569d4</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
-|SQS Queue Exposed<br/><sup><sub>86b0efa7-4901-4edd-a37a-c034bec6645a</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#parameter-policy">Documentation</a><br/>|
-|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>7674a686-e4b1-4a95-83d4-1fd53c623d84</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_rule_module.html#parameter-source/identifier">Documentation</a><br/>|
-|DB Instance Storage Not Encrypted<br/><sup><sub>7dfb316c-a6c2-454d-b8a2-97f147b0c0ff</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
-|EBS Volume Encryption Disabled<br/><sup><sub>4b6012e7-7176-46e4-8108-e441785eae57</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_vol_module.html#parameter-encrypted">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>727c4fd4-d604-4df6-a179-7713d3c85e20</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-encrypt">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>2034fb37-bc23-4ca0-8d95-2b9f15829ab5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
-|Kinesis Not Encrypted With KMS<br/><sup><sub>f2ea6481-1d31-4d40-946a-520dc6321dd7</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/kinesis_stream_module.html">Documentation</a><br/>|
-|Launch Configuration Is Not Encrypted<br/><sup><sub>66477506-6abb-49ed-803d-3fa174cd5f6a</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
-|Redis Not Compliant<br/><sup><sub>9f34885e-c08f-4d13-a7d1-cf190c5bd268</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_engine_version">Documentation</a><br/>|
-|Redshift Not Encrypted<br/><sup><sub>6a647814-def5-4b85-88f5-897c19f509cd</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
-|S3 Bucket Without Server-side-encryption<br/><sup><sub>594f54e7-f744-45ab-93e4-c6dbaf6cd571</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
-|User Data Contains Encoded Private Key<br/><sup><sub>c09f4d3e-27d2-4d46-9453-abbe9687a64e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
-|Batch Job Definition With Privileged Container Properties<br/><sup><sub>defe5b18-978d-4722-9325-4d1975d3699f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_batch_job_definition_module.html">Documentation</a><br/>|
-|EC2 Group Has Public Interface<br/><sup><sub>5330b503-3319-44ff-9b1c-00ee873f728a</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|KMS Key With Vulnerable Policy<br/><sup><sub>5b9d237a-57d5-4177-be0e-71434b0fef47</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html">Documentation</a><br/>|
-|Redshift Publicly Accessible<br/><sup><sub>5c6b727b-1382-4629-8ba9-abd1365e5610</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html">Documentation</a><br/>|
-|Root Account Has Active Access Keys<br/><sup><sub>e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
-|DB Security Group Open To Large Scope<br/><sup><sub>ea0ed1c7-9aef-4464-b7c7-94c762da3640</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
-|Default Security Groups With Unrestricted Traffic<br/><sup><sub>8010e17a-00e9-4635-a692-90d6bcec68bd</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Public Port Wide<br/><sup><sub>71ea648a-d31a-4b5a-a589-5674243f1c33</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Remote Desktop Port Open To Internet<br/><sup><sub>eda7301d-1f3e-47cf-8d4e-976debc64341</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
-|Route53 Record Undefined<br/><sup><sub>445dce51-7e53-4e50-80ef-7f94f14169e4</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/route53_module.html#parameter-value">Documentation</a><br/>|
-|Security Group Ingress Not Restricted<br/><sup><sub>ea6bc7a6-d696-4dcf-a788-17fa03c17c81</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Unknown Port Exposed To Internet<br/><sup><sub>722b0f24-5a64-4cca-aa96-cfc26b7e3a5b</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Unrestricted Security Group Ingress<br/><sup><sub>83c5fa4c-e098-48fc-84ee-0a537287ddd2</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|Hardcoded AWS Access Key<br/><sup><sub>c2f15af3-66a0-4176-a56e-e4711e502e5c</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_instance_module.html">Documentation</a><br/>|
-|Hardcoded AWS Access Key In Lambda<br/><sup><sub>f34508b9-f574-4330-b42d-88c44cced645</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
-|AMI Shared With Multiple Accounts<br/><sup><sub>a19b2942-142e-4e2b-93b7-6cf6a6c8d90f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
-|API Gateway Without Configured Authorizer<br/><sup><sub>b16cdb37-ce15-4ab2-8401-d42b05d123fc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
-|Certificate Has Expired<br/><sup><sub>5a443297-19d4-4381-9e5b-24faf947ec22</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
-|EC2 Instance Using Default Security Group<br/><sup><sub>8d03993b-8384-419b-a681-d1f55149397c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-group">Documentation</a><br/>|
-|IAM Access Key Is Exposed<br/><sup><sub>7f79f858-fbe8-4186-8a2c-dfd0d958a40f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
-|IAM Group Without Users<br/><sup><sub>f509931b-bbb0-443c-bd9b-10e92ecf2193</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_group_module.html">Documentation</a><br/>|
-|IAM Policies Attached To User<br/><sup><sub>eafe4bc3-1042-4f88-b988-1939e64bf060</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_policy_module.html">Documentation</a><br/>|
-|IAM Policies With Full Privileges<br/><sup><sub>e401d614-8026-4f4b-9af9-75d1197461ba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>12a7a7ce-39d6-49dd-923d-aeb4564eb66c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|IAM Role Allows All Principals To Assume<br/><sup><sub>babdedcf-d859-43da-9a7b-6d72e661a8fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
-|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d972c56-8ec2-48c1-a578-887adb09c57a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
-|Public Lambda via API Gateway<br/><sup><sub>5e92d816-2177-4083-85b4-f61b4f7176d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.4/lambda_policy_module.html">Documentation</a><br/>|
-|SES Policy With Allowed IAM Actions<br/><sup><sub>8ed0bfce-f780-46d4-b086-21c3628f09ad</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_ses_identity_policy_module.html#parameter-policy">Documentation</a><br/>|
-|SQS Policy With Public Access<br/><sup><sub>d994585f-defb-4b51-b6d2-c70f020ceb10</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
-|Auto Scaling Group With No Associated ELB<br/><sup><sub>050f085f-a8db-4072-9010-2cca235cc02f</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_asg_module.html#parameter-load_balancers">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>133fee21-37ef-45df-a563-4d07edc169f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enabled">Documentation</a><br/>|
-|RDS With Backup Disabled<br/><sup><sub>e69890e6-fce5-461d-98ad-cb98318dfc96</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-backup_retention_period">Documentation</a><br/>|
-|S3 Bucket Without Versioning<br/><sup><sub>9232306a-f839-40aa-b3ef-b352001da9a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-versioning">Documentation</a><br/>|
-|Stack Retention Disabled<br/><sup><sub>17d5ba1d-7667-4729-b1a6-b11fde3db7f7</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudformation_stack_set_module.html#parameter-purge_stacks">Documentation</a><br/>|
-|AMI Not Encrypted<br/><sup><sub>97707503-a22c-4cd7-b7c0-f088fa7cf830</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
-|CA Certificate Identifier Is Outdated<br/><sup><sub>5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-ca_certificate_identifier">Documentation</a><br/>|
-|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>a6d27cf7-61dc-4bde-ae08-3b353b609f76</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|CodeBuild Not Encrypted<br/><sup><sub>a1423864-2fbc-4f46-bfe1-fbbf125c71c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_codebuild_module.html">Documentation</a><br/>|
-|ELB Using Insecure Protocols<br/><sup><sub>730a5951-2760-407a-b032-dd629b55c23a</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
-|IAM Database Auth Not Enabled<br/><sup><sub>0ed012a4-9199-43d2-b9e4-9bd049a48aa4</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
-|Secure Ciphers Disabled<br/><sup><sub>218413a0-c716-4b94-9e08-0bb70d854709</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>e1e7b278-2a8b-49bd-a26e-66a7f70b17eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#ansible-collections-community-aws-sqs-queue-module">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>b47b98ab-e481-4a82-8bb1-1ab39fd36e33</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.8/modules/aws_api_gateway_module.html">Documentation</a><br/>|
-|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>d5ec2080-340a-4259-b885-f833c4ea6a31</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>d0c13053-d2c8-44a6-95da-d592996e9e67</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html#parameter-viewer_certificate/minimum_protocol_version">Documentation</a><br/>|
-|ECR Image Tag Not Immutable<br/><sup><sub>60bfbb8a-c72f-467f-a6dd-a46b7d612789</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html">Documentation</a><br/>|
-|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>01aec7c2-3e4d-4274-ae47-2b8fea22fd1f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-network_mode">Documentation</a><br/>|
-|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>3505094c-f77c-4ba0-95da-f83db712f86c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_s3_cors_module.html#parameter-rules">Documentation</a><br/>|
-|Vulnerable Default SSL Certificate<br/><sup><sub>fb8f8929-afeb-4c46-99f0-a6cf410f7df4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>f81d63d2-c5d7-43a4-a5b5-66717a41c895</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
-|API Gateway Endpoint Config is Not Private<br/><sup><sub>559439b2-3e9c-4739-ac46-17e3b24ec215</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
-|API Gateway without WAF<br/><sup><sub>f5f38943-664b-4acc-ab11-f292fa10ed0b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/wafv2_resources_module.html#parameter-arn">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>22c80725-e390-4055-8d14-a872230f6607</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|EC2 Instance Has Public IP<br/><sup><sub>a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-assign_public_ip">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>d6c2d06f-43c1-488a-9ba1-8d75b40fc62d</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/devel/collections/community/aws/opensearch_module.html">Documentation</a><br/>|
-|HTTP Port Open To Internet<br/><sup><sub>a14ad534-acbe-4a8e-9404-2f7e1045646e</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
-|Security Group With Unrestricted Access To SSH<br/><sup><sub>57ced4b9-6ba4-487b-8843-b65562b90c77</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>7af1c447-c014-4f05-bd8b-ebe3a15734ac</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
-|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>72a931c2-12f5-40d1-93cc-47bff2f7aa2a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html#ansible-collections-community-aws-cloudwatchlogs-log-group-module">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>d31cb911-bf5b-4eb6-9fc3-16780c77c7bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|CloudTrail Logging Disabled<br/><sup><sub>d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-enable_logging">Documentation</a><br/>|
-|S3 Bucket Logging Disabled<br/><sup><sub>c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-debug_botocore_endpoint_logs">Documentation</a><br/>|
-|No Stack Policy<br/><sup><sub>ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
-|Authentication Without MFA<br/><sup><sub>eee107f9-b3d8-45d3-b9c6-43b5a7263ce1</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_mfa_device_info_module.html">Documentation</a><br/>|
-|ECS Service Without Running Tasks<br/><sup><sub>f5c45127-1d28-4b49-a692-0b97da1c3a84</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html#ansible-collections-community-aws-ecs-service-module">Documentation</a><br/>|
-|Automatic Minor Upgrades Disabled<br/><sup><sub>857f8808-e96a-4ba8-a9b7-f2d4ec6cad94</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
-|CDN Configuration Is Missing<br/><sup><sub>b25398a2-0625-4e61-8e4d-a1bb23905bf6</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
-|Lambda Permission Misconfigured<br/><sup><sub>3ddf3417-424d-420d-8275-0724dc426520</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
-|Misconfigured Password Policy Expiration<br/><sup><sub>3f2cf811-88fa-4eda-be45-7a191a18aba9</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
-|Password Without Reuse Prevention<br/><sup><sub>6f5f5444-1422-495f-81ef-24cefd61ed2c</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html#parameter-pw_reuse_prevent">Documentation</a><br/>|
-|EFS Without Tags<br/><sup><sub>b8a9852c-9943-4973-b8d5-77dae9352851</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html">Documentation</a><br/>|
-|Stack Without Template<br/><sup><sub>32d31f1f-0f83-4721-b7ec-1e6948c60145</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
-|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>f5587077-3f57-4370-9b4e-4eb5b1bac85b</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>bd77554e-f138-40c5-91b2-2a09f878608e</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-kms_key_id">Documentation</a><br/>|
-|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>e28ceb92-d588-4166-aac5-766c8f5b7472</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
-|Instance With No VPC<br/><sup><sub>61d1a2d0-4db8-405a-913d-5d2ce49dff6f</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html">Documentation</a><br/>|
-|Lambda Function Without Tags<br/><sup><sub>265d9725-2fb8-42a2-bc57-3279c5db82d5</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
-|EC2 Instance Using Default VPC<br/><sup><sub>8833f180-96f1-46f4-9147-849aafa56029</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-vpc_subnet_id">Documentation</a><br/>|
-|ElastiCache Using Default Port<br/><sup><sub>7cc6c791-5f68-4816-a564-b9b699f9d26e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_port">Documentation</a><br/>|
-|ElastiCache Without VPC<br/><sup><sub>5527dcfc-94f9-4bf6-b7d4-1b78850cf41f</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_subnet_group">Documentation</a><br/>|
-|RDS Using Default Port<br/><sup><sub>2cb674f6-32f9-40be-97f2-62c0dc38f0d5</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-port">Documentation</a><br/>|
-|Redshift Using Default Port<br/><sup><sub>e01de151-a7bd-4db4-b49b-3c4775a5e881</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html#parameter-port">Documentation</a><br/>|
-|API Gateway X-Ray Disabled<br/><sup><sub>2059155b-27fd-441e-b616-6966c468561f</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html#parameter-tracing_enabled">Documentation</a><br/>|
-|CloudTrail Log File Validation Disabled<br/><sup><sub>4d8681a2-3d30-4c89-8070-08acd142748e</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|CloudTrail Multi Region Disabled<br/><sup><sub>6ad087d7-a509-4b20-b853-9ef6f5ebaa98</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-is_multi_region_trail">Documentation</a><br/>|
-|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>ebb2118a-03bc-4d53-ab43-d8750f5cb8d3</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|CloudTrail SNS Topic Name Undefined<br/><sup><sub>5ba316a9-c466-4ec1-8d5b-bc6107dc9a92</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
-|CMK Rotation Disabled<br/><sup><sub>af96d737-0818-4162-8c41-40d969bd65d1</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enable_key_rotation">Documentation</a><br/>|
-|Configuration Aggregator to All Regions Disabled<br/><sup><sub>a2fdf451-89dd-451e-af92-bf6c0f4bab96</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_aggregator_module.html#parameter-organization_source">Documentation</a><br/>|
-|Lambda Functions Without X-Ray Tracing<br/><sup><sub>71397b34-1d50-4ee1-97cb-c96c34676f74</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
-|Stack Notifications Disabled<br/><sup><sub>d39761d7-94ab-45b0-ab5e-27c44e381d58</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html#parameter-notification_arns">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>338b6cab-961d-4998-bb49-e5b6a11c9a5c</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-ebs_optimized">Documentation</a><br/>|
-|CloudWatch Without Retention Period Specified<br/><sup><sub>e24e18d9-4c2b-4649-b3d0-18c088145e24</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html">Documentation</a><br/>|
+|ECR Repository Is Publicly Accessible<br/><sup><sub>fb5a5df7-6d74-4243-ab82-ff779a958bfd</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html#parameter-policy">Documentation</a><br/>|
+|S3 Bucket Access to Any Principal<br/><sup><sub>3ab1f27d-52cc-4943-af1d-43c1939e739a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#ansible-collections-amazon-aws-s3-bucket-module">Documentation</a><br/>|
+|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>6fa44721-ef21-41c6-8665-330d59461163</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>a0f1bfe0-741e-473f-b3b2-13e66f856fab</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|S3 Bucket With All Permissions<br/><sup><sub>6a6d7e56-c913-4549-b5c5-5221e624d2ec</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-policy">Documentation</a><br/>|
+|S3 Bucket With Public Access<br/><sup><sub>c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>c09e3ca5-f08a-4717-9c87-3919c5e6d209</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
+|DB Security Group With Public Scope<br/><sup><sub>0956aedf-6a7a-478b-ab56-63e2b19923ad</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|RDS Associated with Public Subnet<br/><sup><sub>16732649-4ff6-4cd2-8746-e72c13fae4b8</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-db_subnet_group_name">Documentation</a><br/>|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>af167837-9636-4086-b815-c239186b9dda</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_role_module.html#parameter-assume_role_policy_document">Documentation</a><br/>|
+|ECS Service Admin Role Is Present<br/><sup><sub>7db727c1-1720-468e-b80e-06697f71e09e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html">Documentation</a><br/>|
+|IAM Policy Grants Full Permissions<br/><sup><sub>b5ed026d-a772-4f07-97f9-664ba0b116f8</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>a1ef9d2e-4163-40cb-bd92-04f0d602a15d</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>75480b31-f349-4b9a-861f-bce19588e674</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_s3_module.html#parameter-permission">Documentation</a><br/>|
+|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>53bce6a8-5492-4b1b-81cf-664385f0c4bf</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|S3 Bucket Allows List Action From All Principals<br/><sup><sub>d395a950-12ce-4314-a742-ac5a785ab44e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|SNS Topic is Publicly Accessible<br/><sup><sub>905f4741-f965-45c1-98db-f7a00a0e5c73</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sns_topic_module.html">Documentation</a><br/>|
+|SQS Policy Allows All Actions<br/><sup><sub>ed9b3beb-92cf-44d9-a9d2-171eeba569d4</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
+|SQS Queue Exposed<br/><sup><sub>86b0efa7-4901-4edd-a37a-c034bec6645a</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#parameter-policy">Documentation</a><br/>|
+|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>7674a686-e4b1-4a95-83d4-1fd53c623d84</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_rule_module.html#parameter-source/identifier">Documentation</a><br/>|
+|DB Instance Storage Not Encrypted<br/><sup><sub>7dfb316c-a6c2-454d-b8a2-97f147b0c0ff</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
+|EBS Volume Encryption Disabled<br/><sup><sub>4b6012e7-7176-46e4-8108-e441785eae57</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_vol_module.html#parameter-encrypted">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>727c4fd4-d604-4df6-a179-7713d3c85e20</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-encrypt">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>2034fb37-bc23-4ca0-8d95-2b9f15829ab5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
+|Kinesis Not Encrypted With KMS<br/><sup><sub>f2ea6481-1d31-4d40-946a-520dc6321dd7</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/kinesis_stream_module.html">Documentation</a><br/>|
+|Launch Configuration Is Not Encrypted<br/><sup><sub>66477506-6abb-49ed-803d-3fa174cd5f6a</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
+|Redis Not Compliant<br/><sup><sub>9f34885e-c08f-4d13-a7d1-cf190c5bd268</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_engine_version">Documentation</a><br/>|
+|Redshift Not Encrypted<br/><sup><sub>6a647814-def5-4b85-88f5-897c19f509cd</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
+|S3 Bucket Without Server-side-encryption<br/><sup><sub>594f54e7-f744-45ab-93e4-c6dbaf6cd571</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html">Documentation</a><br/>|
+|User Data Contains Encoded Private Key<br/><sup><sub>c09f4d3e-27d2-4d46-9453-abbe9687a64e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_lc_module.html">Documentation</a><br/>|
+|Batch Job Definition With Privileged Container Properties<br/><sup><sub>defe5b18-978d-4722-9325-4d1975d3699f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_batch_job_definition_module.html">Documentation</a><br/>|
+|EC2 Group Has Public Interface<br/><sup><sub>5330b503-3319-44ff-9b1c-00ee873f728a</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|KMS Key With Vulnerable Policy<br/><sup><sub>5b9d237a-57d5-4177-be0e-71434b0fef47</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html">Documentation</a><br/>|
+|Redshift Publicly Accessible<br/><sup><sub>5c6b727b-1382-4629-8ba9-abd1365e5610</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html">Documentation</a><br/>|
+|Root Account Has Active Access Keys<br/><sup><sub>e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
+|DB Security Group Open To Large Scope<br/><sup><sub>ea0ed1c7-9aef-4464-b7c7-94c762da3640</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
+|Default Security Groups With Unrestricted Traffic<br/><sup><sub>8010e17a-00e9-4635-a692-90d6bcec68bd</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Public Port Wide<br/><sup><sub>71ea648a-d31a-4b5a-a589-5674243f1c33</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Remote Desktop Port Open To Internet<br/><sup><sub>eda7301d-1f3e-47cf-8d4e-976debc64341</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
+|Route53 Record Undefined<br/><sup><sub>445dce51-7e53-4e50-80ef-7f94f14169e4</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/route53_module.html#parameter-value">Documentation</a><br/>|
+|Security Group Ingress Not Restricted<br/><sup><sub>ea6bc7a6-d696-4dcf-a788-17fa03c17c81</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Unknown Port Exposed To Internet<br/><sup><sub>722b0f24-5a64-4cca-aa96-cfc26b7e3a5b</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Unrestricted Security Group Ingress<br/><sup><sub>83c5fa4c-e098-48fc-84ee-0a537287ddd2</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|Hardcoded AWS Access Key<br/><sup><sub>c2f15af3-66a0-4176-a56e-e4711e502e5c</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_instance_module.html">Documentation</a><br/>|
+|Hardcoded AWS Access Key In Lambda<br/><sup><sub>f34508b9-f574-4330-b42d-88c44cced645</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
+|AMI Shared With Multiple Accounts<br/><sup><sub>a19b2942-142e-4e2b-93b7-6cf6a6c8d90f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
+|API Gateway Without Configured Authorizer<br/><sup><sub>b16cdb37-ce15-4ab2-8401-d42b05d123fc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
+|Certificate Has Expired<br/><sup><sub>5a443297-19d4-4381-9e5b-24faf947ec22</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
+|EC2 Instance Using Default Security Group<br/><sup><sub>8d03993b-8384-419b-a681-d1f55149397c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-group">Documentation</a><br/>|
+|IAM Access Key Is Exposed<br/><sup><sub>7f79f858-fbe8-4186-8a2c-dfd0d958a40f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_module.html">Documentation</a><br/>|
+|IAM Group Without Users<br/><sup><sub>f509931b-bbb0-443c-bd9b-10e92ecf2193</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_group_module.html">Documentation</a><br/>|
+|IAM Policies Attached To User<br/><sup><sub>eafe4bc3-1042-4f88-b988-1939e64bf060</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_policy_module.html">Documentation</a><br/>|
+|IAM Policies With Full Privileges<br/><sup><sub>e401d614-8026-4f4b-9af9-75d1197461ba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>12a7a7ce-39d6-49dd-923d-aeb4564eb66c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|IAM Role Allows All Principals To Assume<br/><sup><sub>babdedcf-d859-43da-9a7b-6d72e661a8fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html">Documentation</a><br/>|
+|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d972c56-8ec2-48c1-a578-887adb09c57a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
+|Public Lambda via API Gateway<br/><sup><sub>5e92d816-2177-4083-85b4-f61b4f7176d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.4/lambda_policy_module.html">Documentation</a><br/>|
+|SES Policy With Allowed IAM Actions<br/><sup><sub>8ed0bfce-f780-46d4-b086-21c3628f09ad</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_ses_identity_policy_module.html#parameter-policy">Documentation</a><br/>|
+|SQS Policy With Public Access<br/><sup><sub>d994585f-defb-4b51-b6d2-c70f020ceb10</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html">Documentation</a><br/>|
+|Auto Scaling Group With No Associated ELB<br/><sup><sub>050f085f-a8db-4072-9010-2cca235cc02f</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ec2_asg_module.html#parameter-load_balancers">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>133fee21-37ef-45df-a563-4d07edc169f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enabled">Documentation</a><br/>|
+|RDS With Backup Disabled<br/><sup><sub>e69890e6-fce5-461d-98ad-cb98318dfc96</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-backup_retention_period">Documentation</a><br/>|
+|S3 Bucket Without Versioning<br/><sup><sub>9232306a-f839-40aa-b3ef-b352001da9a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-versioning">Documentation</a><br/>|
+|Stack Retention Disabled<br/><sup><sub>17d5ba1d-7667-4729-b1a6-b11fde3db7f7</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudformation_stack_set_module.html#parameter-purge_stacks">Documentation</a><br/>|
+|AMI Not Encrypted<br/><sup><sub>97707503-a22c-4cd7-b7c0-f088fa7cf830</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_ami_module.html">Documentation</a><br/>|
+|CA Certificate Identifier Is Outdated<br/><sup><sub>5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-ca_certificate_identifier">Documentation</a><br/>|
+|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>a6d27cf7-61dc-4bde-ae08-3b353b609f76</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|CodeBuild Not Encrypted<br/><sup><sub>a1423864-2fbc-4f46-bfe1-fbbf125c71c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_codebuild_module.html">Documentation</a><br/>|
+|ELB Using Insecure Protocols<br/><sup><sub>730a5951-2760-407a-b032-dd629b55c23a</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
+|IAM Database Auth Not Enabled<br/><sup><sub>0ed012a4-9199-43d2-b9e4-9bd049a48aa4</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html">Documentation</a><br/>|
+|Secure Ciphers Disabled<br/><sup><sub>218413a0-c716-4b94-9e08-0bb70d854709</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>e1e7b278-2a8b-49bd-a26e-66a7f70b17eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#ansible-collections-community-aws-sqs-queue-module">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>b47b98ab-e481-4a82-8bb1-1ab39fd36e33</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.8/modules/aws_api_gateway_module.html">Documentation</a><br/>|
+|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>d5ec2080-340a-4259-b885-f833c4ea6a31</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31')">Query details</a><br><a href="https://docs.ansible.com/ansible/2.10/collections/community/aws/aws_acm_module.html">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>d0c13053-d2c8-44a6-95da-d592996e9e67</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html#parameter-viewer_certificate/minimum_protocol_version">Documentation</a><br/>|
+|ECR Image Tag Not Immutable<br/><sup><sub>60bfbb8a-c72f-467f-a6dd-a46b7d612789</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_ecr_module.html">Documentation</a><br/>|
+|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>01aec7c2-3e4d-4274-ae47-2b8fea22fd1f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-network_mode">Documentation</a><br/>|
+|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>3505094c-f77c-4ba0-95da-f83db712f86c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_s3_cors_module.html#parameter-rules">Documentation</a><br/>|
+|Vulnerable Default SSL Certificate<br/><sup><sub>fb8f8929-afeb-4c46-99f0-a6cf410f7df4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>f81d63d2-c5d7-43a4-a5b5-66717a41c895</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elb_application_lb_module.html">Documentation</a><br/>|
+|API Gateway Endpoint Config is Not Private<br/><sup><sub>559439b2-3e9c-4739-ac46-17e3b24ec215</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html">Documentation</a><br/>|
+|API Gateway without WAF<br/><sup><sub>f5f38943-664b-4acc-ab11-f292fa10ed0b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/wafv2_resources_module.html#parameter-arn">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>22c80725-e390-4055-8d14-a872230f6607</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|EC2 Instance Has Public IP<br/><sup><sub>a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-assign_public_ip">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>d6c2d06f-43c1-488a-9ba1-8d75b40fc62d</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d')">Query details</a><br><a href="https://docs.ansible.com/ansible/devel/collections/community/aws/opensearch_module.html">Documentation</a><br/>|
+|HTTP Port Open To Internet<br/><sup><sub>a14ad534-acbe-4a8e-9404-2f7e1045646e</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html#ansible-collections-amazon-aws-ec2-group-module">Documentation</a><br/>|
+|Security Group With Unrestricted Access To SSH<br/><sup><sub>57ced4b9-6ba4-487b-8843-b65562b90c77</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>7af1c447-c014-4f05-bd8b-ebe3a15734ac</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_group_module.html">Documentation</a><br/>|
+|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>72a931c2-12f5-40d1-93cc-47bff2f7aa2a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html#ansible-collections-community-aws-cloudwatchlogs-log-group-module">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>d31cb911-bf5b-4eb6-9fc3-16780c77c7bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|CloudTrail Logging Disabled<br/><sup><sub>d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-enable_logging">Documentation</a><br/>|
+|S3 Bucket Logging Disabled<br/><sup><sub>c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/s3_bucket_module.html#parameter-debug_botocore_endpoint_logs">Documentation</a><br/>|
+|No Stack Policy<br/><sup><sub>ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
+|Authentication Without MFA<br/><sup><sub>eee107f9-b3d8-45d3-b9c6-43b5a7263ce1</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_mfa_device_info_module.html">Documentation</a><br/>|
+|ECS Service Without Running Tasks<br/><sup><sub>f5c45127-1d28-4b49-a692-0b97da1c3a84</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_service_module.html#ansible-collections-community-aws-ecs-service-module">Documentation</a><br/>|
+|Automatic Minor Upgrades Disabled<br/><sup><sub>857f8808-e96a-4ba8-a9b7-f2d4ec6cad94</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade">Documentation</a><br/>|
+|CDN Configuration Is Missing<br/><sup><sub>b25398a2-0625-4e61-8e4d-a1bb23905bf6</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudfront_distribution_module.html">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
+|Lambda Permission Misconfigured<br/><sup><sub>3ddf3417-424d-420d-8275-0724dc426520</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
+|Misconfigured Password Policy Expiration<br/><sup><sub>3f2cf811-88fa-4eda-be45-7a191a18aba9</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
+|Password Without Reuse Prevention<br/><sup><sub>6f5f5444-1422-495f-81ef-24cefd61ed2c</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html#parameter-pw_reuse_prevent">Documentation</a><br/>|
+|EFS Without Tags<br/><sup><sub>b8a9852c-9943-4973-b8d5-77dae9352851</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html">Documentation</a><br/>|
+|Stack Without Template<br/><sup><sub>32d31f1f-0f83-4721-b7ec-1e6948c60145</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html">Documentation</a><br/>|
+|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>f5587077-3f57-4370-9b4e-4eb5b1bac85b</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>bd77554e-f138-40c5-91b2-2a09f878608e</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/efs_module.html#parameter-kms_key_id">Documentation</a><br/>|
+|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>e28ceb92-d588-4166-aac5-766c8f5b7472</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html">Documentation</a><br/>|
+|Instance With No VPC<br/><sup><sub>61d1a2d0-4db8-405a-913d-5d2ce49dff6f</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html">Documentation</a><br/>|
+|Lambda Function Without Tags<br/><sup><sub>265d9725-2fb8-42a2-bc57-3279c5db82d5</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
+|EC2 Instance Using Default VPC<br/><sup><sub>8833f180-96f1-46f4-9147-849aafa56029</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-vpc_subnet_id">Documentation</a><br/>|
+|ElastiCache Using Default Port<br/><sup><sub>7cc6c791-5f68-4816-a564-b9b699f9d26e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_port">Documentation</a><br/>|
+|ElastiCache Without VPC<br/><sup><sub>5527dcfc-94f9-4bf6-b7d4-1b78850cf41f</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/elasticache_module.html#parameter-cache_subnet_group">Documentation</a><br/>|
+|RDS Using Default Port<br/><sup><sub>2cb674f6-32f9-40be-97f2-62c0dc38f0d5</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-port">Documentation</a><br/>|
+|Redshift Using Default Port<br/><sup><sub>e01de151-a7bd-4db4-b49b-3c4775a5e881</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/redshift_module.html#parameter-port">Documentation</a><br/>|
+|API Gateway X-Ray Disabled<br/><sup><sub>2059155b-27fd-441e-b616-6966c468561f</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_api_gateway_module.html#parameter-tracing_enabled">Documentation</a><br/>|
+|CloudTrail Log File Validation Disabled<br/><sup><sub>4d8681a2-3d30-4c89-8070-08acd142748e</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|CloudTrail Multi Region Disabled<br/><sup><sub>6ad087d7-a509-4b20-b853-9ef6f5ebaa98</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html#parameter-is_multi_region_trail">Documentation</a><br/>|
+|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>ebb2118a-03bc-4d53-ab43-d8750f5cb8d3</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|CloudTrail SNS Topic Name Undefined<br/><sup><sub>5ba316a9-c466-4ec1-8d5b-bc6107dc9a92</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html">Documentation</a><br/>|
+|CMK Rotation Disabled<br/><sup><sub>af96d737-0818-4162-8c41-40d969bd65d1</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_kms_module.html#parameter-enable_key_rotation">Documentation</a><br/>|
+|Configuration Aggregator to All Regions Disabled<br/><sup><sub>a2fdf451-89dd-451e-af92-bf6c0f4bab96</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/aws_config_aggregator_module.html#parameter-organization_source">Documentation</a><br/>|
+|Lambda Functions Without X-Ray Tracing<br/><sup><sub>71397b34-1d50-4ee1-97cb-c96c34676f74</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_module.html">Documentation</a><br/>|
+|Stack Notifications Disabled<br/><sup><sub>d39761d7-94ab-45b0-ab5e-27c44e381d58</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/cloudformation_module.html#parameter-notification_arns">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>338b6cab-961d-4998-bb49-e5b6a11c9a5c</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_module.html#parameter-ebs_optimized">Documentation</a><br/>|
+|CloudWatch Without Retention Period Specified<br/><sup><sub>e24e18d9-4c2b-4649-b3d0-18c088145e24</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24" onclick="newWindowOpenerSafe(event, '../ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/cloudwatchlogs_log_group_module.html">Documentation</a><br/>|
 
 ### AZURE
 Below are listed queries related to Ansible AZURE:
@@ -140,46 +140,46 @@ Below are listed queries related to Ansible AZURE:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>e8c80448-31d8-4755-85fc-6dbab69c2717</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html#parameter-ip_range_filter">Documentation</a><br/>|
-|Redis Entirely Accessible<br/><sup><sub>0d0c12b9-edce-4510-9065-13f6a758750c</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
-|Redis Publicly Accessible<br/><sup><sub>0632d0db-9190-450a-8bb3-c283bffea445</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
-|SQLServer Ingress From Any IP<br/><sup><sub>f4e9ff70-0f3b-4c50-a713-26cbe7ec4039</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
-|Unrestricted SQL Server Access<br/><sup><sub>3f23c96c-f9f5-488d-9b17-605b8da5842f</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
-|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>ca4df748-613a-4fbf-9c76-f02cbd580307</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-public_network_access">Documentation</a><br/>|
-|Public Storage Account<br/><sup><sub>35e2f133-a395-40de-a79d-b260d973d1bd</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls">Documentation</a><br/>|
-|Storage Container Is Publicly Accessible<br/><sup><sub>4d3817db-dd35-4de4-a80d-3867157e7f7f</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageblob_module.html#parameter-public_access">Documentation</a><br/>|
-|Azure Container Registry With No Locks<br/><sup><sub>581dae78-307d-45d5-aae4-fe2b0db267a5</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_lock_module.html">Documentation</a><br/>|
-|Security Group is Not Configured<br/><sup><sub>da4f2739-174f-4cdd-b9ef-dc3f14b5931f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_subnet_module.html">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_securitygroup_module.html#parameter-rules">Documentation</a><br/>|
-|Admin User Enabled For Container Registry<br/><sup><sub>29f35127-98e6-43af-8ec1-201b79f99604</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_containerregistry_module.html">Documentation</a><br/>|
-|AKS RBAC Disabled<br/><sup><sub>149fa56c-4404-4f90-9e25-d34b676d5b39</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
-|Role Definition Allows Custom Role Creation<br/><sup><sub>5c80db8e-03f5-43a2-b4af-1f3f87018157</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_roledefinition_module.html#parameter-permissions/actions">Documentation</a><br/>|
-|Key Vault Soft Delete Is Disabled<br/><sup><sub>881696a8-68c5-4073-85bc-7c38a3deb854</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_keyvault_module.html#parameter-enable_soft_delete">Documentation</a><br/>|
-|Azure Instance Using Basic Authentication<br/><sup><sub>e2d834b7-8b25-4935-af53-4a60668dcbe0</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-linux_config/disable_password_authentication">Documentation</a><br/>|
-|MySQL SSL Connection Disabled<br/><sup><sub>2a901825-0f3b-4655-a0fe-e0470e50f8e6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_mysqlserver_module.html">Documentation</a><br/>|
-|SSL Enforce Disabled<br/><sup><sub>961ce567-a16d-4d7d-9027-f0ec2628a555</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlserver_module.html#parameter-enforce_ssl">Documentation</a><br/>|
-|Storage Account Not Forcing HTTPS<br/><sup><sub>2c99a474-2a3c-4c17-8294-53ffa5ed0522</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-https_only">Documentation</a><br/>|
-|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>c62746cf-92d5-4649-9acf-7d48d086f2ee</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-minimum_tls_version">Documentation</a><br/>|
-|AD Admin Not Configured For SQL Server<br/><sup><sub>b176e927-bbe2-44a6-a9c3-041417137e5f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html#parameter-ad_user">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>869e7fb4-30f0-4bdb-b360-ad548f337f2f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscache_module.html">Documentation</a><br/>|
-|VM Not Attached To Network<br/><sup><sub>1e5f5307-3e01-438d-8da6-985307ed25ce</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-network_interface_names">Documentation</a><br/>|
-|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>eb8c2560-8bee-4248-9d0d-e80c8641dd91</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_webapp_module.html#parameter-https_only">Documentation</a><br/>|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>69f72007-502e-457b-bd2d-5012e31ac049</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html">Documentation</a><br/>|
-|Trusted Microsoft Services Not Enabled<br/><sup><sub>1bc398a8-d274-47de-a4c8-6ac867b353de</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls/bypass">Documentation</a><br/>|
-|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_appgateway_module.html">Documentation</a><br/>|
-|AKS Monitoring Logging Disabled<br/><sup><sub>d5e83b32-56dd-4247-8c2e-074f43b38a5e</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
-|Log Retention Is Not Set<br/><sup><sub>0461b4fd-21ef-4687-929e-484ee4796785</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|Monitoring Log Profile Without All Activities<br/><sup><sub>89f84a1e-75f8-47c5-83b5-bee8e2de4168</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
-|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>7ab33ac0-e4a3-418f-a673-50da4e34df21</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Log Connections Not Set<br/><sup><sub>7b47138f-ec0e-47dc-8516-e7728fe3cc17</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Log Disconnections Not Set<br/><sup><sub>054d07b5-941b-4c28-8eef-18989dc62323</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Log Duration Not Set<br/><sup><sub>729ebb15-8060-40f7-9017-cb72676a5487</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|PostgreSQL Server Without Connection Throttling<br/><sup><sub>a9becca7-892a-4af7-b9e1-44bf20a4cd9a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
-|SQL Server Predictable Active Directory Account Name<br/><sup><sub>530e8291-2f22-4bab-b7ea-306f1bc2a308</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_adserviceprincipal_module.html">Documentation</a><br/>|
-|SQL Server Predictable Admin Account Name<br/><sup><sub>663062e9-473d-4e87-99bc-6f3684b3df40</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html">Documentation</a><br/>|
-|Cosmos DB Account Without Tags<br/><sup><sub>23a4dc83-4959-4d99-8056-8e051a82bc1e</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html">Documentation</a><br/>|
-|AKS Network Policy Misconfigured<br/><sup><sub>8c3bedf1-c570-4c3b-b414-d068cd39a00c</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html#parameter-network_profile/network_policy">Documentation</a><br/>|
-|Small Activity Log Retention Period<br/><sup><sub>37fafbea-dedb-4e0d-852e-d16ee0589326</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
+|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>e8c80448-31d8-4755-85fc-6dbab69c2717</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html#parameter-ip_range_filter">Documentation</a><br/>|
+|Redis Entirely Accessible<br/><sup><sub>0d0c12b9-edce-4510-9065-13f6a758750c</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
+|Redis Publicly Accessible<br/><sup><sub>0632d0db-9190-450a-8bb3-c283bffea445</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html#parameter-start_ip_address">Documentation</a><br/>|
+|SQLServer Ingress From Any IP<br/><sup><sub>f4e9ff70-0f3b-4c50-a713-26cbe7ec4039</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
+|Unrestricted SQL Server Access<br/><sup><sub>3f23c96c-f9f5-488d-9b17-605b8da5842f</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlfirewallrule_module.html">Documentation</a><br/>|
+|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>ca4df748-613a-4fbf-9c76-f02cbd580307</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-public_network_access">Documentation</a><br/>|
+|Public Storage Account<br/><sup><sub>35e2f133-a395-40de-a79d-b260d973d1bd</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls">Documentation</a><br/>|
+|Storage Container Is Publicly Accessible<br/><sup><sub>4d3817db-dd35-4de4-a80d-3867157e7f7f</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageblob_module.html#parameter-public_access">Documentation</a><br/>|
+|Azure Container Registry With No Locks<br/><sup><sub>581dae78-307d-45d5-aae4-fe2b0db267a5</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_lock_module.html">Documentation</a><br/>|
+|Security Group is Not Configured<br/><sup><sub>da4f2739-174f-4cdd-b9ef-dc3f14b5931f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_subnet_module.html">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_securitygroup_module.html#parameter-rules">Documentation</a><br/>|
+|Admin User Enabled For Container Registry<br/><sup><sub>29f35127-98e6-43af-8ec1-201b79f99604</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_containerregistry_module.html">Documentation</a><br/>|
+|AKS RBAC Disabled<br/><sup><sub>149fa56c-4404-4f90-9e25-d34b676d5b39</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
+|Role Definition Allows Custom Role Creation<br/><sup><sub>5c80db8e-03f5-43a2-b4af-1f3f87018157</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_roledefinition_module.html#parameter-permissions/actions">Documentation</a><br/>|
+|Key Vault Soft Delete Is Disabled<br/><sup><sub>881696a8-68c5-4073-85bc-7c38a3deb854</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_keyvault_module.html#parameter-enable_soft_delete">Documentation</a><br/>|
+|Azure Instance Using Basic Authentication<br/><sup><sub>e2d834b7-8b25-4935-af53-4a60668dcbe0</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-linux_config/disable_password_authentication">Documentation</a><br/>|
+|MySQL SSL Connection Disabled<br/><sup><sub>2a901825-0f3b-4655-a0fe-e0470e50f8e6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_mysqlserver_module.html">Documentation</a><br/>|
+|SSL Enforce Disabled<br/><sup><sub>961ce567-a16d-4d7d-9027-f0ec2628a555</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlserver_module.html#parameter-enforce_ssl">Documentation</a><br/>|
+|Storage Account Not Forcing HTTPS<br/><sup><sub>2c99a474-2a3c-4c17-8294-53ffa5ed0522</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-https_only">Documentation</a><br/>|
+|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>c62746cf-92d5-4649-9acf-7d48d086f2ee</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-minimum_tls_version">Documentation</a><br/>|
+|AD Admin Not Configured For SQL Server<br/><sup><sub>b176e927-bbe2-44a6-a9c3-041417137e5f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html#parameter-ad_user">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>869e7fb4-30f0-4bdb-b360-ad548f337f2f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscache_module.html">Documentation</a><br/>|
+|VM Not Attached To Network<br/><sup><sub>1e5f5307-3e01-438d-8da6-985307ed25ce</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_virtualmachine_module.html#parameter-network_interface_names">Documentation</a><br/>|
+|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>eb8c2560-8bee-4248-9d0d-e80c8641dd91</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_webapp_module.html#parameter-https_only">Documentation</a><br/>|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>69f72007-502e-457b-bd2d-5012e31ac049</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_rediscachefirewallrule_module.html">Documentation</a><br/>|
+|Trusted Microsoft Services Not Enabled<br/><sup><sub>1bc398a8-d274-47de-a4c8-6ac867b353de</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls/bypass">Documentation</a><br/>|
+|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_appgateway_module.html">Documentation</a><br/>|
+|AKS Monitoring Logging Disabled<br/><sup><sub>d5e83b32-56dd-4247-8c2e-074f43b38a5e</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html">Documentation</a><br/>|
+|Log Retention Is Not Set<br/><sup><sub>0461b4fd-21ef-4687-929e-484ee4796785</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|Monitoring Log Profile Without All Activities<br/><sup><sub>89f84a1e-75f8-47c5-83b5-bee8e2de4168</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
+|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>7ab33ac0-e4a3-418f-a673-50da4e34df21</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Log Connections Not Set<br/><sup><sub>7b47138f-ec0e-47dc-8516-e7728fe3cc17</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Log Disconnections Not Set<br/><sup><sub>054d07b5-941b-4c28-8eef-18989dc62323</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Log Duration Not Set<br/><sup><sub>729ebb15-8060-40f7-9017-cb72676a5487</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|PostgreSQL Server Without Connection Throttling<br/><sup><sub>a9becca7-892a-4af7-b9e1-44bf20a4cd9a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_postgresqlconfiguration_module.html">Documentation</a><br/>|
+|SQL Server Predictable Active Directory Account Name<br/><sup><sub>530e8291-2f22-4bab-b7ea-306f1bc2a308</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_adserviceprincipal_module.html">Documentation</a><br/>|
+|SQL Server Predictable Admin Account Name<br/><sup><sub>663062e9-473d-4e87-99bc-6f3684b3df40</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_sqlserver_module.html">Documentation</a><br/>|
+|Cosmos DB Account Without Tags<br/><sup><sub>23a4dc83-4959-4d99-8056-8e051a82bc1e</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_cosmosdbaccount_module.html">Documentation</a><br/>|
+|AKS Network Policy Misconfigured<br/><sup><sub>8c3bedf1-c570-4c3b-b414-d068cd39a00c</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_aks_module.html#parameter-network_profile/network_policy">Documentation</a><br/>|
+|Small Activity Log Retention Period<br/><sup><sub>37fafbea-dedb-4e0d-852e-d16ee0589326</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326" onclick="newWindowOpenerSafe(event, '../ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_monitorlogprofile_module.html">Documentation</a><br/>|
 
 ### CONFIG
 Below are listed queries related to Ansible CONFIG:
@@ -188,10 +188,10 @@ Below are listed queries related to Ansible CONFIG:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Allow Unsafe Lookups Enabled<br/><sup><sub>86b97bb4-85c9-462d-8635-cbc057c5c8c5</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/config.html#default-allow-unsafe-lookups">Documentation</a><br/>|
-|Privilege Escalation Using Become Plugin<br/><sup><sub>404908b6-4954-4611-98f0-e8ceacdabcb1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/become.html">Documentation</a><br/>|
-|Communication over HTTP<br/><sup><sub>d7dc9350-74bc-485b-8c85-fed22d276c43</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/httpapi.html">Documentation</a><br/>|
-|Logging of Sensitive Data<br/><sup><sub>c6473dae-8477-4119-88b7-b909b435ce7b</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/logging.html#protecting-sensitive-data-with-no-log">Documentation</a><br/>|
+|Allow Unsafe Lookups Enabled<br/><sup><sub>86b97bb4-85c9-462d-8635-cbc057c5c8c5</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5" onclick="newWindowOpenerSafe(event, '../ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/config.html#default-allow-unsafe-lookups">Documentation</a><br/>|
+|Privilege Escalation Using Become Plugin<br/><sup><sub>404908b6-4954-4611-98f0-e8ceacdabcb1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1" onclick="newWindowOpenerSafe(event, '../ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/become.html">Documentation</a><br/>|
+|Communication over HTTP<br/><sup><sub>d7dc9350-74bc-485b-8c85-fed22d276c43</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43" onclick="newWindowOpenerSafe(event, '../ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/plugins/httpapi.html">Documentation</a><br/>|
+|Logging of Sensitive Data<br/><sup><sub>c6473dae-8477-4119-88b7-b909b435ce7b</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b" onclick="newWindowOpenerSafe(event, '../ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/reference_appendices/logging.html#protecting-sensitive-data-with-no-log">Documentation</a><br/>|
 
 ### GCP
 Below are listed queries related to Ansible GCP:
@@ -200,55 +200,55 @@ Below are listed queries related to Ansible GCP:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>086031e1-9d4a-4249-acb3-5bfe4c363db2</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html">Documentation</a><br/>|
-|SQL DB Instance Publicly Accessible<br/><sup><sub>7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html">Documentation</a><br/>|
-|BigQuery Dataset Is Public<br/><sup><sub>2263b286-2fe9-4747-a0ae-8b4768a2bbd2</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_bigquery_dataset_module.html#parameter-access/special_group">Documentation</a><br/>|
-|SQL DB Instance With SSL Disabled<br/><sup><sub>d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/ip_configuration/require_ssl">Documentation</a><br/>|
-|Client Certificate Disabled<br/><sup><sub>20180133-a0d0-4745-bfe0-94049fbb12a9</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Cloud SQL Instance With Contained Database Authentication On<br/><sup><sub>6d34aff3-fdd2-460c-8190-756a3b4969e8</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Cloud SQL Instance With Cross DB Ownership Chaining On<br/><sup><sub>9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|GKE Legacy Authorization Enabled<br/><sup><sub>300a9964-b086-41f7-9378-b6de3ba1c32b</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|MySQL Instance With Local Infile On<br/><sup><sub>a7b520bb-2509-4fb0-be05-bc38f54c7a4c</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|RDP Access Is Not Restricted<br/><sup><sub>75418eb9-39ec-465f-913c-6f2b6a80dc77</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
-|VM With Full Cloud Access<br/><sup><sub>bc20bbc6-0697-4568-9a73-85af1dd97bdd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-service_accounts/scopes">Documentation</a><br/>|
-|SQL DB Instance Backup Disabled<br/><sup><sub>0c82eae2-aca0-401f-93e4-fb37a0f9e5e8</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/backup_configuration/enabled">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>092bae86-6105-4802-99d2-99cd7e7431f3</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_disk_module.html">Documentation</a><br/>|
-|DNSSEC Using RSASHA1<br/><sup><sub>6cf4c3a7-ceb0-4475-8892-3745b84be24a</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/defaultKeySpecs/algorithm">Documentation</a><br/>|
-|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>b28bcd2f-c309-490e-ab7c-35fc4023eb26</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_ssl_policy_module.html">Documentation</a><br/>|
-|Cloud DNS Without DNSSEC<br/><sup><sub>80b15fb1-6207-40f4-a803-6915ae619a03</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/state">Documentation</a><br/>|
-|Cluster Master Authentication Disabled<br/><sup><sub>9df7f78f-ebe3-432e-ac3b-b67189c15518</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|GKE Basic Authentication Enabled<br/><sup><sub>344bf8ab-9308-462b-a6b2-697432e40ba1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>d58c6f24-3763-4269-9f5b-86b2569a003b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html">Documentation</a><br/>|
-|IP Aliasing Disabled<br/><sup><sub>ed672a9f-fbf0-44d8-a47d-779501b0db05</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Network Policy Disabled<br/><sup><sub>98e04ca0-34f5-4c74-8fec-d2e611ce2790</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|OSLogin Is Disabled In VM Instance<br/><sup><sub>66dae697-507b-4aef-be18-eec5bd707f33</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Private Cluster Disabled<br/><sup><sub>3b30e3d6-c99b-4318-b38f-b99db74578b5</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Shielded VM Disabled<br/><sup><sub>18d3a83d-4414-49dc-90ea-f0387b2856cc</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Using Default Service Account<br/><sup><sub>2775e169-e708-42a9-9305-b58aadd2c4dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|GKE Using Default Service Account<br/><sup><sub>dc126833-125a-40fb-905a-ce5f2afde240</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-node_config/service_account">Documentation</a><br/>|
-|Compute Instance Is Publicly Accessible<br/><sup><sub>829f1c60-2bab-44c6-8a21-5cd9d39a2c82</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-network_interfaces/access_configs">Documentation</a><br/>|
-|GKE Master Authorized Networks Disabled<br/><sup><sub>d43366c5-80b0-45de-bbe8-2338f4ab0a83</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-master_authorized_networks_config/enabled">Documentation</a><br/>|
-|Google Compute Network Using Default Firewall Rule<br/><sup><sub>29b8224a-60e9-4011-8ac2-7916a659841f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-name">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>3602d273-3290-47b2-80fa-720162b1a8af</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
-|IP Forwarding Enabled<br/><sup><sub>11bd3554-cd56-4257-8e25-7aaf30cf8f5f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Serial Ports Are Enabled For VM Instances<br/><sup><sub>c6fc6f29-dc04-46b6-99ba-683c01aff350</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|SSH Access Is Not Restricted<br/><sup><sub>b2fbf1df-76dd-4d78-a6c0-e538f4a9b016</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>507df964-ad97-4035-ab14-94a82eabdfdd</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-logging">Documentation</a><br/>|
-|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>7814ddda-e758-4a56-8be3-289a81ded929</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-versioning">Documentation</a><br/>|
-|PostgreSQL Log Connections Disabled<br/><sup><sub>d7a5616f-0a3f-4d43-bc2b-29d1a183e317</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|PostgreSQL log_checkpoints Flag Not Set To ON<br/><sup><sub>89afe3f0-4681-4ce3-89ed-896cebd4277c</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Stackdriver Logging Disabled<br/><sup><sub>19c9e2a0-fc33-4264-bba1-e3682661e8f7</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Stackdriver Monitoring Disabled<br/><sup><sub>20dcd953-a8b8-4892-9026-9afa6d05a525</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|Node Auto Upgrade Disabled<br/><sup><sub>d6e10477-2e19-4bcd-b8a8-19c65b89ccdf</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-management/auto_upgrade">Documentation</a><br/>|
-|High Google KMS Crypto Key Rotation Period<br/><sup><sub>f9b7086b-deb8-4034-9330-d7fd38f1b8de</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_kms_crypto_key_module.html">Documentation</a><br/>|
-|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>099b4411-d11e-4537-a0fc-146b19762a79</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
-|Cluster Labels Disabled<br/><sup><sub>fbe9b2d0-a2b7-47a1-a534-03775f3013f7</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
-|COS Node Image Not Used<br/><sup><sub>be41f891-96b1-4b9d-b74f-b922a918c778</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-config/image_type">Documentation</a><br/>|
-|PostgreSQL Misconfigured Logging Duration Flag<br/><sup><sub>aed98a2a-e680-497a-8886-277cea0f4514</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>7289eebd-a477-4064-8ad4-3c044bd70b00</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
-|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>6a4080ae-79bd-42f6-a924-8f534c1c018b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_subnetwork_module.html#parameter-private_ip_google_access">Documentation</a><br/>|
-|PostgreSQL Logging Of Temporary Files Disabled<br/><sup><sub>d6fae5b6-ada9-46c0-8b36-3108a2a2f77b</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
-|PostgreSQL Misconfigured Log Messages Flag<br/><sup><sub>28a757fc-3d8f-424a-90c0-4233363b2711</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>086031e1-9d4a-4249-acb3-5bfe4c363db2</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html">Documentation</a><br/>|
+|SQL DB Instance Publicly Accessible<br/><sup><sub>7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html">Documentation</a><br/>|
+|BigQuery Dataset Is Public<br/><sup><sub>2263b286-2fe9-4747-a0ae-8b4768a2bbd2</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_bigquery_dataset_module.html#parameter-access/special_group">Documentation</a><br/>|
+|SQL DB Instance With SSL Disabled<br/><sup><sub>d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/ip_configuration/require_ssl">Documentation</a><br/>|
+|Client Certificate Disabled<br/><sup><sub>20180133-a0d0-4745-bfe0-94049fbb12a9</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Cloud SQL Instance With Contained Database Authentication On<br/><sup><sub>6d34aff3-fdd2-460c-8190-756a3b4969e8</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Cloud SQL Instance With Cross DB Ownership Chaining On<br/><sup><sub>9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|GKE Legacy Authorization Enabled<br/><sup><sub>300a9964-b086-41f7-9378-b6de3ba1c32b</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|MySQL Instance With Local Infile On<br/><sup><sub>a7b520bb-2509-4fb0-be05-bc38f54c7a4c</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|RDP Access Is Not Restricted<br/><sup><sub>75418eb9-39ec-465f-913c-6f2b6a80dc77</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
+|VM With Full Cloud Access<br/><sup><sub>bc20bbc6-0697-4568-9a73-85af1dd97bdd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-service_accounts/scopes">Documentation</a><br/>|
+|SQL DB Instance Backup Disabled<br/><sup><sub>0c82eae2-aca0-401f-93e4-fb37a0f9e5e8</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/backup_configuration/enabled">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>092bae86-6105-4802-99d2-99cd7e7431f3</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_disk_module.html">Documentation</a><br/>|
+|DNSSEC Using RSASHA1<br/><sup><sub>6cf4c3a7-ceb0-4475-8892-3745b84be24a</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/defaultKeySpecs/algorithm">Documentation</a><br/>|
+|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>b28bcd2f-c309-490e-ab7c-35fc4023eb26</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_ssl_policy_module.html">Documentation</a><br/>|
+|Cloud DNS Without DNSSEC<br/><sup><sub>80b15fb1-6207-40f4-a803-6915ae619a03</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_dns_managed_zone_module.html#return-dnssecConfig/state">Documentation</a><br/>|
+|Cluster Master Authentication Disabled<br/><sup><sub>9df7f78f-ebe3-432e-ac3b-b67189c15518</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|GKE Basic Authentication Enabled<br/><sup><sub>344bf8ab-9308-462b-a6b2-697432e40ba1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>d58c6f24-3763-4269-9f5b-86b2569a003b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html">Documentation</a><br/>|
+|IP Aliasing Disabled<br/><sup><sub>ed672a9f-fbf0-44d8-a47d-779501b0db05</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Network Policy Disabled<br/><sup><sub>98e04ca0-34f5-4c74-8fec-d2e611ce2790</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|OSLogin Is Disabled In VM Instance<br/><sup><sub>66dae697-507b-4aef-be18-eec5bd707f33</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Private Cluster Disabled<br/><sup><sub>3b30e3d6-c99b-4318-b38f-b99db74578b5</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Shielded VM Disabled<br/><sup><sub>18d3a83d-4414-49dc-90ea-f0387b2856cc</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Using Default Service Account<br/><sup><sub>2775e169-e708-42a9-9305-b58aadd2c4dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|GKE Using Default Service Account<br/><sup><sub>dc126833-125a-40fb-905a-ce5f2afde240</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-node_config/service_account">Documentation</a><br/>|
+|Compute Instance Is Publicly Accessible<br/><sup><sub>829f1c60-2bab-44c6-8a21-5cd9d39a2c82</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html#parameter-network_interfaces/access_configs">Documentation</a><br/>|
+|GKE Master Authorized Networks Disabled<br/><sup><sub>d43366c5-80b0-45de-bbe8-2338f4ab0a83</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html#parameter-master_authorized_networks_config/enabled">Documentation</a><br/>|
+|Google Compute Network Using Default Firewall Rule<br/><sup><sub>29b8224a-60e9-4011-8ac2-7916a659841f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-name">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>3602d273-3290-47b2-80fa-720162b1a8af</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
+|IP Forwarding Enabled<br/><sup><sub>11bd3554-cd56-4257-8e25-7aaf30cf8f5f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Serial Ports Are Enabled For VM Instances<br/><sup><sub>c6fc6f29-dc04-46b6-99ba-683c01aff350</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|SSH Access Is Not Restricted<br/><sup><sub>b2fbf1df-76dd-4d78-a6c0-e538f4a9b016</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>507df964-ad97-4035-ab14-94a82eabdfdd</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-logging">Documentation</a><br/>|
+|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>7814ddda-e758-4a56-8be3-289a81ded929</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-versioning">Documentation</a><br/>|
+|PostgreSQL Log Connections Disabled<br/><sup><sub>d7a5616f-0a3f-4d43-bc2b-29d1a183e317</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|PostgreSQL log_checkpoints Flag Not Set To ON<br/><sup><sub>89afe3f0-4681-4ce3-89ed-896cebd4277c</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Stackdriver Logging Disabled<br/><sup><sub>19c9e2a0-fc33-4264-bba1-e3682661e8f7</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Stackdriver Monitoring Disabled<br/><sup><sub>20dcd953-a8b8-4892-9026-9afa6d05a525</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|Node Auto Upgrade Disabled<br/><sup><sub>d6e10477-2e19-4bcd-b8a8-19c65b89ccdf</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-management/auto_upgrade">Documentation</a><br/>|
+|High Google KMS Crypto Key Rotation Period<br/><sup><sub>f9b7086b-deb8-4034-9330-d7fd38f1b8de</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_kms_crypto_key_module.html">Documentation</a><br/>|
+|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>099b4411-d11e-4537-a0fc-146b19762a79</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_instance_module.html">Documentation</a><br/>|
+|Cluster Labels Disabled<br/><sup><sub>fbe9b2d0-a2b7-47a1-a534-03775f3013f7</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_cluster_module.html">Documentation</a><br/>|
+|COS Node Image Not Used<br/><sup><sub>be41f891-96b1-4b9d-b74f-b922a918c778</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_container_node_pool_module.html#parameter-config/image_type">Documentation</a><br/>|
+|PostgreSQL Misconfigured Logging Duration Flag<br/><sup><sub>aed98a2a-e680-497a-8886-277cea0f4514</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>7289eebd-a477-4064-8ad4-3c044bd70b00</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_firewall_module.html#parameter-allowed">Documentation</a><br/>|
+|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>6a4080ae-79bd-42f6-a924-8f534c1c018b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_compute_subnetwork_module.html#parameter-private_ip_google_access">Documentation</a><br/>|
+|PostgreSQL Logging Of Temporary Files Disabled<br/><sup><sub>d6fae5b6-ada9-46c0-8b36-3108a2a2f77b</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
+|PostgreSQL Misconfigured Log Messages Flag<br/><sup><sub>28a757fc-3d8f-424a-90c0-4233363b2711</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711" onclick="newWindowOpenerSafe(event, '../ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_sql_instance_module.html#parameter-settings/database_flags">Documentation</a><br/>|
 
 ### HOSTS
 Below are listed queries related to Ansible HOSTS:
@@ -257,7 +257,7 @@ Below are listed queries related to Ansible HOSTS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Ansible Tower Exposed To Internet<br/><sup><sub>1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible-tower/latest/html/administration/security_best_practices.html#understand-the-architecture-of-ansible-and-tower">Documentation</a><br/>|
+|Ansible Tower Exposed To Internet<br/><sup><sub>1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc" onclick="newWindowOpenerSafe(event, '../ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc')">Query details</a><br><a href="https://docs.ansible.com/ansible-tower/latest/html/administration/security_best_practices.html#understand-the-architecture-of-ansible-and-tower">Documentation</a><br/>|
 
 ### SHARED (V2/V3)
 Below are listed queries related to Ansible SHARED (V2/V3):
@@ -266,9 +266,9 @@ Below are listed queries related to Ansible SHARED (V2/V3):
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Privilege Escalation Using Become Plugin<br/><sup><sub>0e75052f-cc02-41b8-ac39-a78017527e95</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/partial-become/#problematic-code">Documentation</a><br/>|
-|Communication Over HTTP<br/><sup><sub>2e8d4922-8362-4606-8c14-aa10466a1ce3</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/ansible/builtin/uri_module.html#parameter-url">Documentation</a><br/>|
-|Insecure Relative Path Resolution<br/><sup><sub>8d22ae91-6ac1-459f-95be-d37bd373f244</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-relative-paths/">Documentation</a><br/>|
-|Logging of Sensitive Data<br/><sup><sub>59029ddf-e651-412b-ae7b-ff6d403184bc</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-log-password/">Documentation</a><br/>|
-|Unpinned Package Version<br/><sup><sub>c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/package-latest/">Documentation</a><br/>|
-|Risky File Permissions<br/><sup><sub>88841d5c-d22d-4b7e-a6a0-89ca50e44b9f</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f" target="_blank">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/risky-file-permissions/">Documentation</a><br/>|
+|Privilege Escalation Using Become Plugin<br/><sup><sub>0e75052f-cc02-41b8-ac39-a78017527e95</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95" onclick="newWindowOpenerSafe(event, '../ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/partial-become/#problematic-code">Documentation</a><br/>|
+|Communication Over HTTP<br/><sup><sub>2e8d4922-8362-4606-8c14-aa10466a1ce3</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3" onclick="newWindowOpenerSafe(event, '../ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/ansible/builtin/uri_module.html#parameter-url">Documentation</a><br/>|
+|Insecure Relative Path Resolution<br/><sup><sub>8d22ae91-6ac1-459f-95be-d37bd373f244</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244" onclick="newWindowOpenerSafe(event, '../ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-relative-paths/">Documentation</a><br/>|
+|Logging of Sensitive Data<br/><sup><sub>59029ddf-e651-412b-ae7b-ff6d403184bc</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc" onclick="newWindowOpenerSafe(event, '../ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/no-log-password/">Documentation</a><br/>|
+|Unpinned Package Version<br/><sup><sub>c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8" onclick="newWindowOpenerSafe(event, '../ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/package-latest/">Documentation</a><br/>|
+|Risky File Permissions<br/><sup><sub>88841d5c-d22d-4b7e-a6a0-89ca50e44b9f</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f" onclick="newWindowOpenerSafe(event, '../ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f')">Query details</a><br><a href="https://ansible.readthedocs.io/projects/lint/rules/risky-file-permissions/">Documentation</a><br/>|
diff --git a/docs/queries/azureresourcemanager-queries.md b/docs/queries/azureresourcemanager-queries.md
index 35d5859bf6a..ce25e03fdf3 100644
--- a/docs/queries/azureresourcemanager-queries.md
+++ b/docs/queries/azureresourcemanager-queries.md
@@ -3,45 +3,45 @@ This page contains all queries from AzureResourceManager.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|SQL Database Server Firewall Allows All IPS<br/><sup><sub>6a3201a5-1630-494b-b294-3129d06b0eca</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2014-04-01/servers/firewallrules?tabs=json">Documentation</a><br/>|
-|AKS Cluster RBAC Disabled<br/><sup><sub>9307a2ed-35c2-413d-94de-a1a0682c2158</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json">Documentation</a><br/>|
-|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>d855ced8-6157-448f-9f1d-f05a41d046f7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7" target="_blank">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts">Documentation</a><br/>|
-|Role Definitions Allow Custom Subscription Role Creation<br/><sup><sub>8fa9ceea-881f-4ef0-b0b8-728f589699a7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.authorization/roledefinitions?tabs=json#permission-object">Documentation</a><br/>|
-|Key Vault Not Recoverable<br/><sup><sub>7c25f361-7c66-44bf-9b69-022acd5eb4bd</sub></sup>|<span style="color:#bb2124">High</span>|Backup|<a href="../azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/2019-09-01/vaults?tabs=json#vaultproperties-object">Documentation</a><br/>|
-|Azure Managed Disk Without Encryption<br/><sup><sub>350f3955-b5be-436f-afaa-3d2be2fa6cdd</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/disks?tabs=json#encryptionsettingscollection-object">Documentation</a><br/>|
-|Network Security Group With Unrestricted Access To RDP<br/><sup><sub>59cb3da7-f206-4ae6-b827-7abf0a9cab9d</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2020-07-01/networksecuritygroups?tabs=json#securityrulepropertiesformat-object">Documentation</a><br/>|
-|Storage Blob Service Container With Public Access<br/><sup><sub>a0ab985d-660b-41f7-ac81-70957ee8e627</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts/blobservices/containers?tabs=json#containerproperties-object">Documentation</a><br/>|
-|Hardcoded SecureString Parameter Default Value<br/><sup><sub>4d2cf896-c053-4be5-9c95-8b4771112f29</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-test-cases#secure-parameters-cant-have-hardcoded-default">Documentation</a><br/>|
-|App Service Authentication Is Not Set<br/><sup><sub>83130a07-235b-4a80-918b-a370e53f0bd9</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites/config-web?tabs=json">Documentation</a><br/>|
-|Azure Instance Using Basic Authentication<br/><sup><sub>6797f581-0433-4768-ae3e-7ceb2f8b138e</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/virtualmachines?tabs=json#linuxconfiguration-object">Documentation</a><br/>|
-|Secret Without Expiration Date<br/><sup><sub>cff9c3f7-e8f0-455f-9fb4-5f72326da96e</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults/secrets?tabs=json#SecretAttributes">Documentation</a><br/>|
-|SQL Server Database With Alerts Disabled<br/><sup><sub>574e8d82-1db2-4b9c-b526-e320ede9a9ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
-|Storage Account Allows Unsecure Transfer<br/><sup><sub>1367dd13-2c90-4020-80b7-e4339a3dc2c4</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
-|Web App Not Using TLS Last Version<br/><sup><sub>b5c851d5-00f1-43dc-a8de-3218fd6f71be</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteconfig-object">Documentation</a><br/>|
-|AKS Cluster Network Policy Not Configured<br/><sup><sub>25c0228e-4444-459b-a2df-93c7df40b7ed</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#containerservicenetworkprofile-object">Documentation</a><br/>|
-|Website Not Forcing HTTPS<br/><sup><sub>488847ff-6031-487c-bf42-98fd6ac5c9a0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
-|MySQL Server SSL Enforcement Disabled<br/><sup><sub>90120147-f2e7-4fda-bb21-6fa9109afd63</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbformysql/servers?tabs=json#serverpropertiesforcreate-object">Documentation</a><br/>|
-|Network Security Group With Unrestricted Access To SSH<br/><sup><sub>2ade1579-4b2c-4590-bebb-f99bf597f612</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612" target="_blank">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.network/networksecuritygroups?pivots=deployment-language-bicep#securityrulepropertiesformat">Documentation</a><br/>|
-|PostgreSQL Database Server Log Checkpoints Disabled<br/><sup><sub>f9112910-c7bb-4864-9f5e-2059ba413bb7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers/configurations?tabs=json">Documentation</a><br/>|
-|PostgreSQL Database Server Log Connections Disabled<br/><sup><sub>e69bda39-e1e2-47ca-b9ee-b6531b23aedd</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json#configurationproperties-object">Documentation</a><br/>|
-|PostgreSQL Database Server SSL Disabled<br/><sup><sub>bf500309-da53-4dd3-bcf7-95f7974545a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers?tabs=json">Documentation</a><br/>|
-|PostgresSQL Database Server Connection Throttling Disabled<br/><sup><sub>a6d774b6-d9ea-4bf4-8433-217bf15d2fb8</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json">Documentation</a><br/>|
-|Trusted Microsoft Services Not Enabled<br/><sup><sub>e25b56cd-a4d6-498f-ab92-e6296a082097</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#networkruleset">Documentation</a><br/>|
-|Website with Client Certificate Auth Disabled<br/><sup><sub>92302b47-b0cc-46cb-a28f-5610ecda140b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
-|AKS Logging To Azure Monitoring Is Disabled<br/><sup><sub>9b09dee1-f09b-4013-91d2-158fa4695f4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
-|SQL Server Database Without Auditing<br/><sup><sub>e055285c-bc01-48b4-8aa5-8a54acdd29df</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings">Documentation</a><br/>|
-|Storage Logging For Read Write And Delete Requests Disabled<br/><sup><sub>43f6e60c-9cdb-4e77-864d-a66595d26518</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/pt-pt/azure/azure-monitor/essentials/resource-manager-diagnostic-settings#diagnostic-setting-for-azure-storage">Documentation</a><br/>|
-|Website Azure Active Directory Disabled<br/><sup><sub>e9c133e5-c2dd-4b7b-8fff-40f2de367b56</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites?tabs=json#ManagedServiceIdentity">Documentation</a><br/>|
-|Phone Number Not Set For Security Contacts<br/><sup><sub>3e9fcc67-1f64-405f-b2f9-0a6be17598f0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts?tabs=json">Documentation</a><br/>|
-|AKS Dashboard Is Enabled<br/><sup><sub>c62d3b92-9a11-4ffd-b7b7-6faaae83faed</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
-|AKS With Authorized IP Ranges Disabled<br/><sup><sub>2583fab1-953b-4fae-bd02-4a136a6c21f9</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusterapiserveraccessprofile-object">Documentation</a><br/>|
-|Storage Account Allows Default Network Access<br/><sup><sub>9073f073-5d60-4b46-b569-0d6baa80ed95</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
-|Website with 'Http20Enabled' Disabled<br/><sup><sub>70111098-7f85-48f0-b1b4-e4261cf5f61b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
-|Log Profile Incorrect Category<br/><sup><sub>4d522e7b-f938-4d51-a3b1-974ada528bd3</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#logprofileproperties-object">Documentation</a><br/>|
-|SQL Server Database With Unrecommended Retention Days<br/><sup><sub>c09cdac2-7670-458a-bf6c-efad6880973a</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings?tabs=json">Documentation</a><br/>|
-|Unrecommended Log Profile Retention Policy<br/><sup><sub>25684eac-daaa-4c2c-94b4-8d2dbb627909</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#retentionpolicy-object">Documentation</a><br/>|
-|Unrecommended Network Watcher Flow Log Retention Policy<br/><sup><sub>564b70f8-41cd-4690-aff8-bb53add86bc9</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2019-11-01/networkwatchers/flowlogs?tabs=json#retentionpolicyparameters-object">Documentation</a><br/>|
-|Standard Price Is Not Selected<br/><sup><sub>2081c7d6-2851-4cce-bda5-cb49d462da42</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/pricings?tabs=json#pricingproperties-object">Documentation</a><br/>|
-|Account Admins Not Notified By Email<br/><sup><sub>a8852cc0-fd4b-4fc7-9372-1e43fad0732e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2017-03-01-preview/servers/securityalertpolicies?tabs=json">Documentation</a><br/>|
-|SQL Alert Policy Without Emails<br/><sup><sub>89b79fe5-49bd-4d39-84ce-55f5fc6f7764</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
-|Email Notifications Disabled<br/><sup><sub>79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92" target="_blank">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts">Documentation</a><br/>|
+|SQL Database Server Firewall Allows All IPS<br/><sup><sub>6a3201a5-1630-494b-b294-3129d06b0eca</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2014-04-01/servers/firewallrules?tabs=json">Documentation</a><br/>|
+|AKS Cluster RBAC Disabled<br/><sup><sub>9307a2ed-35c2-413d-94de-a1a0682c2158</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json">Documentation</a><br/>|
+|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>d855ced8-6157-448f-9f1d-f05a41d046f7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7')">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts">Documentation</a><br/>|
+|Role Definitions Allow Custom Subscription Role Creation<br/><sup><sub>8fa9ceea-881f-4ef0-b0b8-728f589699a7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.authorization/roledefinitions?tabs=json#permission-object">Documentation</a><br/>|
+|Key Vault Not Recoverable<br/><sup><sub>7c25f361-7c66-44bf-9b69-022acd5eb4bd</sub></sup>|<span style="color:#bb2124">High</span>|Backup|<a href="../azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/2019-09-01/vaults?tabs=json#vaultproperties-object">Documentation</a><br/>|
+|Azure Managed Disk Without Encryption<br/><sup><sub>350f3955-b5be-436f-afaa-3d2be2fa6cdd</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/disks?tabs=json#encryptionsettingscollection-object">Documentation</a><br/>|
+|Network Security Group With Unrestricted Access To RDP<br/><sup><sub>59cb3da7-f206-4ae6-b827-7abf0a9cab9d</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2020-07-01/networksecuritygroups?tabs=json#securityrulepropertiesformat-object">Documentation</a><br/>|
+|Storage Blob Service Container With Public Access<br/><sup><sub>a0ab985d-660b-41f7-ac81-70957ee8e627</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts/blobservices/containers?tabs=json#containerproperties-object">Documentation</a><br/>|
+|Hardcoded SecureString Parameter Default Value<br/><sup><sub>4d2cf896-c053-4be5-9c95-8b4771112f29</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-test-cases#secure-parameters-cant-have-hardcoded-default">Documentation</a><br/>|
+|App Service Authentication Is Not Set<br/><sup><sub>83130a07-235b-4a80-918b-a370e53f0bd9</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites/config-web?tabs=json">Documentation</a><br/>|
+|Azure Instance Using Basic Authentication<br/><sup><sub>6797f581-0433-4768-ae3e-7ceb2f8b138e</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/virtualmachines?tabs=json#linuxconfiguration-object">Documentation</a><br/>|
+|Secret Without Expiration Date<br/><sup><sub>cff9c3f7-e8f0-455f-9fb4-5f72326da96e</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults/secrets?tabs=json#SecretAttributes">Documentation</a><br/>|
+|SQL Server Database With Alerts Disabled<br/><sup><sub>574e8d82-1db2-4b9c-b526-e320ede9a9ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
+|Storage Account Allows Unsecure Transfer<br/><sup><sub>1367dd13-2c90-4020-80b7-e4339a3dc2c4</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
+|Web App Not Using TLS Last Version<br/><sup><sub>b5c851d5-00f1-43dc-a8de-3218fd6f71be</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteconfig-object">Documentation</a><br/>|
+|AKS Cluster Network Policy Not Configured<br/><sup><sub>25c0228e-4444-459b-a2df-93c7df40b7ed</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#containerservicenetworkprofile-object">Documentation</a><br/>|
+|Website Not Forcing HTTPS<br/><sup><sub>488847ff-6031-487c-bf42-98fd6ac5c9a0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
+|MySQL Server SSL Enforcement Disabled<br/><sup><sub>90120147-f2e7-4fda-bb21-6fa9109afd63</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbformysql/servers?tabs=json#serverpropertiesforcreate-object">Documentation</a><br/>|
+|Network Security Group With Unrestricted Access To SSH<br/><sup><sub>2ade1579-4b2c-4590-bebb-f99bf597f612</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612')">Query details</a><br><a href="https://learn.microsoft.com/en-us/azure/templates/microsoft.network/networksecuritygroups?pivots=deployment-language-bicep#securityrulepropertiesformat">Documentation</a><br/>|
+|PostgreSQL Database Server Log Checkpoints Disabled<br/><sup><sub>f9112910-c7bb-4864-9f5e-2059ba413bb7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers/configurations?tabs=json">Documentation</a><br/>|
+|PostgreSQL Database Server Log Connections Disabled<br/><sup><sub>e69bda39-e1e2-47ca-b9ee-b6531b23aedd</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json#configurationproperties-object">Documentation</a><br/>|
+|PostgreSQL Database Server SSL Disabled<br/><sup><sub>bf500309-da53-4dd3-bcf7-95f7974545a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/2017-12-01/servers?tabs=json">Documentation</a><br/>|
+|PostgresSQL Database Server Connection Throttling Disabled<br/><sup><sub>a6d774b6-d9ea-4bf4-8433-217bf15d2fb8</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json">Documentation</a><br/>|
+|Trusted Microsoft Services Not Enabled<br/><sup><sub>e25b56cd-a4d6-498f-ab92-e6296a082097</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#networkruleset">Documentation</a><br/>|
+|Website with Client Certificate Auth Disabled<br/><sup><sub>92302b47-b0cc-46cb-a28f-5610ecda140b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
+|AKS Logging To Azure Monitoring Is Disabled<br/><sup><sub>9b09dee1-f09b-4013-91d2-158fa4695f4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
+|SQL Server Database Without Auditing<br/><sup><sub>e055285c-bc01-48b4-8aa5-8a54acdd29df</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings">Documentation</a><br/>|
+|Storage Logging For Read Write And Delete Requests Disabled<br/><sup><sub>43f6e60c-9cdb-4e77-864d-a66595d26518</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518')">Query details</a><br><a href="https://docs.microsoft.com/pt-pt/azure/azure-monitor/essentials/resource-manager-diagnostic-settings#diagnostic-setting-for-azure-storage">Documentation</a><br/>|
+|Website Azure Active Directory Disabled<br/><sup><sub>e9c133e5-c2dd-4b7b-8fff-40f2de367b56</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites?tabs=json#ManagedServiceIdentity">Documentation</a><br/>|
+|Phone Number Not Set For Security Contacts<br/><sup><sub>3e9fcc67-1f64-405f-b2f9-0a6be17598f0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts?tabs=json">Documentation</a><br/>|
+|AKS Dashboard Is Enabled<br/><sup><sub>c62d3b92-9a11-4ffd-b7b7-6faaae83faed</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusteraddonprofile">Documentation</a><br/>|
+|AKS With Authorized IP Ranges Disabled<br/><sup><sub>2583fab1-953b-4fae-bd02-4a136a6c21f9</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters?tabs=json#managedclusterapiserveraccessprofile-object">Documentation</a><br/>|
+|Storage Account Allows Default Network Access<br/><sup><sub>9073f073-5d60-4b46-b569-0d6baa80ed95</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json#storageaccountpropertiescreateparameters-object">Documentation</a><br/>|
+|Website with 'Http20Enabled' Disabled<br/><sup><sub>70111098-7f85-48f0-b1b4-e4261cf5f61b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object">Documentation</a><br/>|
+|Log Profile Incorrect Category<br/><sup><sub>4d522e7b-f938-4d51-a3b1-974ada528bd3</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#logprofileproperties-object">Documentation</a><br/>|
+|SQL Server Database With Unrecommended Retention Days<br/><sup><sub>c09cdac2-7670-458a-bf6c-efad6880973a</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/auditingsettings?tabs=json">Documentation</a><br/>|
+|Unrecommended Log Profile Retention Policy<br/><sup><sub>25684eac-daaa-4c2c-94b4-8d2dbb627909</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2016-03-01/logprofiles?tabs=json#retentionpolicy-object">Documentation</a><br/>|
+|Unrecommended Network Watcher Flow Log Retention Policy<br/><sup><sub>564b70f8-41cd-4690-aff8-bb53add86bc9</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2019-11-01/networkwatchers/flowlogs?tabs=json#retentionpolicyparameters-object">Documentation</a><br/>|
+|Standard Price Is Not Selected<br/><sup><sub>2081c7d6-2851-4cce-bda5-cb49d462da42</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/pricings?tabs=json#pricingproperties-object">Documentation</a><br/>|
+|Account Admins Not Notified By Email<br/><sup><sub>a8852cc0-fd4b-4fc7-9372-1e43fad0732e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/2017-03-01-preview/servers/securityalertpolicies?tabs=json">Documentation</a><br/>|
+|SQL Alert Policy Without Emails<br/><sup><sub>89b79fe5-49bd-4d39-84ce-55f5fc6f7764</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/servers/databases/securityalertpolicies?tabs=json">Documentation</a><br/>|
+|Email Notifications Disabled<br/><sup><sub>79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92" onclick="newWindowOpenerSafe(event, '../azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92')">Query details</a><br><a href="https://docs.microsoft.com/en-us/azure/templates/microsoft.security/securitycontacts">Documentation</a><br/>|
diff --git a/docs/queries/buildah-queries.md b/docs/queries/buildah-queries.md
index 968dfa4ee9a..c93d6a74fee 100644
--- a/docs/queries/buildah-queries.md
+++ b/docs/queries/buildah-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from Buildah.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Run Using apt<br/><sup><sub>a1bc27c6-7115-48d8-bf9d-5a7e836845ba</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba" target="_blank">Query details</a><br><a href="https://github.com/containers/buildah/blob/main/docs/buildah-run.1.md">Documentation</a><br/>|
+|Run Using apt<br/><sup><sub>a1bc27c6-7115-48d8-bf9d-5a7e836845ba</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba" onclick="newWindowOpenerSafe(event, '../buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba')">Query details</a><br><a href="https://github.com/containers/buildah/blob/main/docs/buildah-run.1.md">Documentation</a><br/>|
diff --git a/docs/queries/cicd-queries.md b/docs/queries/cicd-queries.md
index f65c16d988c..988715dcb70 100644
--- a/docs/queries/cicd-queries.md
+++ b/docs/queries/cicd-queries.md
@@ -8,7 +8,7 @@ Below are listed queries related to CICD GITHUB:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Script Block Injection<br/><sup><sub>62ff6823-927a-427f-acf9-f1ea2932d616</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616" target="_blank">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
-|Run Block Injection<br/><sup><sub>20f14e1a-a899-4e79-9f09-b6a84cd4649b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b" target="_blank">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
-|Unsecured Commands<br/><sup><sub>60fd272d-15f4-4d8f-afe4-77d9c6cc0453</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453" target="_blank">Query details</a><br><a href="https://0xn3va.gitbook.io/cheat-sheets/ci-cd/github/actions#misuse-of-the-events-related-to-incoming-prs">Documentation</a><br/>|
-|Unpinned Actions Full Length Commit SHA<br/><sup><sub>555ab8f9-2001-455e-a077-f2d0f41e2fb9</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9" target="_blank">Query details</a><br><a href="https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions">Documentation</a><br/>|
+|Script Block Injection<br/><sup><sub>62ff6823-927a-427f-acf9-f1ea2932d616</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616" onclick="newWindowOpenerSafe(event, '../cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616')">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
+|Run Block Injection<br/><sup><sub>20f14e1a-a899-4e79-9f09-b6a84cd4649b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b" onclick="newWindowOpenerSafe(event, '../cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b')">Query details</a><br><a href="https://securitylab.github.com/research/github-actions-untrusted-input/">Documentation</a><br/>|
+|Unsecured Commands<br/><sup><sub>60fd272d-15f4-4d8f-afe4-77d9c6cc0453</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453" onclick="newWindowOpenerSafe(event, '../cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453')">Query details</a><br><a href="https://0xn3va.gitbook.io/cheat-sheets/ci-cd/github/actions#misuse-of-the-events-related-to-incoming-prs">Documentation</a><br/>|
+|Unpinned Actions Full Length Commit SHA<br/><sup><sub>555ab8f9-2001-455e-a077-f2d0f41e2fb9</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9" onclick="newWindowOpenerSafe(event, '../cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9')">Query details</a><br><a href="https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions">Documentation</a><br/>|
diff --git a/docs/queries/cloudformation-queries.md b/docs/queries/cloudformation-queries.md
index 928a9b49a89..a0e078048fb 100644
--- a/docs/queries/cloudformation-queries.md
+++ b/docs/queries/cloudformation-queries.md
@@ -8,254 +8,254 @@ Below are listed queries related to CloudFormation AWS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>5864fb39-d719-4182-80e2-89dbe627be63</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-replicationinstance.html">Documentation</a><br/>|
-|ECR Repository Is Publicly Accessible<br/><sup><sub>75be209d-1948-41f6-a8c8-e22dd0121134</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
-|S3 Bucket Access to Any Principal<br/><sup><sub>7772bb8c-c0f3-42d4-8e4e-f1b8939ad085</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>07dda8de-d90d-469e-9b37-1aca53526ced</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>acc78859-765e-4011-a229-a65ea57db252</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>f6397a20-4cf1-4540-a997-1d363c25ef58</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket With All Permissions<br/><sup><sub>4ae8af91-5108-42cb-9471-3bdbe596eac9</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|SNS Topic is Publicly Accessible<br/><sup><sub>ae53ce91-42b5-46bf-a84f-9a13366a4f13</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-policy.html">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>de38e1d5-54cb-4111-a868-6f7722695007</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|DB Security Group With Public Scope<br/><sup><sub>9564406d-e761-4e61-b8d7-5926e3ab8e79</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|RDS Associated with Public Subnet<br/><sup><sub>4e88adee-a8eb-4605-a78d-9fb1096e3091</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsubnetgroupname">Documentation</a><br/>|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
-|ECS Service Admin Role Is Present<br/><sup><sub>01986452-bdd8-4aaa-b5df-d6bf61d616ff</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|IAM Policy Grants Full Permissions<br/><sup><sub>f62aa827-4ade-4dc4-89e4-1433d384a368</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|Lambda Functions With Full Privileges<br/><sup><sub>a0ae0a4e-712b-4115-8112-51b9eeed9d69</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
-|MSK Broker Is Publicly Accessible<br/><sup><sub>0ce1ba20-8ba8-4364-836f-40c24b8cb0ab</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-publicaccess.html">Documentation</a><br/>|
-|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>a3aa0087-8228-4e7e-b202-dc9036972d02</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html#cfn-neptune-dbcluster-iamauthenabled">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>219f4c95-aa50-44e0-97de-cf71f4641170</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>835d5497-a526-4aea-a23f-98a9afd1635f</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>f97b7d23-568f-4bcc-9ac9-02df0d57fbba</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows List Action From All Principals<br/><sup><sub>faa8fddf-c0aa-4b2d-84ff-e993e233ebe9</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|S3 Bucket Allows Public Policy<br/><sup><sub>860ba89b-b8de-4e72-af54-d6aee4138a69</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|S3 Bucket Allows Restore Actions From All Principals<br/><sup><sub>456b00a3-1072-4149-9740-6b8bb60251b0</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|AmazonMQ Broker Encryption Disabled<br/><sup><sub>316278b3-87ac-444c-8f8f-a733a28da60f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-encryptionoptions">Documentation</a><br/>|
-|API Gateway Cache Encrypted Disabled<br/><sup><sub>37cca703-b74c-48ba-ac81-595b53398e9b</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html">Documentation</a><br/>|
-|CMK Unencrypted Storage<br/><sup><sub>ffee2785-c347-451e-89f3-11aeb08e5c84</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>1b6322d9-c755-4f8c-b804-32c19250f2d9</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configrule.html#cfn-config-configrule-source">Documentation</a><br/>|
-|DynamoDB Table Not Encrypted<br/><sup><sub>4bd21e68-38c1-4d58-acdc-6a14b203237f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
-|DynamoDB With Aws Owned CMK<br/><sup><sub>c8dee387-a2e6-4a73-a942-183c975549ac</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
-|EBS Volume Encryption Disabled<br/><sup><sub>80b7ac3f-d2b7-4577-9b10-df7913497162</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
-|ECS Cluster Not Encrypted At Rest<br/><sup><sub>6c131358-c54d-419b-9dd6-1f7dd41d180c</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>2ff8e83c-90e1-4d68-a300-6d652112e622</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
-|ElastiCache With Disabled at Rest Encryption<br/><sup><sub>e4ee3903-9225-4b6a-bdfb-e62dbadef821</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-atrestencryptionenabled">Documentation</a><br/>|
-|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>d926aa95-0a04-4abc-b20c-acf54afe38a1</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
-|ElasticSearch Not Encrypted At Rest<br/><sup><sub>86a248ab-0e01-4564-a82a-878303e253bb</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>809f77f8-d10e-4842-a84f-3be7b6ff1190</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|Kinesis SSE Not Configured<br/><sup><sub>7f65be75-90ab-4036-8c2a-410aef7bb650</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesis-stream.html">Documentation</a><br/>|
-|MSK Cluster Encryption Disabled<br/><sup><sub>a976d63f-af0e-46e8-b714-8c1a9c4bf768</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
-|Neptune Database Cluster Encryption Disabled<br/><sup><sub>bf4473f1-c8a2-4b1b-8134-bd32efabab93</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html">Documentation</a><br/>|
-|RDS Storage Encryption Disabled<br/><sup><sub>65844ba3-03a1-40a8-b3dd-919f122e8c95</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-storageencrypted">Documentation</a><br/>|
-|RDS Storage Not Encrypted<br/><sup><sub>5beacce3-4020-4a3d-9e1d-a36f953df630</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|Redshift Not Encrypted<br/><sup><sub>3b316b05-564c-44a7-9c3f-405bb95e211e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
-|S3 Bucket Without Server-side-encryption<br/><sup><sub>b2e8752c-3497-4255-98d2-e4ae5b46bbf5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonS3/latest/user-guide/default-bucket-encryption.html">Documentation</a><br/>|
-|SageMaker Data Encryption Disabled<br/><sup><sub>709e6da6-fa1f-44cc-8f17-7f25f96dadbe</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-notebookinstance.html">Documentation</a><br/>|
-|User Data Contains Encoded Private Key<br/><sup><sub>568cc372-ca64-420d-9015-ee347d00d288</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html">Documentation</a><br/>|
-|Workspace Without Encryption<br/><sup><sub>89827c57-5a8a-49eb-9731-976a606d70db</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspaces-workspace.html">Documentation</a><br/>|
-|Batch Job Definition With Privileged Container Properties<br/><sup><sub>76ddf32c-85b1-4808-8935-7eef8030ab36</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-batch-jobdefinition.html">Documentation</a><br/>|
-|KMS Key With Vulnerable Policy<br/><sup><sub>da905474-7454-43c0-b8d2-5756ab951aba</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keypolicy">Documentation</a><br/>|
-|Lambda Functions Without Unique IAM Roles<br/><sup><sub>ae03f542-1423-402f-9cef-c834e7ee9583</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
-|MQ Broker Is Publicly Accessible<br/><sup><sub>68b6a789-82f8-4cfd-85de-e95332fe6a61</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-publiclyaccessible">Documentation</a><br/>|
-|Root Account Has Active Access Keys<br/><sup><sub>4c137350-7307-4803-8c04-17c09a7a9fcf</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
-|S3 Static Website Host Enabled<br/><sup><sub>90501b1b-cded-4cc1-9e8b-206b85cda317</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration.html">Documentation</a><br/>|
-|Permissive Web ACL Default Action<br/><sup><sub>6d64f311-3da6-45f3-80f1-14db9771ea40</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-waf-webacl.html">Documentation</a><br/>|
-|DB Security Group Open To Large Scope<br/><sup><sub>0104165b-02d5-426f-abc9-91fb48189899</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|Default Security Groups With Unrestricted Traffic<br/><sup><sub>ea33fcf7-394b-4d11-a228-985c5d08f205</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|EC2 Sensitive Port Is Publicly Exposed<br/><sup><sub>494b03d3-bf40-4464-8524-7c56ad0700ed</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|ELB Sensitive Port Is Exposed To Entire Network<br/><sup><sub>78055456-f670-4d2e-94d5-392d1cf4f5e4</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|Fully Open Ingress<br/><sup><sub>e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group">Documentation</a><br/>|
-|Remote Desktop Port Open To Internet<br/><sup><sub>c9846969-d066-431f-9b34-8c4abafe422a</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Route53 Record Undefined<br/><sup><sub>24d932e1-91f0-46ea-836f-fdbd81694151</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html">Documentation</a><br/>|
-|Security Group Unrestricted Access To RDP<br/><sup><sub>3ae83918-7ec7-4cb8-80db-b91ef0f94002</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Security Groups With Exposed Admin Ports<br/><sup><sub>cdbb0467-2957-4a77-9992-7b55b29df7b7</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Security Groups With Meta IP<br/><sup><sub>adcd0082-e90b-4b63-862b-21899f6e6a48</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Unknown Port Exposed To Internet<br/><sup><sub>829ce3b8-065c-41a3-ad57-e0accfea82d2</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Unrestricted Security Group Ingress<br/><sup><sub>4a1e6b34-1008-4e61-a5f2-1f7c276f8d14</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|Amplify App Access Token Exposed<br/><sup><sub>73980e43-f399-4fcc-a373-658228f7adf7</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.html">Documentation</a><br/>|
-|Amplify App Basic Auth Config Password Exposed<br/><sup><sub>71493c8b-3014-404c-9802-078b74496fb7</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
-|Amplify App OAuth Token Exposed<br/><sup><sub>03b38885-8f4e-480c-a0e4-12c1affd15db</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
-|Amplify Branch Basic Auth Config Password Exposed<br/><sup><sub>dfb56e5d-ee68-446e-b32a-657b62befe69</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-branch.html#cfn-amplify-branch-basicauthconfig">Documentation</a><br/>|
-|Directory Service Microsoft AD Password Set to Plaintext or Default Ref<br/><sup><sub>06b9f52a-8cd5-459b-bdc6-21a22521e1be</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-microsoftad.html">Documentation</a><br/>|
-|Directory Service Simple AD Password Exposed<br/><sup><sub>6685d912-d81f-4cfa-95ad-e316ea31c989</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-simplead.html">Documentation</a><br/>|
-|DMS Endpoint MongoDB Settings Password Exposed<br/><sup><sub>f988a17f-1139-46a3-8928-f27eafd8b024</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-mongodbsettings.html">Documentation</a><br/>|
-|DMS Endpoint Password Exposed<br/><sup><sub>5f700072-b7ce-4e84-b3f3-497bf1c24a4d</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-endpoint.html">Documentation</a><br/>|
-|DocDB Cluster Master Password In Plaintext<br/><sup><sub>39423ce4-9011-46cd-b6b1-009edcd9385d</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html">Documentation</a><br/>|
-|Hardcoded AWS Access Key In Lambda<br/><sup><sub>2564172f-c92b-4261-9acd-464aed511696</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-environment">Documentation</a><br/>|
-|IAM User LoginProfile Password Is In Plaintext<br/><sup><sub>06adef8c-c284-4de7-aad2-af43b07a8ca1</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html">Documentation</a><br/>|
-|RefreshToken Is Exposed<br/><sup><sub>5b48c507-0d1f-41b0-a630-76817c6b4189</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
-|API Gateway Method Does Not Contains An API Key<br/><sup><sub>3641d5b4-d339-4bc2-bfb9-208fe8d3477f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
-|API Gateway Without Configured Authorizer<br/><sup><sub>7fd0d461-5b8c-4815-898c-f2b4b117eb28</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-authorizer.html">Documentation</a><br/>|
-|EC2 Instance Has No IAM Role<br/><sup><sub>f914357d-8386-4d56-9ba6-456e5723f9a6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html">Documentation</a><br/>|
-|EC2 Instance Using Default Security Group<br/><sup><sub>08b81bb3-0985-4023-8602-b606ad81d279</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-securitygroups">Documentation</a><br/>|
-|EC2 Network ACL Ineffective Denied Traffic<br/><sup><sub>2623d682-dccb-44cd-99d0-54d9fd62f8f2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
-|Elasticsearch Without IAM Authentication<br/><sup><sub>5c666ed9-b586-49ab-9873-c495a833b705</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-accesspolicies">Documentation</a><br/>|
-|Empty Roles For ECS Cluster Task Definitions<br/><sup><sub>7f384a5f-b5a2-4d84-8ca3-ee0a5247becb</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|IAM Group Inline Policies<br/><sup><sub>a58d1a2d-4078-4b80-855b-84cc3f7f4540</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
-|IAM Group Without Users<br/><sup><sub>8f957abd-9703-413d-87d3-c578950a753c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
-|IAM Policies Attached To User<br/><sup><sub>edc95c10-7366-4f30-9b4b-f995c84eceb5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html">Documentation</a><br/>|
-|IAM Policies With Full Privileges<br/><sup><sub>953b3cdb-ce13-428a-aa12-318726506661</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>e835bd0d-65da-49f7-b6d1-b646da8727e6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|IAM Policy On User<br/><sup><sub>e4239438-e639-44aa-adb8-866e400e3ade</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|IAM Role Allows All Principals To Assume<br/><sup><sub>f80e3aa7-7b34-4185-954e-440a6894dde6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
-|IoT Policy Allows Action as Wildcard<br/><sup><sub>4d32780f-43a4-424a-a06d-943c543576a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
-|IoT Policy Allows Wildcard Resource<br/><sup><sub>be5b230d-4371-4a28-a441-85dc760e2aa3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
-|KMS Allows Wildcard Principal<br/><sup><sub>f6049677-ec4a-43af-8779-5190b6d03cba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
-|Public Lambda via API Gateway<br/><sup><sub>57b12981-3816-4c31-b190-a1e614361dd2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
-|S3 Bucket Allows Public ACL<br/><sup><sub>48f100d9-f499-4c6d-b2b8-deafe47ffb26</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>818f38ed-8446-4132-9c03-474d49e10195</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-sns-policy">Documentation</a><br/>|
-|SQS Policy With Public Access<br/><sup><sub>9b6a3f5b-5fd6-40ee-9bc0-ed604911212d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html">Documentation</a><br/>|
-|Auto Scaling Group With No Associated ELB<br/><sup><sub>ad21e616-5026-4b9d-990d-5b007bfe679c</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>2844c749-bd78-4cd1-90e8-b179df827602</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>cfdef2e5-1fe4-4ef4-bea8-c56e08963150</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html">Documentation</a><br/>|
-|RDS Multi-AZ Deployment Disabled<br/><sup><sub>2b1d4935-9acf-48a7-8466-10d18bf51a69</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|RDS With Backup Disabled<br/><sup><sub>8c415f6f-7b90-4a27-a44a-51047e1506f9</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|S3 Bucket Without Versioning<br/><sup><sub>a227ec01-f97a-4084-91a4-47b350c1db54</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|Stack Retention Disabled<br/><sup><sub>fe974ae9-858e-4991-bbd5-e040a834679f</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-autodeployment.html#cfn-cloudformation-stackset-autodeployment-retainstacksonaccountremoval">Documentation</a><br/>|
-|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>0f04217d-488f-4e7a-bec8-f16159686cd6</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html">Documentation</a><br/>|
-|ECS No Load Balancer Attached<br/><sup><sub>fb2b0ecf-1492-491a-a70d-ba1df579175d</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|IAM Managed Policy Applied to a User<br/><sup><sub>0e5872b4-19a0-4165-8b2f-56d9e14b909f</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-groups">Documentation</a><br/>|
-|IAM User Without Password Reset<br/><sup><sub>a964d6e3-8e1e-4d93-8120-61fa640dd55a</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html">Documentation</a><br/>|
-|Alexa Skill Plaintext Client Secret Exposed<br/><sup><sub>3c3b7a58-b018-4d07-9444-d9ee7156e111</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
-|CloudFormation Specifying Credentials Not Safe<br/><sup><sub>9ecb6b21-18bc-4aa7-bd07-db20f1c746db</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-authentication.html">Documentation</a><br/>|
-|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>31733ee2-fef0-4e87-9778-65da22a8ecf1</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|CodeBuild Not Encrypted<br/><sup><sub>d7467bb6-3ed1-4c82-8095-5e7a818d0aad</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html">Documentation</a><br/>|
-|Connection Between CloudFront Origin Not Encrypted<br/><sup><sub>a5366a50-932f-4085-896b-41402714a388</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|Default KMS Key Usage<br/><sup><sub>e52395b4-250b-4c60-81d5-2e58c1d37abc</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|EFS Volume With Disabled Transit Encryption<br/><sup><sub>c1282e03-b285-4637-aee7-eefe3a7bb658</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html">Documentation</a><br/>|
-|ElastiCache With Disabled Transit Encryption<br/><sup><sub>3b02569b-fc6f-4153-b3a3-ba91022fed68</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html">Documentation</a><br/>|
-|ELB Using Insecure Protocols<br/><sup><sub>61a94903-3cd3-4780-88ec-fc918819b9c8</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|ELB Without Secure Protocol<br/><sup><sub>80908a75-586b-4c61-ab04-490f4f4525b8</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
-|EMR Security Configuration Encryption Disabled<br/><sup><sub>5b033ec8-f079-4323-b5c8-99d4620433a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html">Documentation</a><br/>|
-|IAM Database Auth Not Enabled<br/><sup><sub>9fcd0a0a-9b6f-4670-a215-d94e6bf3f184</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableiamdatabaseauthentication">Documentation</a><br/>|
-|KMS Key Rotation Disabled<br/><sup><sub>235ca980-eb71-48f4-9030-df0c371029eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|Redshift Cluster Without KMS CMK<br/><sup><sub>de76a0d6-66d5-45c9-9022-f05545b85c78</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
-|S3 Bucket Without SSL In Write Actions<br/><sup><sub>38c64e76-c71e-4d92-a337-60174d1de1c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|SageMaker EndPoint Config Should Specify KmsKeyId Attribute<br/><sup><sub>44034eda-1c3f-486a-831d-e09a7dd94354</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html">Documentation</a><br/>|
-|Secure Ciphers Disabled<br/><sup><sub>be96849c-3df6-49c2-bc16-778a7be2519c</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-viewercertificate.html">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>12726829-93ed-4d51-9cbe-13423f4299e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html#aws-sqs-queue-kmsmasterkeyid">Documentation</a><br/>|
-|API Gateway With Open Access<br/><sup><sub>1056dfbb-5802-4762-bf2b-8b9b9684b1b0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
-|API Gateway Without Security Policy<br/><sup><sub>8275fab0-68ec-4705-bbf4-86975edb170e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-securitypolicy">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>ed4c48b8-eccc-4881-95c1-09fdae23db25</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>dc17ee4b-ddf2-4e23-96e8-7a36abad1303</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|ECR Image Tag Not Immutable<br/><sup><sub>33f41d31-86b1-46a4-81f7-9c9a671f59ac</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
-|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>027a4b7a-8a59-4938-a04f-ed532512cf45</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-networkmode">Documentation</a><br/>|
-|EMR Cluster Without Security Configuration<br/><sup><sub>48af92a5-c89b-4936-bc62-1086fe2bab23</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticmapreduce-cluster.html#cfn-elasticmapreduce-cluster-securityconfiguration">Documentation</a><br/>|
-|GitHub Repository Set To Public<br/><sup><sub>5906092d-5f74-490d-9a03-78febe0f65e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codestar-githubrepository.html">Documentation</a><br/>|
-|IAM User Has Too Many Access Keys<br/><sup><sub>48677914-6fdf-40ec-80c4-2b0e94079f54</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
-|Redshift Publicly Accessible<br/><sup><sub>bdf8dcb4-75df-4370-92c4-606e4ae6c4d3</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
-|S3 Bucket With Unsecured CORS Rule<br/><sup><sub>3609d27c-3698-483a-9402-13af6ae80583</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html">Documentation</a><br/>|
-|S3 Bucket Without Ignore Public ACL<br/><sup><sub>6c8d51af-218d-4bfb-94a9-94eabaa0703a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>350cd468-0e2c-44ef-9d22-cfb73a62523c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
-|SageMaker Enabling Internet Access<br/><sup><sub>88d55d94-315d-4564-beee-d2d725feab11</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
-|Vulnerable Default SSL Certificate<br/><sup><sub>b4d9c12b-bfba-4aeb-9cb8-2358546d8041</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
-|ALB Is Not Integrated With WAF<br/><sup><sub>105ba098-1e34-48cd-b0f2-a8a43a51bf9b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>275a3217-ca37-40c1-a6cf-bb57d245ab32</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html#cfn-ec2-elb-listener-protocol">Documentation</a><br/>|
-|API Gateway Endpoint Config is Not Private<br/><sup><sub>4a8daf95-709d-4a36-9132-d3e19878fa34</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-endpointconfiguration.html#cfn-apigateway-restapi-endpointconfiguration-types">Documentation</a><br/>|
-|API Gateway without WAF<br/><sup><sub>fcbf9019-566c-4832-a65c-af00d8137d2b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webaclassociation.html#cfn-wafv2-webaclassociation-resourcearn">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>0f139403-303f-467c-96bd-e717e6cfd62d</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-webaclid">Documentation</a><br/>|
-|EC2 Instance Subnet Has Public IP Mapping On Launch<br/><sup><sub>b3de4e4c-14be-4159-b99d-9ad194365e4c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html#cfn-ec2-subnet-mappubliciponlaunch">Documentation</a><br/>|
-|EC2 Network ACL Overlapping Ports<br/><sup><sub>77b6f1e2-bde4-4a6a-ae7e-a40659ff1576</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-portrange.html">Documentation</a><br/>|
-|EC2 Permissive Network ACL Protocols<br/><sup><sub>03879981-efa2-47a0-a818-c843e1441b88</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
-|EC2 Public Instance Exposed Through Subnet<br/><sup><sub>c44c95fc-ae92-4bb8-bdf8-bb9bc412004a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route.html">Documentation</a><br/>|
-|EKS node group remote access<br/><sup><sub>73d59e76-a12c-4b74-a3d8-d3e1e19c25b3</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-nodegroup.html">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>4cdc88e6-c0c8-4081-a639-bb3a557cbedf</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticsearch-domain-domainendpointoptions.html">Documentation</a><br/>|
-|ELB With Security Group Without Inbound Rules<br/><sup><sub>e200a6f3-c589-49ec-9143-7421d4a2c845</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupingress">Documentation</a><br/>|
-|ELB With Security Group Without Outbound Rules<br/><sup><sub>01d5a458-a6c4-452a-ac50-054d59275b7c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupegress">Documentation</a><br/>|
-|GameLift Fleet EC2 InboundPermissions With Port Range<br/><sup><sub>43356255-495d-4148-ad8d-f6af5eac09dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-fleet.html">Documentation</a><br/>|
-|HTTP Port Open To Internet<br/><sup><sub>ddfc4eaa-af23-409f-b96c-bf5c45dc4daa</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|SageMaker Notebook Not Placed In VPC<br/><sup><sub>9c7028d9-04c2-45be-b8b2-1188ccaefb36</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
-|Security Group Egress CIDR Open To World<br/><sup><sub>1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
-|Security Group Egress With All Protocols<br/><sup><sub>ee464fc2-54a6-4e22-b10a-c6dcd2474d0c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
-|Security Group Egress With Port Range<br/><sup><sub>dae9c373-8287-462f-8746-6f93dad93610</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
-|Security Group Ingress With All Protocols<br/><sup><sub>1a427b25-2e9e-4298-9530-0499a55e736b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|Security Group Ingress With Port Range<br/><sup><sub>87482183-a8e7-4e42-a566-7a23ec231c16</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|Security Group With Unrestricted Access To SSH<br/><sup><sub>6e856af2-62d7-4ba2-adc1-73b62cef9cc1</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Security Groups Allows Unrestricted Outbound Traffic<br/><sup><sub>66f2d8f9-a911-4ced-ae27-34f09690bb2c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|TCP UDP Protocol Network ACL Entry Allows All Ports<br/><sup><sub>f57f849c-883b-4cb7-85e7-f7b199dff163</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-portrange">Documentation</a><br/>|
-|VPC Without Network Firewall<br/><sup><sub>3e293410-d5b8-411f-85fd-7d26294f20c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-vpcid">Documentation</a><br/>|
-|API Gateway Deployment Without Access Log Setting<br/><sup><sub>06ec63e3-9f72-4fe2-a218-2eb9200b8db5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
-|API Gateway V2 Stage Access Logging Settings Not Defined<br/><sup><sub>80d45af4-4920-4236-a56e-b7ef419d1941</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>de77cd9f-0e8b-46cc-b4a4-b6b436838642</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/logging-and-monitoring.html">Documentation</a><br/>|
-|CloudTrail Logging Disabled<br/><sup><sub>5c0b06d5-b7a4-484c-aeb0-75a836269ff0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-islogging">Documentation</a><br/>|
-|CloudWatch Logging Disabled<br/><sup><sub>0f0fb06b-0f2f-4374-8588-f2c7c348c7a0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-queryloggingconfig">Documentation</a><br/>|
-|CloudWatch Metrics Disabled<br/><sup><sub>5d3c1807-acb3-4bb0-be4e-0440230feeaf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-alarm.html">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>1bf3b3d4-f373-4d7c-afbb-7d85948a67a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-enablecloudwatchlogsexports">Documentation</a><br/>|
-|EC2 Instance Monitoring Disabled<br/><sup><sub>0264093f-6791-4475-af34-4b8102dcbcd0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-monitoring">Documentation</a><br/>|
-|Elasticsearch Logs Disabled<br/><sup><sub>edbd62d4-8700-41de-b000-b3cfebb5e996</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
-|ELB Access Log Disabled<br/><sup><sub>ee12ad32-2863-4c0f-b13f-28272d115028</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-accessloggingpolicy.html">Documentation</a><br/>|
-|ELBv2 ALB Access Log Disabled<br/><sup><sub>c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattributes.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattributes-key">Documentation</a><br/>|
-|GuardDuty Detector Disabled<br/><sup><sub>a25cd877-375c-4121-a640-730929936fac</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html">Documentation</a><br/>|
-|MQ Broker Logging Disabled<br/><sup><sub>e519ed6a-8328-4b69-8eb7-8fa549ac3050</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-logs">Documentation</a><br/>|
-|MSK Cluster Logging Disabled<br/><sup><sub>fc7c2c15-f5d0-4b80-adb2-c89019f8f62b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
-|Redshift Cluster Logging Disabled<br/><sup><sub>3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-loggingproperties">Documentation</a><br/>|
-|S3 Bucket CloudTrail Logging Disabled<br/><sup><sub>c3ce69fd-e3df-49c6-be78-1db3f802261c</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
-|S3 Bucket Logging Disabled<br/><sup><sub>4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
-|VPC FlowLogs Disabled<br/><sup><sub>f6d299d2-21eb-41cc-b1e1-fe12d857500b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html">Documentation</a><br/>|
-|High Access Key Rotation Period<br/><sup><sub>800fa019-49dd-421b-9042-7331fdd83fa2</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2" target="_blank">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/config/latest/developerguide/access-keys-rotated.html">Documentation</a><br/>|
-|IAM User With No Group<br/><sup><sub>06933df4-0ea7-461c-b9b5-104d27390e0e</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
-|Support Has No Role Associated<br/><sup><sub>d71b5fd7-9020-4b2d-9ec8-b3839faa2744</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
-|EBS Volume Not Attached To Instances<br/><sup><sub>1819ac03-542b-4026-976b-f37addd59f3b</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volumeattachment.html">Documentation</a><br/>|
-|ECS Service Without Running Tasks<br/><sup><sub>79d745f0-d5f3-46db-9504-bef73e9fd528</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-deploymentconfiguration">Documentation</a><br/>|
-|VPC Attached With Too Many Gateways<br/><sup><sub>97e94d17-e2c7-4109-a53b-6536ac1bb64e</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html">Documentation</a><br/>|
-|Low RDS Backup Retention Period<br/><sup><sub>e649a218-d099-4550-86a4-1231e1fcb60d</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html">Documentation</a><br/>|
-|RDS DB Instance With Deletion Protection Disabled<br/><sup><sub>2c161e58-cb52-454f-abea-6470c37b5e6e</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-deletionprotection">Documentation</a><br/>|
-|Automatic Minor Upgrades Disabled<br/><sup><sub>f0104061-8bfc-4b45-8a7d-630eb502f281</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
-|CDN Configuration Is Missing<br/><sup><sub>e4f54ff4-d352-40e8-a096-5141073c37a2</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html">Documentation</a><br/>|
-|Cognito UserPool Without MFA<br/><sup><sub>74a18d1a-cf02-4a31-8791-ed0967ad7fdc</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html">Documentation</a><br/>|
-|Geo Restriction Disabled<br/><sup><sub>7f8843f0-9ea5-42b4-a02b-753055113195</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html">Documentation</a><br/>|
-|IAM Access Analyzer Not Enabled<br/><sup><sub>8d29754a-2a18-460d-a1ba-9509f8d359da</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da" target="_blank">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>b1b20ae3-8fa7-4af5-a74d-a2145920fcb1</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user">Documentation</a><br/>|
-|IAM Policies Without Groups<br/><sup><sub>5e7acff5-095b-40ac-9073-ac2e4ad8a512</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
-|Lambda Permission Misconfigured<br/><sup><sub>9b83114b-b2a1-4534-990d-06da015e47aa</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/pt_br/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
-|Security Group Ingress Has CIDR Not Recommended<br/><sup><sub>a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
-|DynamoDB With Not Recommented Table Billing Mode<br/><sup><sub>c333e906-8d8b-4275-b999-78b6318f8dc6</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-attributedef">Documentation</a><br/>|
-|EFS Without Tags<br/><sup><sub>08e39832-5e42-4304-98a0-aa5b43393162</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
-|API Gateway With Invalid Compression<br/><sup><sub>d6653eee-2d4d-4e6a-976f-6794a497999a</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html">Documentation</a><br/>|
-|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>050a9ba8-d1cb-4c61-a5e8-8805a70d3b85</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-kmskeyid">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>6d087495-2a42-4735-abf7-02ef5660a7e6</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
-|API Gateway Cache Cluster Disabled<br/><sup><sub>52790cad-d60d-41d5-8483-146f9f21208d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclusterenabled">Documentation</a><br/>|
-|Inline Policies Are Attached To ECS Service<br/><sup><sub>9e8c89b3-7997-4d15-93e4-7911b9db99fd</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
-|Instance With No VPC<br/><sup><sub>8a6d36cd-0bc6-42b7-92c4-67acc8576861</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html">Documentation</a><br/>|
-|Lambda Function Without Dead Letter Queue<br/><sup><sub>c2eae442-d3ba-4cb1-84ca-1db4f80eae3d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-deadletterconfig">Documentation</a><br/>|
-|Lambda Function Without Tags<br/><sup><sub>8df8e857-bd59-44fa-9f4c-d77594b95b46</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
-|Wildcard In ACM Certificate Domain Name<br/><sup><sub>cc8b294f-006f-4f8f-b5bb-0a9140c33131</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html">Documentation</a><br/>|
-|RouterTable with Default Routing<br/><sup><sub>4f0908b9-eb66-433f-9145-134274e1e944</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route-table.html">Documentation</a><br/>|
-|S3 Bucket Should Have Bucket Policy<br/><sup><sub>37fa8188-738b-42c8-bf82-6334ea567738</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
-|EC2 Instance Using Default VPC<br/><sup><sub>e42a3ef0-5325-4667-84bf-075ba1c9d58e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-subnetid">Documentation</a><br/>|
-|ElastiCache Using Default Port<br/><sup><sub>323db967-c68e-44e6-916c-a777f95af34b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-port">Documentation</a><br/>|
-|ElastiCache Without VPC<br/><sup><sub>ba766c53-fe71-4bbb-be35-b6803f2ef13e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html#cfn-elasticache-cachecluster-cachesubnetgroupname">Documentation</a><br/>|
-|EMR Without VPC<br/><sup><sub>bf89373a-be40-4c04-99f5-746742dfd7f3</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-jobflowinstancesconfig.html#cfn-elasticmapreduce-cluster-jobflowinstancesconfig-ec2subnetid">Documentation</a><br/>|
-|RDS Using Default Port<br/><sup><sub>1fe9d958-ddce-4228-a124-05265a959a8b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port">Documentation</a><br/>|
-|Redshift Using Default Port<br/><sup><sub>a478af30-8c3a-404d-aa64-0b673cee509a</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-port">Documentation</a><br/>|
-|Security Groups Without VPC Attached<br/><sup><sub>493d9591-6249-47bf-8dc0-5c10161cc558</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|Shield Advanced Not In Use<br/><sup><sub>ad7444cf-817a-4765-a79e-2145f7981faf</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html">Documentation</a><br/>|
-|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>783860a3-6dca-4c8b-81d0-7b62769ccbca</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
-|API Gateway X-Ray Disabled<br/><sup><sub>4ab10c48-bedb-4deb-8f3b-ff12783b61de</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tracingenabled">Documentation</a><br/>|
-|CloudTrail Log File Validation Disabled<br/><sup><sub>2a3560fe-52ca-4443-b34f-bf0ed5eb74c8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-enablelogfilevalidation">Documentation</a><br/>|
-|CloudTrail Multi Region Disabled<br/><sup><sub>058ac855-989f-4378-ba4d-52d004020da7</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-ismultiregiontrail">Documentation</a><br/>|
-|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>65d07da5-9af5-44df-8983-52d2e6f24c44</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html">Documentation</a><br/>|
-|CloudTrail SNS Topic Name Undefined<br/><sup><sub>3e09413f-471e-40f3-8626-990c79ae63f3</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-snstopicname">Documentation</a><br/>|
-|CMK Rotation Disabled<br/><sup><sub>1c07bfaf-663c-4f6f-b22b-8e2d481e4df5</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
-|Configuration Aggregator to All Regions Disabled<br/><sup><sub>9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configurationaggregator.html">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>ab759fde-e1e8-4b0e-ad73-ba856e490ed8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-cluster.html#cfn-ecs-cluster-clustersettings">Documentation</a><br/>|
-|ECS Task Definition HealthCheck Missing<br/><sup><sub>d24389b4-b209-4ff0-8345-dc7a4569dcdd</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html">Documentation</a><br/>|
-|ElasticSearch Without Slow Logs<br/><sup><sub>086ea2eb-14a6-4fd4-914b-38e0bc8703e8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
-|Lambda Functions Without X-Ray Tracing<br/><sup><sub>9488c451-074e-4cd3-aee3-7db6104f542c</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-tracingconfig.html">Documentation</a><br/>|
-|Stack Notifications Disabled<br/><sup><sub>837e033c-4717-40bd-807e-6abaa30161b7</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html">Documentation</a><br/>|
-|Unscanned ECR Image<br/><sup><sub>9025b2b3-e554-4842-ba87-db7aeec36d35</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagescanningconfiguration">Documentation</a><br/>|
-|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>7f8f1b60-43df-4c28-aa21-fb836dbd8071</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
-|ECS Task Definition Invalid CPU or Memory<br/><sup><sub>f4c9b5f5-68b8-491f-9e48-4f96644a1d51</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html">Documentation</a><br/>|
-|SDB Domain Declared As A Resource<br/><sup><sub>6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-simpledb.html">Documentation</a><br/>|
-|VPC Without Attached Subnet<br/><sup><sub>3b3b4411-ad1f-40e7-b257-a78a6bb9673a</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html">Documentation</a><br/>|
-|EBS Volume Without KmsKeyId<br/><sup><sub>b7063015-6c31-4658-a8e7-14f98f37fd42</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
-|Secrets Manager Should Specify KmsKeyId<br/><sup><sub>c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html">Documentation</a><br/>|
-|SNS Topic Without KmsMasterKeyId<br/><sup><sub>9d13b150-a2ab-42a1-b6f4-142e41f81e52</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>8dd0ff1f-0da4-48df-9bb3-7f338ae36a40</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-ebsoptimized">Documentation</a><br/>|
-|Security Group Rule Without Description<br/><sup><sub>5e6c9c68-8a82-408e-8749-ddad78cbb9c5</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
-|EC2 Network ACL Duplicate Rule<br/><sup><sub>045ddb54-cfc5-4abb-9e05-e427b2bc96fe</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-rulenumber">Documentation</a><br/>|
+|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>5864fb39-d719-4182-80e2-89dbe627be63</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-replicationinstance.html">Documentation</a><br/>|
+|ECR Repository Is Publicly Accessible<br/><sup><sub>75be209d-1948-41f6-a8c8-e22dd0121134</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
+|S3 Bucket Access to Any Principal<br/><sup><sub>7772bb8c-c0f3-42d4-8e4e-f1b8939ad085</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>07dda8de-d90d-469e-9b37-1aca53526ced</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>acc78859-765e-4011-a229-a65ea57db252</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>f6397a20-4cf1-4540-a997-1d363c25ef58</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket With All Permissions<br/><sup><sub>4ae8af91-5108-42cb-9471-3bdbe596eac9</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|SNS Topic is Publicly Accessible<br/><sup><sub>ae53ce91-42b5-46bf-a84f-9a13366a4f13</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-policy.html">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>de38e1d5-54cb-4111-a868-6f7722695007</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|DB Security Group With Public Scope<br/><sup><sub>9564406d-e761-4e61-b8d7-5926e3ab8e79</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|RDS Associated with Public Subnet<br/><sup><sub>4e88adee-a8eb-4605-a78d-9fb1096e3091</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsubnetgroupname">Documentation</a><br/>|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
+|ECS Service Admin Role Is Present<br/><sup><sub>01986452-bdd8-4aaa-b5df-d6bf61d616ff</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|IAM Policy Grants Full Permissions<br/><sup><sub>f62aa827-4ade-4dc4-89e4-1433d384a368</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|Lambda Functions With Full Privileges<br/><sup><sub>a0ae0a4e-712b-4115-8112-51b9eeed9d69</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
+|MSK Broker Is Publicly Accessible<br/><sup><sub>0ce1ba20-8ba8-4364-836f-40c24b8cb0ab</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-publicaccess.html">Documentation</a><br/>|
+|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>a3aa0087-8228-4e7e-b202-dc9036972d02</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html#cfn-neptune-dbcluster-iamauthenabled">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to All Users<br/><sup><sub>219f4c95-aa50-44e0-97de-cf71f4641170</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>835d5497-a526-4aea-a23f-98a9afd1635f</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>f97b7d23-568f-4bcc-9ac9-02df0d57fbba</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows List Action From All Principals<br/><sup><sub>faa8fddf-c0aa-4b2d-84ff-e993e233ebe9</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|S3 Bucket Allows Public Policy<br/><sup><sub>860ba89b-b8de-4e72-af54-d6aee4138a69</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|S3 Bucket Allows Restore Actions From All Principals<br/><sup><sub>456b00a3-1072-4149-9740-6b8bb60251b0</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|AmazonMQ Broker Encryption Disabled<br/><sup><sub>316278b3-87ac-444c-8f8f-a733a28da60f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-encryptionoptions">Documentation</a><br/>|
+|API Gateway Cache Encrypted Disabled<br/><sup><sub>37cca703-b74c-48ba-ac81-595b53398e9b</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html">Documentation</a><br/>|
+|CMK Unencrypted Storage<br/><sup><sub>ffee2785-c347-451e-89f3-11aeb08e5c84</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>1b6322d9-c755-4f8c-b804-32c19250f2d9</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configrule.html#cfn-config-configrule-source">Documentation</a><br/>|
+|DynamoDB Table Not Encrypted<br/><sup><sub>4bd21e68-38c1-4d58-acdc-6a14b203237f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
+|DynamoDB With Aws Owned CMK<br/><sup><sub>c8dee387-a2e6-4a73-a942-183c975549ac</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html">Documentation</a><br/>|
+|EBS Volume Encryption Disabled<br/><sup><sub>80b7ac3f-d2b7-4577-9b10-df7913497162</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
+|ECS Cluster Not Encrypted At Rest<br/><sup><sub>6c131358-c54d-419b-9dd6-1f7dd41d180c</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>2ff8e83c-90e1-4d68-a300-6d652112e622</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
+|ElastiCache With Disabled at Rest Encryption<br/><sup><sub>e4ee3903-9225-4b6a-bdfb-e62dbadef821</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-atrestencryptionenabled">Documentation</a><br/>|
+|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>d926aa95-0a04-4abc-b20c-acf54afe38a1</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
+|ElasticSearch Not Encrypted At Rest<br/><sup><sub>86a248ab-0e01-4564-a82a-878303e253bb</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-encryptionatrestoptions">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>809f77f8-d10e-4842-a84f-3be7b6ff1190</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|Kinesis SSE Not Configured<br/><sup><sub>7f65be75-90ab-4036-8c2a-410aef7bb650</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesis-stream.html">Documentation</a><br/>|
+|MSK Cluster Encryption Disabled<br/><sup><sub>a976d63f-af0e-46e8-b714-8c1a9c4bf768</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
+|Neptune Database Cluster Encryption Disabled<br/><sup><sub>bf4473f1-c8a2-4b1b-8134-bd32efabab93</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-neptune-dbcluster.html">Documentation</a><br/>|
+|RDS Storage Encryption Disabled<br/><sup><sub>65844ba3-03a1-40a8-b3dd-919f122e8c95</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-storageencrypted">Documentation</a><br/>|
+|RDS Storage Not Encrypted<br/><sup><sub>5beacce3-4020-4a3d-9e1d-a36f953df630</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|Redshift Not Encrypted<br/><sup><sub>3b316b05-564c-44a7-9c3f-405bb95e211e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
+|S3 Bucket Without Server-side-encryption<br/><sup><sub>b2e8752c-3497-4255-98d2-e4ae5b46bbf5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonS3/latest/user-guide/default-bucket-encryption.html">Documentation</a><br/>|
+|SageMaker Data Encryption Disabled<br/><sup><sub>709e6da6-fa1f-44cc-8f17-7f25f96dadbe</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-notebookinstance.html">Documentation</a><br/>|
+|User Data Contains Encoded Private Key<br/><sup><sub>568cc372-ca64-420d-9015-ee347d00d288</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html">Documentation</a><br/>|
+|Workspace Without Encryption<br/><sup><sub>89827c57-5a8a-49eb-9731-976a606d70db</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspaces-workspace.html">Documentation</a><br/>|
+|Batch Job Definition With Privileged Container Properties<br/><sup><sub>76ddf32c-85b1-4808-8935-7eef8030ab36</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-batch-jobdefinition.html">Documentation</a><br/>|
+|KMS Key With Vulnerable Policy<br/><sup><sub>da905474-7454-43c0-b8d2-5756ab951aba</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keypolicy">Documentation</a><br/>|
+|Lambda Functions Without Unique IAM Roles<br/><sup><sub>ae03f542-1423-402f-9cef-c834e7ee9583</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
+|MQ Broker Is Publicly Accessible<br/><sup><sub>68b6a789-82f8-4cfd-85de-e95332fe6a61</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-publiclyaccessible">Documentation</a><br/>|
+|Root Account Has Active Access Keys<br/><sup><sub>4c137350-7307-4803-8c04-17c09a7a9fcf</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
+|S3 Static Website Host Enabled<br/><sup><sub>90501b1b-cded-4cc1-9e8b-206b85cda317</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration.html">Documentation</a><br/>|
+|Permissive Web ACL Default Action<br/><sup><sub>6d64f311-3da6-45f3-80f1-14db9771ea40</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-waf-webacl.html">Documentation</a><br/>|
+|DB Security Group Open To Large Scope<br/><sup><sub>0104165b-02d5-426f-abc9-91fb48189899</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|Default Security Groups With Unrestricted Traffic<br/><sup><sub>ea33fcf7-394b-4d11-a228-985c5d08f205</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|EC2 Sensitive Port Is Publicly Exposed<br/><sup><sub>494b03d3-bf40-4464-8524-7c56ad0700ed</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|ELB Sensitive Port Is Exposed To Entire Network<br/><sup><sub>78055456-f670-4d2e-94d5-392d1cf4f5e4</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|Fully Open Ingress<br/><sup><sub>e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group">Documentation</a><br/>|
+|Remote Desktop Port Open To Internet<br/><sup><sub>c9846969-d066-431f-9b34-8c4abafe422a</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Route53 Record Undefined<br/><sup><sub>24d932e1-91f0-46ea-836f-fdbd81694151</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html">Documentation</a><br/>|
+|Security Group Unrestricted Access To RDP<br/><sup><sub>3ae83918-7ec7-4cb8-80db-b91ef0f94002</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Security Groups With Exposed Admin Ports<br/><sup><sub>cdbb0467-2957-4a77-9992-7b55b29df7b7</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Security Groups With Meta IP<br/><sup><sub>adcd0082-e90b-4b63-862b-21899f6e6a48</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Unknown Port Exposed To Internet<br/><sup><sub>829ce3b8-065c-41a3-ad57-e0accfea82d2</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Unrestricted Security Group Ingress<br/><sup><sub>4a1e6b34-1008-4e61-a5f2-1f7c276f8d14</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|Amplify App Access Token Exposed<br/><sup><sub>73980e43-f399-4fcc-a373-658228f7adf7</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.html">Documentation</a><br/>|
+|Amplify App Basic Auth Config Password Exposed<br/><sup><sub>71493c8b-3014-404c-9802-078b74496fb7</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
+|Amplify App OAuth Token Exposed<br/><sup><sub>03b38885-8f4e-480c-a0e4-12c1affd15db</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-basicauthconfig.html">Documentation</a><br/>|
+|Amplify Branch Basic Auth Config Password Exposed<br/><sup><sub>dfb56e5d-ee68-446e-b32a-657b62befe69</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-branch.html#cfn-amplify-branch-basicauthconfig">Documentation</a><br/>|
+|Directory Service Microsoft AD Password Set to Plaintext or Default Ref<br/><sup><sub>06b9f52a-8cd5-459b-bdc6-21a22521e1be</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-microsoftad.html">Documentation</a><br/>|
+|Directory Service Simple AD Password Exposed<br/><sup><sub>6685d912-d81f-4cfa-95ad-e316ea31c989</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-directoryservice-simplead.html">Documentation</a><br/>|
+|DMS Endpoint MongoDB Settings Password Exposed<br/><sup><sub>f988a17f-1139-46a3-8928-f27eafd8b024</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-mongodbsettings.html">Documentation</a><br/>|
+|DMS Endpoint Password Exposed<br/><sup><sub>5f700072-b7ce-4e84-b3f3-497bf1c24a4d</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dms-endpoint.html">Documentation</a><br/>|
+|DocDB Cluster Master Password In Plaintext<br/><sup><sub>39423ce4-9011-46cd-b6b1-009edcd9385d</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html">Documentation</a><br/>|
+|Hardcoded AWS Access Key In Lambda<br/><sup><sub>2564172f-c92b-4261-9acd-464aed511696</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-environment">Documentation</a><br/>|
+|IAM User LoginProfile Password Is In Plaintext<br/><sup><sub>06adef8c-c284-4de7-aad2-af43b07a8ca1</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html">Documentation</a><br/>|
+|RefreshToken Is Exposed<br/><sup><sub>5b48c507-0d1f-41b0-a630-76817c6b4189</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
+|API Gateway Method Does Not Contains An API Key<br/><sup><sub>3641d5b4-d339-4bc2-bfb9-208fe8d3477f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
+|API Gateway Without Configured Authorizer<br/><sup><sub>7fd0d461-5b8c-4815-898c-f2b4b117eb28</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-authorizer.html">Documentation</a><br/>|
+|EC2 Instance Has No IAM Role<br/><sup><sub>f914357d-8386-4d56-9ba6-456e5723f9a6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html">Documentation</a><br/>|
+|EC2 Instance Using Default Security Group<br/><sup><sub>08b81bb3-0985-4023-8602-b606ad81d279</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-securitygroups">Documentation</a><br/>|
+|EC2 Network ACL Ineffective Denied Traffic<br/><sup><sub>2623d682-dccb-44cd-99d0-54d9fd62f8f2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
+|Elasticsearch Without IAM Authentication<br/><sup><sub>5c666ed9-b586-49ab-9873-c495a833b705</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-accesspolicies">Documentation</a><br/>|
+|Empty Roles For ECS Cluster Task Definitions<br/><sup><sub>7f384a5f-b5a2-4d84-8ca3-ee0a5247becb</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|IAM Group Inline Policies<br/><sup><sub>a58d1a2d-4078-4b80-855b-84cc3f7f4540</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
+|IAM Group Without Users<br/><sup><sub>8f957abd-9703-413d-87d3-c578950a753c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html">Documentation</a><br/>|
+|IAM Policies Attached To User<br/><sup><sub>edc95c10-7366-4f30-9b4b-f995c84eceb5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html">Documentation</a><br/>|
+|IAM Policies With Full Privileges<br/><sup><sub>953b3cdb-ce13-428a-aa12-318726506661</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>e835bd0d-65da-49f7-b6d1-b646da8727e6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|IAM Policy On User<br/><sup><sub>e4239438-e639-44aa-adb8-866e400e3ade</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|IAM Role Allows All Principals To Assume<br/><sup><sub>f80e3aa7-7b34-4185-954e-440a6894dde6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument">Documentation</a><br/>|
+|IoT Policy Allows Action as Wildcard<br/><sup><sub>4d32780f-43a4-424a-a06d-943c543576a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
+|IoT Policy Allows Wildcard Resource<br/><sup><sub>be5b230d-4371-4a28-a441-85dc760e2aa3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html">Documentation</a><br/>|
+|KMS Allows Wildcard Principal<br/><sup><sub>f6049677-ec4a-43af-8779-5190b6d03cba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|Lambda Permission Principal Is Wildcard<br/><sup><sub>1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
+|Public Lambda via API Gateway<br/><sup><sub>57b12981-3816-4c31-b190-a1e614361dd2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
+|S3 Bucket Allows Public ACL<br/><sup><sub>48f100d9-f499-4c6d-b2b8-deafe47ffb26</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>818f38ed-8446-4132-9c03-474d49e10195</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-sns-policy">Documentation</a><br/>|
+|SQS Policy With Public Access<br/><sup><sub>9b6a3f5b-5fd6-40ee-9bc0-ed604911212d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html">Documentation</a><br/>|
+|Auto Scaling Group With No Associated ELB<br/><sup><sub>ad21e616-5026-4b9d-990d-5b007bfe679c</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>2844c749-bd78-4cd1-90e8-b179df827602</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>cfdef2e5-1fe4-4ef4-bea8-c56e08963150</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html">Documentation</a><br/>|
+|RDS Multi-AZ Deployment Disabled<br/><sup><sub>2b1d4935-9acf-48a7-8466-10d18bf51a69</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|RDS With Backup Disabled<br/><sup><sub>8c415f6f-7b90-4a27-a44a-51047e1506f9</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|S3 Bucket Without Versioning<br/><sup><sub>a227ec01-f97a-4084-91a4-47b350c1db54</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|Stack Retention Disabled<br/><sup><sub>fe974ae9-858e-4991-bbd5-e040a834679f</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-autodeployment.html#cfn-cloudformation-stackset-autodeployment-retainstacksonaccountremoval">Documentation</a><br/>|
+|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>0f04217d-488f-4e7a-bec8-f16159686cd6</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html">Documentation</a><br/>|
+|ECS No Load Balancer Attached<br/><sup><sub>fb2b0ecf-1492-491a-a70d-ba1df579175d</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|IAM Managed Policy Applied to a User<br/><sup><sub>0e5872b4-19a0-4165-8b2f-56d9e14b909f</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-groups">Documentation</a><br/>|
+|IAM User Without Password Reset<br/><sup><sub>a964d6e3-8e1e-4d93-8120-61fa640dd55a</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html">Documentation</a><br/>|
+|Alexa Skill Plaintext Client Secret Exposed<br/><sup><sub>3c3b7a58-b018-4d07-9444-d9ee7156e111</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ask-skill.html#cfn-ask-skill-authenticationconfiguration">Documentation</a><br/>|
+|CloudFormation Specifying Credentials Not Safe<br/><sup><sub>9ecb6b21-18bc-4aa7-bd07-db20f1c746db</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-authentication.html">Documentation</a><br/>|
+|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>31733ee2-fef0-4e87-9778-65da22a8ecf1</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|CodeBuild Not Encrypted<br/><sup><sub>d7467bb6-3ed1-4c82-8095-5e7a818d0aad</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html">Documentation</a><br/>|
+|Connection Between CloudFront Origin Not Encrypted<br/><sup><sub>a5366a50-932f-4085-896b-41402714a388</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|Default KMS Key Usage<br/><sup><sub>e52395b4-250b-4c60-81d5-2e58c1d37abc</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|EFS Volume With Disabled Transit Encryption<br/><sup><sub>c1282e03-b285-4637-aee7-eefe3a7bb658</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html">Documentation</a><br/>|
+|ElastiCache With Disabled Transit Encryption<br/><sup><sub>3b02569b-fc6f-4153-b3a3-ba91022fed68</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html">Documentation</a><br/>|
+|ELB Using Insecure Protocols<br/><sup><sub>61a94903-3cd3-4780-88ec-fc918819b9c8</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|ELB Without Secure Protocol<br/><sup><sub>80908a75-586b-4c61-ab04-490f4f4525b8</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html">Documentation</a><br/>|
+|EMR Security Configuration Encryption Disabled<br/><sup><sub>5b033ec8-f079-4323-b5c8-99d4620433a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html">Documentation</a><br/>|
+|IAM Database Auth Not Enabled<br/><sup><sub>9fcd0a0a-9b6f-4670-a215-d94e6bf3f184</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableiamdatabaseauthentication">Documentation</a><br/>|
+|KMS Key Rotation Disabled<br/><sup><sub>235ca980-eb71-48f4-9030-df0c371029eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|Redshift Cluster Without KMS CMK<br/><sup><sub>de76a0d6-66d5-45c9-9022-f05545b85c78</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
+|S3 Bucket Without SSL In Write Actions<br/><sup><sub>38c64e76-c71e-4d92-a337-60174d1de1c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|SageMaker EndPoint Config Should Specify KmsKeyId Attribute<br/><sup><sub>44034eda-1c3f-486a-831d-e09a7dd94354</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html">Documentation</a><br/>|
+|Secure Ciphers Disabled<br/><sup><sub>be96849c-3df6-49c2-bc16-778a7be2519c</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-viewercertificate.html">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>12726829-93ed-4d51-9cbe-13423f4299e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html#aws-sqs-queue-kmsmasterkeyid">Documentation</a><br/>|
+|API Gateway With Open Access<br/><sup><sub>1056dfbb-5802-4762-bf2b-8b9b9684b1b0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html">Documentation</a><br/>|
+|API Gateway Without Security Policy<br/><sup><sub>8275fab0-68ec-4705-bbf4-86975edb170e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-securitypolicy">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>ed4c48b8-eccc-4881-95c1-09fdae23db25</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>dc17ee4b-ddf2-4e23-96e8-7a36abad1303</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|ECR Image Tag Not Immutable<br/><sup><sub>33f41d31-86b1-46a4-81f7-9c9a671f59ac</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html">Documentation</a><br/>|
+|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>027a4b7a-8a59-4938-a04f-ed532512cf45</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-networkmode">Documentation</a><br/>|
+|EMR Cluster Without Security Configuration<br/><sup><sub>48af92a5-c89b-4936-bc62-1086fe2bab23</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticmapreduce-cluster.html#cfn-elasticmapreduce-cluster-securityconfiguration">Documentation</a><br/>|
+|GitHub Repository Set To Public<br/><sup><sub>5906092d-5f74-490d-9a03-78febe0f65e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codestar-githubrepository.html">Documentation</a><br/>|
+|IAM User Has Too Many Access Keys<br/><sup><sub>48677914-6fdf-40ec-80c4-2b0e94079f54</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html">Documentation</a><br/>|
+|Redshift Publicly Accessible<br/><sup><sub>bdf8dcb4-75df-4370-92c4-606e4ae6c4d3</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html">Documentation</a><br/>|
+|S3 Bucket With Unsecured CORS Rule<br/><sup><sub>3609d27c-3698-483a-9402-13af6ae80583</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html">Documentation</a><br/>|
+|S3 Bucket Without Ignore Public ACL<br/><sup><sub>6c8d51af-218d-4bfb-94a9-94eabaa0703a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>350cd468-0e2c-44ef-9d22-cfb73a62523c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">Documentation</a><br/>|
+|SageMaker Enabling Internet Access<br/><sup><sub>88d55d94-315d-4564-beee-d2d725feab11</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11')">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
+|Vulnerable Default SSL Certificate<br/><sup><sub>b4d9c12b-bfba-4aeb-9cb8-2358546d8041</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html">Documentation</a><br/>|
+|ALB Is Not Integrated With WAF<br/><sup><sub>105ba098-1e34-48cd-b0f2-a8a43a51bf9b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>275a3217-ca37-40c1-a6cf-bb57d245ab32</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html#cfn-ec2-elb-listener-protocol">Documentation</a><br/>|
+|API Gateway Endpoint Config is Not Private<br/><sup><sub>4a8daf95-709d-4a36-9132-d3e19878fa34</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-endpointconfiguration.html#cfn-apigateway-restapi-endpointconfiguration-types">Documentation</a><br/>|
+|API Gateway without WAF<br/><sup><sub>fcbf9019-566c-4832-a65c-af00d8137d2b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webaclassociation.html#cfn-wafv2-webaclassociation-resourcearn">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>0f139403-303f-467c-96bd-e717e6cfd62d</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-webaclid">Documentation</a><br/>|
+|EC2 Instance Subnet Has Public IP Mapping On Launch<br/><sup><sub>b3de4e4c-14be-4159-b99d-9ad194365e4c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html#cfn-ec2-subnet-mappubliciponlaunch">Documentation</a><br/>|
+|EC2 Network ACL Overlapping Ports<br/><sup><sub>77b6f1e2-bde4-4a6a-ae7e-a40659ff1576</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-portrange.html">Documentation</a><br/>|
+|EC2 Permissive Network ACL Protocols<br/><sup><sub>03879981-efa2-47a0-a818-c843e1441b88</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html">Documentation</a><br/>|
+|EC2 Public Instance Exposed Through Subnet<br/><sup><sub>c44c95fc-ae92-4bb8-bdf8-bb9bc412004a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route.html">Documentation</a><br/>|
+|EKS node group remote access<br/><sup><sub>73d59e76-a12c-4b74-a3d8-d3e1e19c25b3</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-nodegroup.html">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>4cdc88e6-c0c8-4081-a639-bb3a557cbedf</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticsearch-domain-domainendpointoptions.html">Documentation</a><br/>|
+|ELB With Security Group Without Inbound Rules<br/><sup><sub>e200a6f3-c589-49ec-9143-7421d4a2c845</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupingress">Documentation</a><br/>|
+|ELB With Security Group Without Outbound Rules<br/><sup><sub>01d5a458-a6c4-452a-ac50-054d59275b7c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupegress">Documentation</a><br/>|
+|GameLift Fleet EC2 InboundPermissions With Port Range<br/><sup><sub>43356255-495d-4148-ad8d-f6af5eac09dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-fleet.html">Documentation</a><br/>|
+|HTTP Port Open To Internet<br/><sup><sub>ddfc4eaa-af23-409f-b96c-bf5c45dc4daa</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|SageMaker Notebook Not Placed In VPC<br/><sup><sub>9c7028d9-04c2-45be-b8b2-1188ccaefb36</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36')">Query details</a><br><a href="https://docs.aws.amazon.com/sagemaker/latest/dg/security_iam_id-based-policy-examples.html#sagemaker-condition-nbi-lockdown">Documentation</a><br/>|
+|Security Group Egress CIDR Open To World<br/><sup><sub>1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
+|Security Group Egress With All Protocols<br/><sup><sub>ee464fc2-54a6-4e22-b10a-c6dcd2474d0c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
+|Security Group Egress With Port Range<br/><sup><sub>dae9c373-8287-462f-8746-6f93dad93610</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html">Documentation</a><br/>|
+|Security Group Ingress With All Protocols<br/><sup><sub>1a427b25-2e9e-4298-9530-0499a55e736b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|Security Group Ingress With Port Range<br/><sup><sub>87482183-a8e7-4e42-a566-7a23ec231c16</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|Security Group With Unrestricted Access To SSH<br/><sup><sub>6e856af2-62d7-4ba2-adc1-73b62cef9cc1</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Security Groups Allows Unrestricted Outbound Traffic<br/><sup><sub>66f2d8f9-a911-4ced-ae27-34f09690bb2c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|TCP UDP Protocol Network ACL Entry Allows All Ports<br/><sup><sub>f57f849c-883b-4cb7-85e7-f7b199dff163</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-portrange">Documentation</a><br/>|
+|VPC Without Network Firewall<br/><sup><sub>3e293410-d5b8-411f-85fd-7d26294f20c9</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-vpcid">Documentation</a><br/>|
+|API Gateway Deployment Without Access Log Setting<br/><sup><sub>06ec63e3-9f72-4fe2-a218-2eb9200b8db5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
+|API Gateway V2 Stage Access Logging Settings Not Defined<br/><sup><sub>80d45af4-4920-4236-a56e-b7ef419d1941</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>de77cd9f-0e8b-46cc-b4a4-b6b436838642</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/logging-and-monitoring.html">Documentation</a><br/>|
+|CloudTrail Logging Disabled<br/><sup><sub>5c0b06d5-b7a4-484c-aeb0-75a836269ff0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-islogging">Documentation</a><br/>|
+|CloudWatch Logging Disabled<br/><sup><sub>0f0fb06b-0f2f-4374-8588-f2c7c348c7a0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-queryloggingconfig">Documentation</a><br/>|
+|CloudWatch Metrics Disabled<br/><sup><sub>5d3c1807-acb3-4bb0-be4e-0440230feeaf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-alarm.html">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>1bf3b3d4-f373-4d7c-afbb-7d85948a67a5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-enablecloudwatchlogsexports">Documentation</a><br/>|
+|EC2 Instance Monitoring Disabled<br/><sup><sub>0264093f-6791-4475-af34-4b8102dcbcd0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-monitoring">Documentation</a><br/>|
+|Elasticsearch Logs Disabled<br/><sup><sub>edbd62d4-8700-41de-b000-b3cfebb5e996</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
+|ELB Access Log Disabled<br/><sup><sub>ee12ad32-2863-4c0f-b13f-28272d115028</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-accessloggingpolicy.html">Documentation</a><br/>|
+|ELBv2 ALB Access Log Disabled<br/><sup><sub>c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattributes.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattributes-key">Documentation</a><br/>|
+|GuardDuty Detector Disabled<br/><sup><sub>a25cd877-375c-4121-a640-730929936fac</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html">Documentation</a><br/>|
+|MQ Broker Logging Disabled<br/><sup><sub>e519ed6a-8328-4b69-8eb7-8fa549ac3050</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amazonmq-broker.html#cfn-amazonmq-broker-logs">Documentation</a><br/>|
+|MSK Cluster Logging Disabled<br/><sup><sub>fc7c2c15-f5d0-4b80-adb2-c89019f8f62b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html">Documentation</a><br/>|
+|Redshift Cluster Logging Disabled<br/><sup><sub>3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-loggingproperties">Documentation</a><br/>|
+|S3 Bucket CloudTrail Logging Disabled<br/><sup><sub>c3ce69fd-e3df-49c6-be78-1db3f802261c</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
+|S3 Bucket Logging Disabled<br/><sup><sub>4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-loggingconfig">Documentation</a><br/>|
+|VPC FlowLogs Disabled<br/><sup><sub>f6d299d2-21eb-41cc-b1e1-fe12d857500b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html">Documentation</a><br/>|
+|High Access Key Rotation Period<br/><sup><sub>800fa019-49dd-421b-9042-7331fdd83fa2</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2')">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/config/latest/developerguide/access-keys-rotated.html">Documentation</a><br/>|
+|IAM User With No Group<br/><sup><sub>06933df4-0ea7-461c-b9b5-104d27390e0e</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
+|Support Has No Role Associated<br/><sup><sub>d71b5fd7-9020-4b2d-9ec8-b3839faa2744</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html">Documentation</a><br/>|
+|EBS Volume Not Attached To Instances<br/><sup><sub>1819ac03-542b-4026-976b-f37addd59f3b</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volumeattachment.html">Documentation</a><br/>|
+|ECS Service Without Running Tasks<br/><sup><sub>79d745f0-d5f3-46db-9504-bef73e9fd528</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-deploymentconfiguration">Documentation</a><br/>|
+|VPC Attached With Too Many Gateways<br/><sup><sub>97e94d17-e2c7-4109-a53b-6536ac1bb64e</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html">Documentation</a><br/>|
+|Low RDS Backup Retention Period<br/><sup><sub>e649a218-d099-4550-86a4-1231e1fcb60d</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html">Documentation</a><br/>|
+|RDS DB Instance With Deletion Protection Disabled<br/><sup><sub>2c161e58-cb52-454f-abea-6470c37b5e6e</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-deletionprotection">Documentation</a><br/>|
+|Automatic Minor Upgrades Disabled<br/><sup><sub>f0104061-8bfc-4b45-8a7d-630eb502f281</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html">Documentation</a><br/>|
+|CDN Configuration Is Missing<br/><sup><sub>e4f54ff4-d352-40e8-a096-5141073c37a2</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html">Documentation</a><br/>|
+|Cognito UserPool Without MFA<br/><sup><sub>74a18d1a-cf02-4a31-8791-ed0967ad7fdc</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html">Documentation</a><br/>|
+|Geo Restriction Disabled<br/><sup><sub>7f8843f0-9ea5-42b4-a02b-753055113195</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html">Documentation</a><br/>|
+|IAM Access Analyzer Not Enabled<br/><sup><sub>8d29754a-2a18-460d-a1ba-9509f8d359da</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da')">Query details</a><br><a href="https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>b1b20ae3-8fa7-4af5-a74d-a2145920fcb1</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user">Documentation</a><br/>|
+|IAM Policies Without Groups<br/><sup><sub>5e7acff5-095b-40ac-9073-ac2e4ad8a512</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-policy">Documentation</a><br/>|
+|Lambda Permission Misconfigured<br/><sup><sub>9b83114b-b2a1-4534-990d-06da015e47aa</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa')">Query details</a><br><a href="https://docs.aws.amazon.com/pt_br/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">Documentation</a><br/>|
+|Security Group Ingress Has CIDR Not Recommended<br/><sup><sub>a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html">Documentation</a><br/>|
+|DynamoDB With Not Recommented Table Billing Mode<br/><sup><sub>c333e906-8d8b-4275-b999-78b6318f8dc6</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-attributedef">Documentation</a><br/>|
+|EFS Without Tags<br/><sup><sub>08e39832-5e42-4304-98a0-aa5b43393162</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
+|API Gateway With Invalid Compression<br/><sup><sub>d6653eee-2d4d-4e6a-976f-6794a497999a</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html">Documentation</a><br/>|
+|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>050a9ba8-d1cb-4c61-a5e8-8805a70d3b85</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-kmskeyid">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>6d087495-2a42-4735-abf7-02ef5660a7e6</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html">Documentation</a><br/>|
+|API Gateway Cache Cluster Disabled<br/><sup><sub>52790cad-d60d-41d5-8483-146f9f21208d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclusterenabled">Documentation</a><br/>|
+|Inline Policies Are Attached To ECS Service<br/><sup><sub>9e8c89b3-7997-4d15-93e4-7911b9db99fd</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html">Documentation</a><br/>|
+|Instance With No VPC<br/><sup><sub>8a6d36cd-0bc6-42b7-92c4-67acc8576861</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html">Documentation</a><br/>|
+|Lambda Function Without Dead Letter Queue<br/><sup><sub>c2eae442-d3ba-4cb1-84ca-1db4f80eae3d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-deadletterconfig">Documentation</a><br/>|
+|Lambda Function Without Tags<br/><sup><sub>8df8e857-bd59-44fa-9f4c-d77594b95b46</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html">Documentation</a><br/>|
+|Wildcard In ACM Certificate Domain Name<br/><sup><sub>cc8b294f-006f-4f8f-b5bb-0a9140c33131</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131')">Query details</a><br><a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html">Documentation</a><br/>|
+|RouterTable with Default Routing<br/><sup><sub>4f0908b9-eb66-433f-9145-134274e1e944</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-route-table.html">Documentation</a><br/>|
+|S3 Bucket Should Have Bucket Policy<br/><sup><sub>37fa8188-738b-42c8-bf82-6334ea567738</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html">Documentation</a><br/>|
+|EC2 Instance Using Default VPC<br/><sup><sub>e42a3ef0-5325-4667-84bf-075ba1c9d58e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-subnetid">Documentation</a><br/>|
+|ElastiCache Using Default Port<br/><sup><sub>323db967-c68e-44e6-916c-a777f95af34b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-replicationgroup.html#cfn-elasticache-replicationgroup-port">Documentation</a><br/>|
+|ElastiCache Without VPC<br/><sup><sub>ba766c53-fe71-4bbb-be35-b6803f2ef13e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cache-cluster.html#cfn-elasticache-cachecluster-cachesubnetgroupname">Documentation</a><br/>|
+|EMR Without VPC<br/><sup><sub>bf89373a-be40-4c04-99f5-746742dfd7f3</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-jobflowinstancesconfig.html#cfn-elasticmapreduce-cluster-jobflowinstancesconfig-ec2subnetid">Documentation</a><br/>|
+|RDS Using Default Port<br/><sup><sub>1fe9d958-ddce-4228-a124-05265a959a8b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port">Documentation</a><br/>|
+|Redshift Using Default Port<br/><sup><sub>a478af30-8c3a-404d-aa64-0b673cee509a</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-port">Documentation</a><br/>|
+|Security Groups Without VPC Attached<br/><sup><sub>493d9591-6249-47bf-8dc0-5c10161cc558</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|Shield Advanced Not In Use<br/><sup><sub>ad7444cf-817a-4765-a79e-2145f7981faf</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html">Documentation</a><br/>|
+|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>783860a3-6dca-4c8b-81d0-7b62769ccbca</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html">Documentation</a><br/>|
+|API Gateway X-Ray Disabled<br/><sup><sub>4ab10c48-bedb-4deb-8f3b-ff12783b61de</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tracingenabled">Documentation</a><br/>|
+|CloudTrail Log File Validation Disabled<br/><sup><sub>2a3560fe-52ca-4443-b34f-bf0ed5eb74c8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-enablelogfilevalidation">Documentation</a><br/>|
+|CloudTrail Multi Region Disabled<br/><sup><sub>058ac855-989f-4378-ba4d-52d004020da7</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-ismultiregiontrail">Documentation</a><br/>|
+|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>65d07da5-9af5-44df-8983-52d2e6f24c44</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html">Documentation</a><br/>|
+|CloudTrail SNS Topic Name Undefined<br/><sup><sub>3e09413f-471e-40f3-8626-990c79ae63f3</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-snstopicname">Documentation</a><br/>|
+|CMK Rotation Disabled<br/><sup><sub>1c07bfaf-663c-4f6f-b22b-8e2d481e4df5</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html">Documentation</a><br/>|
+|Configuration Aggregator to All Regions Disabled<br/><sup><sub>9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configurationaggregator.html">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>ab759fde-e1e8-4b0e-ad73-ba856e490ed8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-cluster.html#cfn-ecs-cluster-clustersettings">Documentation</a><br/>|
+|ECS Task Definition HealthCheck Missing<br/><sup><sub>d24389b4-b209-4ff0-8345-dc7a4569dcdd</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html">Documentation</a><br/>|
+|ElasticSearch Without Slow Logs<br/><sup><sub>086ea2eb-14a6-4fd4-914b-38e0bc8703e8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-logpublishingoptions">Documentation</a><br/>|
+|Lambda Functions Without X-Ray Tracing<br/><sup><sub>9488c451-074e-4cd3-aee3-7db6104f542c</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-tracingconfig.html">Documentation</a><br/>|
+|Stack Notifications Disabled<br/><sup><sub>837e033c-4717-40bd-807e-6abaa30161b7</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html">Documentation</a><br/>|
+|Unscanned ECR Image<br/><sup><sub>9025b2b3-e554-4842-ba87-db7aeec36d35</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagescanningconfiguration">Documentation</a><br/>|
+|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>7f8f1b60-43df-4c28-aa21-fb836dbd8071</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">Documentation</a><br/>|
+|ECS Task Definition Invalid CPU or Memory<br/><sup><sub>f4c9b5f5-68b8-491f-9e48-4f96644a1d51</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51')">Query details</a><br><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html">Documentation</a><br/>|
+|SDB Domain Declared As A Resource<br/><sup><sub>6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-simpledb.html">Documentation</a><br/>|
+|VPC Without Attached Subnet<br/><sup><sub>3b3b4411-ad1f-40e7-b257-a78a6bb9673a</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html">Documentation</a><br/>|
+|EBS Volume Without KmsKeyId<br/><sup><sub>b7063015-6c31-4658-a8e7-14f98f37fd42</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html">Documentation</a><br/>|
+|Secrets Manager Should Specify KmsKeyId<br/><sup><sub>c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html">Documentation</a><br/>|
+|SNS Topic Without KmsMasterKeyId<br/><sup><sub>9d13b150-a2ab-42a1-b6f4-142e41f81e52</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>8dd0ff1f-0da4-48df-9bb3-7f338ae36a40</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-ebsoptimized">Documentation</a><br/>|
+|Security Group Rule Without Description<br/><sup><sub>5e6c9c68-8a82-408e-8749-ddad78cbb9c5</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">Documentation</a><br/>|
+|EC2 Network ACL Duplicate Rule<br/><sup><sub>045ddb54-cfc5-4abb-9e05-e427b2bc96fe</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-network-acl-entry.html#cfn-ec2-networkaclentry-rulenumber">Documentation</a><br/>|
 
 ### AWS_BOM
 Below are listed queries related to CloudFormation AWS_BOM:
@@ -264,18 +264,18 @@ Below are listed queries related to CloudFormation AWS_BOM:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|BOM - AWS Cassandra<br/><sup><sub>124b173b-e06d-48a6-8acd-f889443d97a4</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS DynamoDB<br/><sup><sub>4e67c0ae-38a0-47f4-a50c-f0c9b75826df</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EBS<br/><sup><sub>0b0556ea-9cd9-476f-862e-20679dda752b</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EFS<br/><sup><sub>ef05a925-8568-4054-8ff1-f5ba82631c16</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Elasticache<br/><sup><sub>c689f51b-9203-43b3-9d8b-caed123f706c</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Kinesis<br/><sup><sub>d53323be-dde6-4457-9a43-42df737e71d2</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MQ<br/><sup><sub>209189f3-c879-48a7-9703-fbcfa96d0cef</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MSK<br/><sup><sub>2730c169-51d7-4ae7-99b5-584379eff1bb</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS RDS<br/><sup><sub>6ef03ff6-a2bd-483c-851f-631f248bc0ea</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS S3 Buckets<br/><sup><sub>b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SNS<br/><sup><sub>42e7dca3-8cce-4325-8df0-108888259136</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SQS<br/><sup><sub>59a849c2-1127-4023-85a5-ef906dcd458c</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Cassandra<br/><sup><sub>124b173b-e06d-48a6-8acd-f889443d97a4</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS DynamoDB<br/><sup><sub>4e67c0ae-38a0-47f4-a50c-f0c9b75826df</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EBS<br/><sup><sub>0b0556ea-9cd9-476f-862e-20679dda752b</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EFS<br/><sup><sub>ef05a925-8568-4054-8ff1-f5ba82631c16</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Elasticache<br/><sup><sub>c689f51b-9203-43b3-9d8b-caed123f706c</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Kinesis<br/><sup><sub>d53323be-dde6-4457-9a43-42df737e71d2</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MQ<br/><sup><sub>209189f3-c879-48a7-9703-fbcfa96d0cef</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MSK<br/><sup><sub>2730c169-51d7-4ae7-99b5-584379eff1bb</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS RDS<br/><sup><sub>6ef03ff6-a2bd-483c-851f-631f248bc0ea</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS S3 Buckets<br/><sup><sub>b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SNS<br/><sup><sub>42e7dca3-8cce-4325-8df0-108888259136</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SQS<br/><sup><sub>59a849c2-1127-4023-85a5-ef906dcd458c</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
 
 ### AWS_SAM
 Below are listed queries related to CloudFormation AWS_SAM:
@@ -284,13 +284,13 @@ Below are listed queries related to CloudFormation AWS_SAM:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Serverless Function Without Unique IAM Role<br/><sup><sub>4ba74f01-aba5-4be2-83bc-be79ff1a3b92</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-role">Documentation</a><br/>|
-|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>a7f8ac28-eed1-483d-87c8-4c325f022572</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-kmskeyarn">Documentation</a><br/>|
-|Serverless API Endpoint Config Not Private<br/><sup><sub>6b5b0313-771b-4319-ad7a-122ee78700ef</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-endpointconfiguration">Documentation</a><br/>|
-|Serverless API Access Logging Setting Undefined<br/><sup><sub>0a994e04-c6dc-471d-817e-d37451d18a3b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-stage-accesslogsetting.html">Documentation</a><br/>|
-|Serverless API X-Ray Tracing Disabled<br/><sup><sub>c757c6a3-ac87-4b9d-b28d-e5a5add6a315</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-tracingenabled">Documentation</a><br/>|
-|Serverless API Without Content Encoding<br/><sup><sub>a2f2800e-614b-4bc8-89e6-fec8afd24800</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-minimumcompressionsize">Documentation</a><br/>|
-|Serverless API Cache Cluster Disabled<br/><sup><sub>60a05ede-0a68-4d0d-a58f-f538cf55ff79</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-cacheclusterenabled">Documentation</a><br/>|
-|Serverless Function Without Dead Letter Queue<br/><sup><sub>cb2f612b-ed42-4ff5-9fb9-255c73d39a18</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-deadletterqueue">Documentation</a><br/>|
-|Serverless Function Without Tags<br/><sup><sub>a71ecabe-03b6-456a-b3bc-d1a39aa20c98</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tags">Documentation</a><br/>|
-|Serverless Function Without X-Ray Tracing<br/><sup><sub>dc1ab429-1481-4540-9b1d-280e3f15f1f8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tracing">Documentation</a><br/>|
+|Serverless Function Without Unique IAM Role<br/><sup><sub>4ba74f01-aba5-4be2-83bc-be79ff1a3b92</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-role">Documentation</a><br/>|
+|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>a7f8ac28-eed1-483d-87c8-4c325f022572</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-kmskeyarn">Documentation</a><br/>|
+|Serverless API Endpoint Config Not Private<br/><sup><sub>6b5b0313-771b-4319-ad7a-122ee78700ef</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-endpointconfiguration">Documentation</a><br/>|
+|Serverless API Access Logging Setting Undefined<br/><sup><sub>0a994e04-c6dc-471d-817e-d37451d18a3b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b')">Query details</a><br><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-stage-accesslogsetting.html">Documentation</a><br/>|
+|Serverless API X-Ray Tracing Disabled<br/><sup><sub>c757c6a3-ac87-4b9d-b28d-e5a5add6a315</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-tracingenabled">Documentation</a><br/>|
+|Serverless API Without Content Encoding<br/><sup><sub>a2f2800e-614b-4bc8-89e6-fec8afd24800</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-minimumcompressionsize">Documentation</a><br/>|
+|Serverless API Cache Cluster Disabled<br/><sup><sub>60a05ede-0a68-4d0d-a58f-f538cf55ff79</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-cacheclusterenabled">Documentation</a><br/>|
+|Serverless Function Without Dead Letter Queue<br/><sup><sub>cb2f612b-ed42-4ff5-9fb9-255c73d39a18</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-deadletterqueue">Documentation</a><br/>|
+|Serverless Function Without Tags<br/><sup><sub>a71ecabe-03b6-456a-b3bc-d1a39aa20c98</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tags">Documentation</a><br/>|
+|Serverless Function Without X-Ray Tracing<br/><sup><sub>dc1ab429-1481-4540-9b1d-280e3f15f1f8</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8" onclick="newWindowOpenerSafe(event, '../cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8')">Query details</a><br><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-tracing">Documentation</a><br/>|
diff --git a/docs/queries/common-queries.md b/docs/queries/common-queries.md
index 6a62d05faf0..d7efe994997 100644
--- a/docs/queries/common-queries.md
+++ b/docs/queries/common-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from Common.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Passwords And Secrets<br/><sup><sub>a88baa34-e2ad-44ea-ad6f-8cac87bc7c71</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71" target="_blank">Query details</a><br><a href="https://docs.kics.io/latest/secrets/">Documentation</a><br/>|
+|Passwords And Secrets<br/><sup><sub>a88baa34-e2ad-44ea-ad6f-8cac87bc7c71</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71" onclick="newWindowOpenerSafe(event, '../common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71')">Query details</a><br><a href="https://docs.kics.io/latest/secrets/">Documentation</a><br/>|
diff --git a/docs/queries/crossplane-queries.md b/docs/queries/crossplane-queries.md
index 03fc80c3c3d..489502fc220 100644
--- a/docs/queries/crossplane-queries.md
+++ b/docs/queries/crossplane-queries.md
@@ -8,20 +8,20 @@ Below are listed queries related to Crossplane AWS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|DB Instance Storage Not Encrypted<br/><sup><sub>e50eb68a-a4af-4048-8bbe-8ec324421469</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>72840c35-3876-48be-900d-f21b2f0c2ea1</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-encrypted">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>a507daa5-0795-4380-960b-dd7bb7c56661</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/elbv2.aws.crossplane.io/Listener/v1alpha1@v0.29.0#spec-forProvider-sslPolicy">Documentation</a><br/>|
-|Neptune Database Cluster Encryption Disabled<br/><sup><sub>83bf5aca-138a-498e-b9cd-ad5bc5e117b4</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/neptune.aws.crossplane.io/DBCluster/v1alpha1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
-|DB Security Group Has Public Interface<br/><sup><sub>dd667399-8d9d-4a8d-bbb4-e49ab53b2f52</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ec2.aws.crossplane.io/SecurityGroup/v1beta1@v0.29.0#spec-forProvider-ingress-ipRanges-cidrIp">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>9296f1cc-7a40-45de-bd41-f31745488a0e</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/sqs.aws.crossplane.io/Queue/v1beta1@v0.29.0#spec-forProvider-kmsMasterKeyId">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>255b0fcc-9f82-41fe-9229-01b163e3376b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-viewerCertificate-minimumProtocolVersion">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>d9dc6429-5140-498a-8f55-a10daac5f000</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.17.0">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>6d19ce0f-b3d8-4128-ac3d-1064e0f00494</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-webACLID">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>7b590235-1ff4-421b-b9ff-5227134be9bb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-logging">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>e6cd49ba-77ed-417f-9bca-4f5303554308</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/docdb.aws.crossplane.io/DBCluster/v1alpha1@v0.21.1#status-atProvider-enabledCloudwatchLogsExports">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>bdecd6db-2600-47dd-a10c-72c97cf17ae9</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-kmsKeyID">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>0c7a76d9-7dc5-499e-81ac-9245839177cb</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ecs.aws.crossplane.io/Cluster/v1alpha1@v0.42.0#spec-forProvider-settings">Documentation</a><br/>|
-|CloudWatch Without Retention Period Specified<br/><sup><sub>934613fe-b12c-4e5a-95f5-c1dcdffac1ff</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudwatchlogs.aws.crossplane.io/LogGroup/v1alpha1@v0.29.0#spec-forProvider-retentionInDays">Documentation</a><br/>|
+|DB Instance Storage Not Encrypted<br/><sup><sub>e50eb68a-a4af-4048-8bbe-8ec324421469</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>72840c35-3876-48be-900d-f21b2f0c2ea1</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-encrypted">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>a507daa5-0795-4380-960b-dd7bb7c56661</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/elbv2.aws.crossplane.io/Listener/v1alpha1@v0.29.0#spec-forProvider-sslPolicy">Documentation</a><br/>|
+|Neptune Database Cluster Encryption Disabled<br/><sup><sub>83bf5aca-138a-498e-b9cd-ad5bc5e117b4</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/neptune.aws.crossplane.io/DBCluster/v1alpha1@v0.29.0#spec-forProvider-storageEncrypted">Documentation</a><br/>|
+|DB Security Group Has Public Interface<br/><sup><sub>dd667399-8d9d-4a8d-bbb4-e49ab53b2f52</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ec2.aws.crossplane.io/SecurityGroup/v1beta1@v0.29.0#spec-forProvider-ingress-ipRanges-cidrIp">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>9296f1cc-7a40-45de-bd41-f31745488a0e</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/sqs.aws.crossplane.io/Queue/v1beta1@v0.29.0#spec-forProvider-kmsMasterKeyId">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>255b0fcc-9f82-41fe-9229-01b163e3376b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-viewerCertificate-minimumProtocolVersion">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>d9dc6429-5140-498a-8f55-a10daac5f000</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/database.aws.crossplane.io/RDSInstance/v1beta1@v0.17.0">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>6d19ce0f-b3d8-4128-ac3d-1064e0f00494</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-webACLID">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>7b590235-1ff4-421b-b9ff-5227134be9bb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudfront.aws.crossplane.io/Distribution/v1alpha1@v0.29.0#spec-forProvider-distributionConfig-logging">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>e6cd49ba-77ed-417f-9bca-4f5303554308</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/docdb.aws.crossplane.io/DBCluster/v1alpha1@v0.21.1#status-atProvider-enabledCloudwatchLogsExports">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>bdecd6db-2600-47dd-a10c-72c97cf17ae9</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/efs.aws.crossplane.io/FileSystem/v1alpha1@v0.29.0#spec-forProvider-kmsKeyID">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>0c7a76d9-7dc5-499e-81ac-9245839177cb</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/ecs.aws.crossplane.io/Cluster/v1alpha1@v0.42.0#spec-forProvider-settings">Documentation</a><br/>|
+|CloudWatch Without Retention Period Specified<br/><sup><sub>934613fe-b12c-4e5a-95f5-c1dcdffac1ff</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff" onclick="newWindowOpenerSafe(event, '../crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-aws/cloudwatchlogs.aws.crossplane.io/LogGroup/v1alpha1@v0.29.0#spec-forProvider-retentionInDays">Documentation</a><br/>|
 
 ### AZURE
 Below are listed queries related to Crossplane AZURE:
@@ -30,8 +30,8 @@ Below are listed queries related to Crossplane AZURE:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|AKS RBAC Disabled<br/><sup><sub>b2418936-cd47-4ea2-8346-623c0bdb87bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/compute.azure.crossplane.io/AKSCluster/v1alpha3@v0.19.0#spec-disableRBAC">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>6c7cfec3-c686-4ed2-bf58-a1ec054b63fc</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/cache.azure.crossplane.io/Redis/v1beta1@v0.19.0#spec-forProvider-enableNonSslPort">Documentation</a><br/>|
+|AKS RBAC Disabled<br/><sup><sub>b2418936-cd47-4ea2-8346-623c0bdb87bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd" onclick="newWindowOpenerSafe(event, '../crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/compute.azure.crossplane.io/AKSCluster/v1alpha3@v0.19.0#spec-disableRBAC">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>6c7cfec3-c686-4ed2-bf58-a1ec054b63fc</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc" onclick="newWindowOpenerSafe(event, '../crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-azure/cache.azure.crossplane.io/Redis/v1beta1@v0.19.0#spec-forProvider-enableNonSslPort">Documentation</a><br/>|
 
 ### GCP
 Below are listed queries related to Crossplane GCP:
@@ -40,5 +40,5 @@ Below are listed queries related to Crossplane GCP:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>b4f65d13-a609-4dc1-af7c-63d2e08bffe9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/container.gcp.crossplane.io/NodePool/v1beta1@v0.21.0#spec-forProvider-management-autoRepair">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>6c2d627c-de0f-45fb-b33d-dad9bffbb421</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421" target="_blank">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/storage.gcp.crossplane.io/Bucket/v1alpha3@v0.21.0#spec-logging">Documentation</a><br/>|
+|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>b4f65d13-a609-4dc1-af7c-63d2e08bffe9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9" onclick="newWindowOpenerSafe(event, '../crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/container.gcp.crossplane.io/NodePool/v1beta1@v0.21.0#spec-forProvider-management-autoRepair">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>6c2d627c-de0f-45fb-b33d-dad9bffbb421</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421" onclick="newWindowOpenerSafe(event, '../crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421')">Query details</a><br><a href="https://doc.crds.dev/github.com/crossplane/provider-gcp/storage.gcp.crossplane.io/Bucket/v1alpha3@v0.21.0#spec-logging">Documentation</a><br/>|
diff --git a/docs/queries/dockercompose-queries.md b/docs/queries/dockercompose-queries.md
index 15e06d1fe9f..2c12d004c0b 100644
--- a/docs/queries/dockercompose-queries.md
+++ b/docs/queries/dockercompose-queries.md
@@ -3,24 +3,24 @@ This page contains all queries from DockerCompose.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Docker Socket Mounted In Container<br/><sup><sub>d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#volumes">Documentation</a><br/>|
-|Volume Has Sensitive Host Directory<br/><sup><sub>1c1325ff-831d-43a1-973e-839ae57dfcc0</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference">Documentation</a><br/>|
-|Volume Mounted In Multiple Containers<br/><sup><sub>baa452f0-1f21-4a25-ace5-844e7a5f410d</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
-|No New Privileges Not Set<br/><sup><sub>27fcc7d6-c49b-46e0-98f1-6c082a6a2750</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/run/#security-configuration">Documentation</a><br/>|
-|Privileged Containers Enabled<br/><sup><sub>ae5b6871-7f45-42e0-bb4c-ab300c4d2026</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#privileged">Documentation</a><br/>|
-|Healthcheck Not Set<br/><sup><sub>698ed579-b239-4f8f-a388-baa4bcb13ef8</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck">Documentation</a><br/>|
-|Cgroup Not Default<br/><sup><sub>4d9f44c6-2f4a-4317-9bb5-267adbea0232</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cgroup_parent">Documentation</a><br/>|
-|Restart Policy On Failure Not Set To 5<br/><sup><sub>2fc99041-ddad-49d5-853f-e35e70a48391</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391" target="_blank">Query details</a><br><a href="https://docs.docker.com/config/containers/start-containers-automatically/#use-a-restart-policy">Documentation</a><br/>|
-|Container Traffic Not Bound To Host Interface<br/><sup><sub>451d79dc-0588-476a-ad03-3c7f0320abb3</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#ports">Documentation</a><br/>|
-|Privileged Ports Mapped In Container<br/><sup><sub>bc2908f3-f73c-40a9-8793-c1b7d5544f79</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
-|Container Capabilities Unrestricted<br/><sup><sub>ce76b7d0-9e77-464d-b86f-c5c48e03e22d</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
-|Default Seccomp Profile Disabled<br/><sup><sub>404fde2c-bc4b-4371-9747-7054132ac953</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
-|Host Namespace is Shared<br/><sup><sub>4f31dd9f-2cc3-4751-9b53-67e4af83dac0</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#pid">Documentation</a><br/>|
-|Memory Not Limited<br/><sup><sub>bb9ac4f7-e13b-423d-a010-c74a1bfbe492</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
-|Pids Limit Not Set<br/><sup><sub>221e0658-cb2a-44e3-b08a-db96a341d6fa</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
-|Security Opt Not Set<br/><sup><sub>610e266e-6c12-4bca-9925-1ed0cd29742b</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
-|Shared Host IPC Namespace<br/><sup><sub>baa3890f-bed7-46f5-ab8f-1da8fc91c729</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
-|Shared Host Network Namespace<br/><sup><sub>071a71ff-f868-47a4-ac0b-3c59e4ab5443</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode">Documentation</a><br/>|
-|Shared Host User Namespace<br/><sup><sub>8af7162d-6c98-482f-868e-0d33fb675ca8</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#userns_mode">Documentation</a><br/>|
-|Cpus Not Limited<br/><sup><sub>6b610c50-99fb-4ef0-a5f3-e312fd945bc3</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
-|Shared Volumes Between Containers<br/><sup><sub>8c978947-0ff6-485c-b0c2-0bfca6026466</sub></sup>|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466" target="_blank">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
+|Docker Socket Mounted In Container<br/><sup><sub>d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#volumes">Documentation</a><br/>|
+|Volume Has Sensitive Host Directory<br/><sup><sub>1c1325ff-831d-43a1-973e-839ae57dfcc0</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference">Documentation</a><br/>|
+|Volume Mounted In Multiple Containers<br/><sup><sub>baa452f0-1f21-4a25-ace5-844e7a5f410d</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
+|No New Privileges Not Set<br/><sup><sub>27fcc7d6-c49b-46e0-98f1-6c082a6a2750</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750')">Query details</a><br><a href="https://docs.docker.com/engine/reference/run/#security-configuration">Documentation</a><br/>|
+|Privileged Containers Enabled<br/><sup><sub>ae5b6871-7f45-42e0-bb4c-ab300c4d2026</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/#privileged">Documentation</a><br/>|
+|Healthcheck Not Set<br/><sup><sub>698ed579-b239-4f8f-a388-baa4bcb13ef8</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck">Documentation</a><br/>|
+|Cgroup Not Default<br/><sup><sub>4d9f44c6-2f4a-4317-9bb5-267adbea0232</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cgroup_parent">Documentation</a><br/>|
+|Restart Policy On Failure Not Set To 5<br/><sup><sub>2fc99041-ddad-49d5-853f-e35e70a48391</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391')">Query details</a><br><a href="https://docs.docker.com/config/containers/start-containers-automatically/#use-a-restart-policy">Documentation</a><br/>|
+|Container Traffic Not Bound To Host Interface<br/><sup><sub>451d79dc-0588-476a-ad03-3c7f0320abb3</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#ports">Documentation</a><br/>|
+|Privileged Ports Mapped In Container<br/><sup><sub>bc2908f3-f73c-40a9-8793-c1b7d5544f79</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
+|Container Capabilities Unrestricted<br/><sup><sub>ce76b7d0-9e77-464d-b86f-c5c48e03e22d</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#cap_add-cap_drop">Documentation</a><br/>|
+|Default Seccomp Profile Disabled<br/><sup><sub>404fde2c-bc4b-4371-9747-7054132ac953</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
+|Host Namespace is Shared<br/><sup><sub>4f31dd9f-2cc3-4751-9b53-67e4af83dac0</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#pid">Documentation</a><br/>|
+|Memory Not Limited<br/><sup><sub>bb9ac4f7-e13b-423d-a010-c74a1bfbe492</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
+|Pids Limit Not Set<br/><sup><sub>221e0658-cb2a-44e3-b08a-db96a341d6fa</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
+|Security Opt Not Set<br/><sup><sub>610e266e-6c12-4bca-9925-1ed0cd29742b</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt">Documentation</a><br/>|
+|Shared Host IPC Namespace<br/><sup><sub>baa3890f-bed7-46f5-ab8f-1da8fc91c729</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir">Documentation</a><br/>|
+|Shared Host Network Namespace<br/><sup><sub>071a71ff-f868-47a4-ac0b-3c59e4ab5443</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode">Documentation</a><br/>|
+|Shared Host User Namespace<br/><sup><sub>8af7162d-6c98-482f-868e-0d33fb675ca8</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#userns_mode">Documentation</a><br/>|
+|Cpus Not Limited<br/><sup><sub>6b610c50-99fb-4ef0-a5f3-e312fd945bc3</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#resources">Documentation</a><br/>|
+|Shared Volumes Between Containers<br/><sup><sub>8c978947-0ff6-485c-b0c2-0bfca6026466</sub></sup>|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466" onclick="newWindowOpenerSafe(event, '../dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466')">Query details</a><br><a href="https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes">Documentation</a><br/>|
diff --git a/docs/queries/dockerfile-queries.md b/docs/queries/dockerfile-queries.md
index 9fb1d4971bf..751030e5ca8 100644
--- a/docs/queries/dockerfile-queries.md
+++ b/docs/queries/dockerfile-queries.md
@@ -3,51 +3,51 @@ This page contains all queries from Dockerfile.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Last User Is 'root'<br/><sup><sub>67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae</sub></sup>|<span style="color:#bb2124">High</span>|Best Practices|<a href="../dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
-|Missing User Instruction<br/><sup><sub>fd54f200-402c-4333-a5a4-36ef6709af2f</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
-|Changing Default Shell Using RUN Command<br/><sup><sub>8a301064-c291-4b20-adcb-403fe7fd95fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#shell">Documentation</a><br/>|
-|Image Version Using 'latest'<br/><sup><sub>f45ea400-6bbe-4501-9fc7-1c3d75c32067</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/dev-best-practices/">Documentation</a><br/>|
-|Not Using JSON In CMD And ENTRYPOINT Arguments<br/><sup><sub>b86987e1-6397-4619-81d5-8807f2387c79</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
-|Run Using Sudo<br/><sup><sub>8ada6e80-0ade-439e-b176-0b28f6bce35a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Add Instead of Copy<br/><sup><sub>9513a694-aa0d-41d8-be61-3271e056f36b</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#add">Documentation</a><br/>|
-|Apt Get Install Pin Version Not Defined<br/><sup><sub>965a08d7-ef86-4f14-8792-4a3b2098937e</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Gem Install Without Version<br/><sup><sub>22cd11f7-9c6c-4f6e-84c0-02058120b341</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Image Version Not Explicit<br/><sup><sub>9efb0b2d-89c9-41a3-91ca-dcc0aec911fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
-|Missing Version Specification In dnf install<br/><sup><sub>93d88cf7-f078-46a8-8ddc-178e03aeacf1</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Missing Zypper Non-interactive Switch<br/><sup><sub>45e1fca5-f90e-465d-825f-c2cb63fa3944</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|NPM Install Command Without Pinned Version<br/><sup><sub>e36d8880-3f78-4546-b9a1-12f0745ca0d5</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Unpinned Package Version in Apk Add<br/><sup><sub>d3499f6d-1651-41bb-a9a7-de925fea487b</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Unpinned Package Version in Pip Install<br/><sup><sub>02d9c71f-3ee8-4986-9c27-1a20d0d19bfc</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Yum install Without Version<br/><sup><sub>6452c424-1d92-4deb-bb18-a03e95d579c4</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Chown Flag Exists<br/><sup><sub>aa93e17f-b6db-4162-9334-c70334e7ac28</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Curl or Wget Instead of Add<br/><sup><sub>4b410d24-1cbe-4430-a632-62c9a931cf1c</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Exposing Port 22 (SSH)<br/><sup><sub>5907595b-5b6d-4142-b173-dbb0e73fbff8</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8" target="_blank">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
-|MAINTAINER Instruction Being Used<br/><sup><sub>99614418-f82b-4852-a9ae-5051402b741c</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#maintainer-deprecated">Documentation</a><br/>|
-|Missing Dnf Clean All<br/><sup><sub>295acb63-9246-4b21-b441-7c1f1fb62dc0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Missing Zypper Clean<br/><sup><sub>38300d1a-feb2-4a48-936a-d1ef1cd24313</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Multiple RUN, ADD, COPY, Instructions Listed<br/><sup><sub>0008c003-79aa-42d8-95b8-1c2fe37dbfe6</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6" target="_blank">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
-|Pip install Keeping Cached Packages<br/><sup><sub>f2f903fb-b977-461e-98d7-b3e2185c6118</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|Yum Clean All Missing<br/><sup><sub>00481784-25aa-4a55-8633-3136dfcf4f37</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|COPY '--from' References Current FROM Alias<br/><sup><sub>cdddb86f-95f6-4fc4-b5a1-483d9afceb2b</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
-|Copy With More Than Two Arguments Not Ending With Slash<br/><sup><sub>6db6e0c2-32a3-4a2e-93b5-72c35f4119db</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#copy">Documentation</a><br/>|
-|Multiple CMD Instructions Listed<br/><sup><sub>41c195f4-fc31-4a5c-8a1b-90605538d49f</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#cmd">Documentation</a><br/>|
-|Multiple ENTRYPOINT Instructions Listed<br/><sup><sub>6938958b-3f1a-451c-909b-baeee14bdc97</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
-|RUN Instruction Using 'cd' Instead of WORKDIR<br/><sup><sub>f4a6bcd3-e231-4acf-993c-aa027be50d2e</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
-|Same Alias In Different Froms<br/><sup><sub>f2daed12-c802-49cd-afed-fe41d0b82fed</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
-|Update Instruction Alone<br/><sup><sub>9bae49be-0aa3-4de5-bab2-4c3a069e40cd</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Using Unnamed Build Stages<br/><sup><sub>68a51e22-ae5a-4d48-8e87-b01a323605c9</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
-|WORKDIR Path Not Absolute<br/><sup><sub>6b376af8-cfe8-49ab-a08d-f32de23661a4</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
-|Healthcheck Instruction Missing<br/><sup><sub>b03a748a-542d-44f4-bb86-9199ab4fd2d5</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#healthcheck">Documentation</a><br/>|
-|Shell Running A Pipe Without Pipefail Flag<br/><sup><sub>efbf148a-67e9-42d2-ac47-02fa1c0d0b22</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|APT-GET Missing Flags To Avoid Manual Input<br/><sup><sub>77783205-c4ca-4f80-bb80-c777f267c547</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Missing Flag From Dnf Install<br/><sup><sub>7ebd323c-31b7-4e5b-b26f-de5e9e477af8</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Run Using 'wget' and 'curl'<br/><sup><sub>fc775e75-fcfb-4c98-b2f2-910c5858b359</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Run Using apt<br/><sup><sub>b84a0b47-2e99-4c9f-8933-98bcabe2b94d</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Yum Install Allows Manual Input<br/><sup><sub>6e19193a-8753-436d-8a09-76dcff91bb03</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Zypper Install Without Version<br/><sup><sub>562952e4-0348-4dea-9826-44f3a2c6117b</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
-|Using Platform Flag with FROM Command<br/><sup><sub>b16e8501-ef3c-44e1-a543-a093238099c9</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
-|UNIX Ports Out Of Range<br/><sup><sub>71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#expose">Documentation</a><br/>|
-|Apk Add Using Local Cache Path<br/><sup><sub>ae9c56a6-3ed1-4ac0-9b54-31267f51151d</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Apt Get Install Lists Were Not Deleted<br/><sup><sub>df746b39-6564-4fed-bf85-e9c44382303c</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c" target="_blank">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
-|APT-GET Not Avoiding Additional Packages<br/><sup><sub>7384dfb2-fcd1-4fbf-91cd-6c44c318c33c</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
-|Run Utilities And POSIX Commands<br/><sup><sub>9b6b0f38-92a2-41f9-b881-3a1083d99f1b</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b" target="_blank">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Last User Is 'root'<br/><sup><sub>67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae</sub></sup>|<span style="color:#bb2124">High</span>|Best Practices|<a href="../dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
+|Missing User Instruction<br/><sup><sub>fd54f200-402c-4333-a5a4-36ef6709af2f</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#user">Documentation</a><br/>|
+|Changing Default Shell Using RUN Command<br/><sup><sub>8a301064-c291-4b20-adcb-403fe7fd95fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#shell">Documentation</a><br/>|
+|Image Version Using 'latest'<br/><sup><sub>f45ea400-6bbe-4501-9fc7-1c3d75c32067</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067')">Query details</a><br><a href="https://docs.docker.com/develop/dev-best-practices/">Documentation</a><br/>|
+|Not Using JSON In CMD And ENTRYPOINT Arguments<br/><sup><sub>b86987e1-6397-4619-81d5-8807f2387c79</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
+|Run Using Sudo<br/><sup><sub>8ada6e80-0ade-439e-b176-0b28f6bce35a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Add Instead of Copy<br/><sup><sub>9513a694-aa0d-41d8-be61-3271e056f36b</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#add">Documentation</a><br/>|
+|Apt Get Install Pin Version Not Defined<br/><sup><sub>965a08d7-ef86-4f14-8792-4a3b2098937e</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Gem Install Without Version<br/><sup><sub>22cd11f7-9c6c-4f6e-84c0-02058120b341</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Image Version Not Explicit<br/><sup><sub>9efb0b2d-89c9-41a3-91ca-dcc0aec911fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
+|Missing Version Specification In dnf install<br/><sup><sub>93d88cf7-f078-46a8-8ddc-178e03aeacf1</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Missing Zypper Non-interactive Switch<br/><sup><sub>45e1fca5-f90e-465d-825f-c2cb63fa3944</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|NPM Install Command Without Pinned Version<br/><sup><sub>e36d8880-3f78-4546-b9a1-12f0745ca0d5</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Unpinned Package Version in Apk Add<br/><sup><sub>d3499f6d-1651-41bb-a9a7-de925fea487b</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Unpinned Package Version in Pip Install<br/><sup><sub>02d9c71f-3ee8-4986-9c27-1a20d0d19bfc</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Yum install Without Version<br/><sup><sub>6452c424-1d92-4deb-bb18-a03e95d579c4</sub></sup>|<span style="color:#ff7213">Medium</span>|Supply-Chain|<a href="../dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Chown Flag Exists<br/><sup><sub>aa93e17f-b6db-4162-9334-c70334e7ac28</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Curl or Wget Instead of Add<br/><sup><sub>4b410d24-1cbe-4430-a632-62c9a931cf1c</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Exposing Port 22 (SSH)<br/><sup><sub>5907595b-5b6d-4142-b173-dbb0e73fbff8</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8')">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
+|MAINTAINER Instruction Being Used<br/><sup><sub>99614418-f82b-4852-a9ae-5051402b741c</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#maintainer-deprecated">Documentation</a><br/>|
+|Missing Dnf Clean All<br/><sup><sub>295acb63-9246-4b21-b441-7c1f1fb62dc0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Missing Zypper Clean<br/><sup><sub>38300d1a-feb2-4a48-936a-d1ef1cd24313</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Multiple RUN, ADD, COPY, Instructions Listed<br/><sup><sub>0008c003-79aa-42d8-95b8-1c2fe37dbfe6</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6')">Query details</a><br><a href="https://sysdig.com/blog/dockerfile-best-practices/">Documentation</a><br/>|
+|Pip install Keeping Cached Packages<br/><sup><sub>f2f903fb-b977-461e-98d7-b3e2185c6118</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|Yum Clean All Missing<br/><sup><sub>00481784-25aa-4a55-8633-3136dfcf4f37</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|COPY '--from' References Current FROM Alias<br/><sup><sub>cdddb86f-95f6-4fc4-b5a1-483d9afceb2b</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
+|Copy With More Than Two Arguments Not Ending With Slash<br/><sup><sub>6db6e0c2-32a3-4a2e-93b5-72c35f4119db</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#copy">Documentation</a><br/>|
+|Multiple CMD Instructions Listed<br/><sup><sub>41c195f4-fc31-4a5c-8a1b-90605538d49f</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#cmd">Documentation</a><br/>|
+|Multiple ENTRYPOINT Instructions Listed<br/><sup><sub>6938958b-3f1a-451c-909b-baeee14bdc97</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#entrypoint">Documentation</a><br/>|
+|RUN Instruction Using 'cd' Instead of WORKDIR<br/><sup><sub>f4a6bcd3-e231-4acf-993c-aa027be50d2e</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
+|Same Alias In Different Froms<br/><sup><sub>f2daed12-c802-49cd-afed-fe41d0b82fed</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
+|Update Instruction Alone<br/><sup><sub>9bae49be-0aa3-4de5-bab2-4c3a069e40cd</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Using Unnamed Build Stages<br/><sup><sub>68a51e22-ae5a-4d48-8e87-b01a323605c9</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/multistage-build/">Documentation</a><br/>|
+|WORKDIR Path Not Absolute<br/><sup><sub>6b376af8-cfe8-49ab-a08d-f32de23661a4</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#workdir">Documentation</a><br/>|
+|Healthcheck Instruction Missing<br/><sup><sub>b03a748a-542d-44f4-bb86-9199ab4fd2d5</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#healthcheck">Documentation</a><br/>|
+|Shell Running A Pipe Without Pipefail Flag<br/><sup><sub>efbf148a-67e9-42d2-ac47-02fa1c0d0b22</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Defaults|<a href="../dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|APT-GET Missing Flags To Avoid Manual Input<br/><sup><sub>77783205-c4ca-4f80-bb80-c777f267c547</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Missing Flag From Dnf Install<br/><sup><sub>7ebd323c-31b7-4e5b-b26f-de5e9e477af8</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Run Using 'wget' and 'curl'<br/><sup><sub>fc775e75-fcfb-4c98-b2f2-910c5858b359</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Run Using apt<br/><sup><sub>b84a0b47-2e99-4c9f-8933-98bcabe2b94d</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Yum Install Allows Manual Input<br/><sup><sub>6e19193a-8753-436d-8a09-76dcff91bb03</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Zypper Install Without Version<br/><sup><sub>562952e4-0348-4dea-9826-44f3a2c6117b</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run">Documentation</a><br/>|
+|Using Platform Flag with FROM Command<br/><sup><sub>b16e8501-ef3c-44e1-a543-a093238099c9</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#from">Documentation</a><br/>|
+|UNIX Ports Out Of Range<br/><sup><sub>71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#expose">Documentation</a><br/>|
+|Apk Add Using Local Cache Path<br/><sup><sub>ae9c56a6-3ed1-4ac0-9b54-31267f51151d</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Apt Get Install Lists Were Not Deleted<br/><sup><sub>df746b39-6564-4fed-bf85-e9c44382303c</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c')">Query details</a><br><a href="https://docs.docker.com/develop/develop-images/dockerfile_best-practices/">Documentation</a><br/>|
+|APT-GET Not Avoiding Additional Packages<br/><sup><sub>7384dfb2-fcd1-4fbf-91cd-6c44c318c33c</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
+|Run Utilities And POSIX Commands<br/><sup><sub>9b6b0f38-92a2-41f9-b881-3a1083d99f1b</sub></sup>|<span style="color:#5bc0de">Info</span>|Supply-Chain|<a href="../dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b" onclick="newWindowOpenerSafe(event, '../dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b')">Query details</a><br><a href="https://docs.docker.com/engine/reference/builder/#run">Documentation</a><br/>|
diff --git a/docs/queries/googledeploymentmanager-queries.md b/docs/queries/googledeploymentmanager-queries.md
index 422a620b0e8..35987599243 100644
--- a/docs/queries/googledeploymentmanager-queries.md
+++ b/docs/queries/googledeploymentmanager-queries.md
@@ -8,38 +8,38 @@ Below are listed queries related to GoogleDeploymentManager GCP:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>63ae3638-a38c-4ff4-b616-6e1f72a31a6a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|BigQuery Dataset Is Public<br/><sup><sub>83103dff-d57f-42a8-bd81-40abab64c1a7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7" target="_blank">Query details</a><br><a href="https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets">Documentation</a><br/>|
-|SQL DB Instance With SSL Disabled<br/><sup><sub>660360d3-9ca7-46d1-b147-3acc4002953f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f" target="_blank">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
-|Client Certificate Disabled<br/><sup><sub>dd690686-2bf9-4012-a821-f61912dd77be</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|GKE Legacy Authorization Enabled<br/><sup><sub>df58d46c-783b-43e0-bdd0-d99164f712ee</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.LegacyAbac">Documentation</a><br/>|
-|Google Storage Bucket Level Access Disabled<br/><sup><sub>1239f54b-33de-482a-8132-faebe288e6a6</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|MySQL Instance With Local Infile On<br/><sup><sub>c759d6f2-4dd3-4160-82d3-89202ef10d87</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87" target="_blank">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
-|RDP Access Is Not Restricted<br/><sup><sub>50cb6c3b-c878-4b88-b50e-d1421bada9e8</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
-|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls">Documentation</a><br/>|
-|SQL DB Instance Backup Disabled<br/><sup><sub>a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01" target="_blank">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>fc040fb6-4c23-4c0d-b12a-39edac35debb</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|DNSSEC Using RSASHA1<br/><sup><sub>6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35" target="_blank">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
-|Cloud DNS Without DNSSEC<br/><sup><sub>313d6deb-3b67-4948-b41d-35b699c2492e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e" target="_blank">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
-|Cluster Master Authentication Disabled<br/><sup><sub>7ef7d141-9fbb-4679-a977-fd0883436906</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
-|IP Aliasing Disabled<br/><sup><sub>28727987-e398-49b8-aef1-8a3e7789d111</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
-|Network Policy Disabled<br/><sup><sub>c47f90e8-4a19-43f0-8413-cc434d286c4e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|OSLogin Is Disabled In VM Instance<br/><sup><sub>e66e1b71-c810-4b4e-a737-0ab59e7f5e41</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|Private Cluster Disabled<br/><sup><sub>48c61fbd-09c9-46cc-a521-012e0c325412</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Shielded VM Disabled<br/><sup><sub>9038b526-4c19-4928-bca2-c03d503bdb79</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|Compute Instance Is Publicly Accessible<br/><sup><sub>8212e2d7-e683-49bc-bf78-d6799075c5a7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|GKE Master Authorized Networks Disabled<br/><sup><sub>62c8cf50-87f0-4295-a974-8184ed78fe02</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|IP Forwarding Enabled<br/><sup><sub>7c98538a-81c6-444b-bf04-e60bc3ceeec0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|SSH Access Is Not Restricted<br/><sup><sub>dee21308-2a7a-49de-8ff7-c9b87e188575</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
-|Bucket Without Versioning<br/><sup><sub>227c2f58-70c6-4432-8e9a-a89c1a548cf5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>ad0875c1-0b39-4890-9149-173158ba3bba</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba" target="_blank">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
-|Stackdriver Logging Disabled<br/><sup><sub>95601b9a-7fe8-4aee-9b58-d36fd9382dfc</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Stackdriver Monitoring Disabled<br/><sup><sub>bbfc97ab-e92a-4a7b-954c-e88cec815011</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Node Auto Upgrade Disabled<br/><sup><sub>dc5c5fee-6c53-43b0-ab11-4c660e064aaf</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>6e2b1ec1-1eca-4eb7-9d4d-2882680b4811</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811" target="_blank">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
-|Cluster Labels Disabled<br/><sup><sub>8810968b-4b15-421d-918b-d91eb4bb8d1d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
-|COS Node Image Not Used<br/><sup><sub>dbe058d7-b82e-430b-8426-992b2e4677e7</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7" target="_blank">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters.nodePools">Documentation</a><br/>|
-|Not Proper Email Account In Use<br/><sup><sub>a21b8df3-c840-4b3d-a41a-10fb2afda171</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171" target="_blank">Query details</a><br><a href="https://cloud.google.com/deployment-manager/docs/configuration/set-access-control-resources">Documentation</a><br/>|
+|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>63ae3638-a38c-4ff4-b616-6e1f72a31a6a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|BigQuery Dataset Is Public<br/><sup><sub>83103dff-d57f-42a8-bd81-40abab64c1a7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7')">Query details</a><br><a href="https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets">Documentation</a><br/>|
+|SQL DB Instance With SSL Disabled<br/><sup><sub>660360d3-9ca7-46d1-b147-3acc4002953f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f')">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
+|Client Certificate Disabled<br/><sup><sub>dd690686-2bf9-4012-a821-f61912dd77be</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|GKE Legacy Authorization Enabled<br/><sup><sub>df58d46c-783b-43e0-bdd0-d99164f712ee</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.LegacyAbac">Documentation</a><br/>|
+|Google Storage Bucket Level Access Disabled<br/><sup><sub>1239f54b-33de-482a-8132-faebe288e6a6</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|MySQL Instance With Local Infile On<br/><sup><sub>c759d6f2-4dd3-4160-82d3-89202ef10d87</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87')">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
+|RDP Access Is Not Restricted<br/><sup><sub>50cb6c3b-c878-4b88-b50e-d1421bada9e8</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
+|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls">Documentation</a><br/>|
+|SQL DB Instance Backup Disabled<br/><sup><sub>a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01')">Query details</a><br><a href="https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1beta4/instances">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>fc040fb6-4c23-4c0d-b12a-39edac35debb</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|DNSSEC Using RSASHA1<br/><sup><sub>6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35')">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
+|Cloud DNS Without DNSSEC<br/><sup><sub>313d6deb-3b67-4948-b41d-35b699c2492e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e')">Query details</a><br><a href="https://cloud.google.com/dns/docs/reference/v1/managedZones">Documentation</a><br/>|
+|Cluster Master Authentication Disabled<br/><sup><sub>7ef7d141-9fbb-4679-a977-fd0883436906</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
+|IP Aliasing Disabled<br/><sup><sub>28727987-e398-49b8-aef1-8a3e7789d111</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters">Documentation</a><br/>|
+|Network Policy Disabled<br/><sup><sub>c47f90e8-4a19-43f0-8413-cc434d286c4e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|OSLogin Is Disabled In VM Instance<br/><sup><sub>e66e1b71-c810-4b4e-a737-0ab59e7f5e41</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|Private Cluster Disabled<br/><sup><sub>48c61fbd-09c9-46cc-a521-012e0c325412</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Shielded VM Disabled<br/><sup><sub>9038b526-4c19-4928-bca2-c03d503bdb79</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|Compute Instance Is Publicly Accessible<br/><sup><sub>8212e2d7-e683-49bc-bf78-d6799075c5a7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|GKE Master Authorized Networks Disabled<br/><sup><sub>62c8cf50-87f0-4295-a974-8184ed78fe02</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|IP Forwarding Enabled<br/><sup><sub>7c98538a-81c6-444b-bf04-e60bc3ceeec0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|SSH Access Is Not Restricted<br/><sup><sub>dee21308-2a7a-49de-8ff7-c9b87e188575</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/firewalls">Documentation</a><br/>|
+|Bucket Without Versioning<br/><sup><sub>227c2f58-70c6-4432-8e9a-a89c1a548cf5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>ad0875c1-0b39-4890-9149-173158ba3bba</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba')">Query details</a><br><a href="https://cloud.google.com/storage/docs/json_api/v1/buckets">Documentation</a><br/>|
+|Stackdriver Logging Disabled<br/><sup><sub>95601b9a-7fe8-4aee-9b58-d36fd9382dfc</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Stackdriver Monitoring Disabled<br/><sup><sub>bbfc97ab-e92a-4a7b-954c-e88cec815011</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Node Auto Upgrade Disabled<br/><sup><sub>dc5c5fee-6c53-43b0-ab11-4c660e064aaf</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>6e2b1ec1-1eca-4eb7-9d4d-2882680b4811</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811')">Query details</a><br><a href="https://cloud.google.com/compute/docs/reference/rest/v1/instances">Documentation</a><br/>|
+|Cluster Labels Disabled<br/><sup><sub>8810968b-4b15-421d-918b-d91eb4bb8d1d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters">Documentation</a><br/>|
+|COS Node Image Not Used<br/><sup><sub>dbe058d7-b82e-430b-8426-992b2e4677e7</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7')">Query details</a><br><a href="https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters.nodePools">Documentation</a><br/>|
+|Not Proper Email Account In Use<br/><sup><sub>a21b8df3-c840-4b3d-a41a-10fb2afda171</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171')">Query details</a><br><a href="https://cloud.google.com/deployment-manager/docs/configuration/set-access-control-resources">Documentation</a><br/>|
 
 ### GCP_BOM
 Below are listed queries related to GoogleDeploymentManager GCP_BOM:
@@ -48,6 +48,6 @@ Below are listed queries related to GoogleDeploymentManager GCP_BOM:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|BOM - GCP PD<br/><sup><sub>268c65a8-58ad-43e4-9019-1a9bbc56749f</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP PST<br/><sup><sub>9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP SB<br/><sup><sub>c7781feb-a955-4f9f-b9cf-0d7c6f54bb59</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PD<br/><sup><sub>268c65a8-58ad-43e4-9019-1a9bbc56749f</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PST<br/><sup><sub>9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP SB<br/><sup><sub>c7781feb-a955-4f9f-b9cf-0d7c6f54bb59</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59" onclick="newWindowOpenerSafe(event, '../googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
diff --git a/docs/queries/grpc-queries.md b/docs/queries/grpc-queries.md
index f14d5ce1d28..a438bd89ed8 100644
--- a/docs/queries/grpc-queries.md
+++ b/docs/queries/grpc-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from GRPC.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Enum Name Not CamelCase<br/><sup><sub>daaace5f-c0dc-4835-b526-7a116b7f4b4e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e" target="_blank">Query details</a><br><a href="https://developers.google.com/protocol-buffers/docs/reference/proto3-spec#enum_definition">Documentation</a><br/>|
+|Enum Name Not CamelCase<br/><sup><sub>daaace5f-c0dc-4835-b526-7a116b7f4b4e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e" onclick="newWindowOpenerSafe(event, '../grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e')">Query details</a><br><a href="https://developers.google.com/protocol-buffers/docs/reference/proto3-spec#enum_definition">Documentation</a><br/>|
diff --git a/docs/queries/knative-queries.md b/docs/queries/knative-queries.md
index 8139fc53952..cf152f6b041 100644
--- a/docs/queries/knative-queries.md
+++ b/docs/queries/knative-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from Knative.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Serving Revision Spec Without Timeout Seconds<br/><sup><sub>e8bb41e4-2f24-4e84-8bea-8c7c070cf93d</sub></sup>|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d" target="_blank">Query details</a><br><a href="https://knative.dev/docs/reference/api/serving-api/#serving.knative.dev/v1.RevisionSpec">Documentation</a><br/>|
+|Serving Revision Spec Without Timeout Seconds<br/><sup><sub>e8bb41e4-2f24-4e84-8bea-8c7c070cf93d</sub></sup>|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d" onclick="newWindowOpenerSafe(event, '../knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d')">Query details</a><br><a href="https://knative.dev/docs/reference/api/serving-api/#serving.knative.dev/v1.RevisionSpec">Documentation</a><br/>|
diff --git a/docs/queries/kubernetes-queries.md b/docs/queries/kubernetes-queries.md
index 578358c1b61..4fbf72e6016 100644
--- a/docs/queries/kubernetes-queries.md
+++ b/docs/queries/kubernetes-queries.md
@@ -3,145 +3,145 @@ This page contains all queries from Kubernetes.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Authorization Mode Set To Always Allow<br/><sup><sub>f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Basic Auth File Is Set<br/><sup><sub>5da47109-f8d6-4585-9e2b-96a8958a12f5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Client Certificate Authentication Not Setup Properly<br/><sup><sub>e0e00aba-5f1c-4981-a542-9a9563c0ee20</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Non Kube System Pod With Host Mount<br/><sup><sub>aa8f7a35-9923-4cad-bd61-a19b7f6aac91</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
-|RBAC Wildcard In Rule<br/><sup><sub>6b896afb-ca07-467a-b256-1a0077a1c08e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|Service Account Lookup Set To False<br/><sup><sub>a5530bd7-225a-48f9-91bb-f40b04200165</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Token Auth File Is Set<br/><sup><sub>32ecd76e-7bbf-402e-bf48-8b9485749558</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Pod Security Policy Admission Control Plugin Not Set<br/><sup><sub>afa36afb-39fe-4d94-b9b6-afb236f7a03d</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Cluster Allows Unsafe Sysctls<br/><sup><sub>9127f0d9-2310-42e7-866f-5fd9d20dcbad</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/">Documentation</a><br/>|
-|Container Is Privileged<br/><sup><sub>dd29336b-fe57-445b-a26e-e6aa867ae609</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/#privileged-mode-for-containers">Documentation</a><br/>|
-|Container Runs Unmasked<br/><sup><sub>f922827f-aab6-447c-832a-e1ff63312bd3</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#allowedprocmounttypes">Documentation</a><br/>|
-|Containers With Sys Admin Capabilities<br/><sup><sub>235236ee-ad78-4065-bd29-61b061f28ce0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Privilege Escalation Allowed<br/><sup><sub>5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>a33e9173-b674-4dfb-9d82-cf3754816e4b</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|PSP Allows Privilege Escalation<br/><sup><sub>87554eef-154d-411d-bdce-9dbd91e56851</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|PSP Allows Sharing Host IPC<br/><sup><sub>80f93444-b240-4ebb-a4c6-5c40b76c04ea</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|PSP Set To Privileged<br/><sup><sub>c48e57d3-d642-4e0b-90db-37f807b41b91</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#privileged">Documentation</a><br/>|
-|PSP With Added Capabilities<br/><sup><sub>7307579a-3abb-46ad-9ce5-2a915634d5c8</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Shared Host PID Namespace<br/><sup><sub>302736f4-b16c-41b8-befe-c0baffa0bd9d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Tiller (Helm v2) Is Deployed<br/><sup><sub>6d173be7-545a-46c6-a81d-2ae52ed1605d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
-|Tiller Service Is Not Deleted<br/><sup><sub>8b862ca9-0fbd-4959-ad72-b6609bdaa22d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service">Documentation</a><br/>|
-|Workload Mounting With Sensitive OS Directory<br/><sup><sub>5308a7a8-06f8-45ac-bf10-791fe21de46e</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Etcd Peer TLS Certificate Files Not Properly Set<br/><sup><sub>09bb9e96-8da3-4736-b89a-b36814acca60</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Insecure Bind Address Set<br/><sup><sub>b9380fd3-5ffe-4d10-9290-13e18e71eee1</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Insecure Port Not Properly Set<br/><sup><sub>fa4def8c-1898-4a35-a139-7b76b1acdef0</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Secure Port Set To Zero<br/><sup><sub>3d24b204-b73d-42cb-b0bf-1a5438c5f71e</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Tiller Deployment Is Accessible From Within The Cluster<br/><sup><sub>e17fa86a-6222-4584-a914-56e8f6c87e06</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
-|PSP With Unrestricted Access to Host Path<br/><sup><sub>de4421f1-4e35-43b4-9783-737dd4e4a47e</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems">Documentation</a><br/>|
-|Volume Mount With OS Directory Write Permissions<br/><sup><sub>b7652612-de4e-4466-a0bf-1cd81f0c6063</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
-|Always Admit Admission Control Plugin Set<br/><sup><sub>ce30e584-b33f-4c7d-b418-a3d7027f8f60</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Anonymous Auth Is Not Set To False<br/><sup><sub>1de5cc51-f376-4638-a940-20f2e85ae238</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Authorization Mode RBAC Not Set<br/><sup><sub>1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>a6f34658-fdfb-4154-9536-56d516f65828</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
-|Node Restriction Admission Control Plugin Not Set<br/><sup><sub>33fc6923-6553-4fe6-9d3a-4efa51eb874b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Permissive Access to Create Pods<br/><sup><sub>592ad21d-ad9b-46c6-8d2d-fad09d62a942</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#privilege-escalation-prevention-and-bootstrapping">Documentation</a><br/>|
-|RBAC Roles Allow Privilege Escalation<br/><sup><sub>8320826e-7a9c-4b0b-9535-578333193432</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#restrictions-on-role-binding-creation-or-update">Documentation</a><br/>|
-|RBAC Roles with Attach Permission<br/><sup><sub>d45330fd-f58d-45fb-a682-6481477a0f84</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|RBAC Roles with Exec Permission<br/><sup><sub>c589f42c-7924-4871-aee2-1cede9bc7cbc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|RBAC Roles with Impersonate Permission<br/><sup><sub>9f85c3f6-26fd-4007-938a-2e0cb0100980</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation">Documentation</a><br/>|
-|RBAC Roles with Port-Forwarding Permission<br/><sup><sub>38fa11ef-dbcc-4da8-9680-7e1fd855b6fb</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|RBAC Roles with Read Secrets Permissions<br/><sup><sub>b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|Service Account Admission Control Plugin Disabled<br/><sup><sub>9587c890-0524-40c2-9ce2-663af7c2f063</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Use Service Account Credentials Not Set To True<br/><sup><sub>1acd93f1-5a37-45c0-aaac-82ece818be7d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Readiness Probe Is Not Configured<br/><sup><sub>a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes">Documentation</a><br/>|
-|Request Timeout Not Properly Set<br/><sup><sub>d89a15bb-8dba-4c71-9529-bef6729b9c09</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Terminated Pod Garbage Collector Threshold Not Properly Set<br/><sup><sub>49113af4-29ca-458e-b8d4-724c01a4a24f</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Container Running As Root<br/><sup><sub>cf34805e-3872-4c08-bf92-6ff7bb0cfadb</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Container Running With Low UID<br/><sup><sub>02323c00-cdc3-4fdc-a310-4f2b3e7a1660</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Root Containers Admitted<br/><sup><sub>e3aa0612-4351-4a0d-983f-aefea25cf203</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Always Pull Images Admission Control Plugin Not Set<br/><sup><sub>a77f4d07-c6e0-4a48-8b35-0eeb51576f4f</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>3878dc92-8e5d-47cf-9cdd-7590f71d21b9</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
-|Encryption Provider Config Is Not Defined<br/><sup><sub>cbd2db69-0b21-4c14-8a40-7710a50571a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Encryption Provider Not Properly Configured<br/><sup><sub>10efce34-5af6-4d83-b414-9e096d5a06a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#understanding-the-encryption-at-rest-configuration">Documentation</a><br/>|
-|Root CA File Not Defined<br/><sup><sub>05fb986f-ac73-4ebb-a5b2-7faafa93d882</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Service Account Private Key File Not Defined<br/><sup><sub>ccc98ff7-68a7-436e-9218-185cb0b0b780</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Weak TLS Cipher Suites<br/><sup><sub>510d5810-9a30-443a-817d-5c1fa527b110</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Authorization Mode Node Not Set<br/><sup><sub>4d7ee40f-fc5d-427d-8cac-dffbe22d42d1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Containers With Added Capabilities<br/><sup><sub>19ebaa28-fc86-4a58-bcfa-015c9e22fe40</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Ingress Controller Exposes Workload<br/><sup><sub>69bbc5e3-0818-4150-89cc-1e989b48f23b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/">Documentation</a><br/>|
-|Kubelet Protect Kernel Defaults Set To False<br/><sup><sub>6cf42c97-facd-4fda-b8af-ea4529123355</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>2270987f-bb51-479f-b8be-3ca73e5ad648</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>dbbc6705-d541-43b0-b166-dd4be8208b54</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|PSP Allows Sharing Host PID<br/><sup><sub>91dacd0e-d189-4a9c-8272-5999a3cc32d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Seccomp Profile Is Not Configured<br/><sup><sub>f377b83e-bd07-4f48-a591-60c82b14a78b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/security/seccomp/#create-pod-that-uses-the-container-runtime-default-seccomp-profile">Documentation</a><br/>|
-|Security Context Deny Admission Control Plugin Not Set<br/><sup><sub>6a68bebe-c021-492e-8ddb-55b0567fb768</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Using Unrecommended Namespace<br/><sup><sub>611ab018-c4aa-4ba2-b0f6-a448337509a6</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/">Documentation</a><br/>|
-|Role Binding To Default Service Account<br/><sup><sub>1e749bc9-fde8-471c-af0c-8254efd2dee5</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
-|Service Account Name Undefined Or Empty<br/><sup><sub>591ade62-d6b0-4580-b1ae-209f80ba1cd9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
-|Service Account Token Automount Not Disabled<br/><sup><sub>48471392-d4d0-47c0-b135-cdec95eb3eef</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server">Documentation</a><br/>|
-|Auto TLS Set To True<br/><sup><sub>98ce8b81-7707-4734-aa39-627c6db3d84b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|CNI Plugin Does Not Support Network Policies<br/><sup><sub>03aabc8c-35d6-481e-9c85-20139cf72d23</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/">Documentation</a><br/>|
-|Etcd TLS Certificate Files Not Properly Set<br/><sup><sub>075ca296-6768-4322-aea2-ba5063b969a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Etcd TLS Certificate Not Properly Configured<br/><sup><sub>895a5a95-3756-4b04-9924-2f3bc93181bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet HTTPS Set To False<br/><sup><sub>cdc8b54e-6b16-4538-a1b0-35849dbe29cf</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet Not Managing Ip Tables<br/><sup><sub>5f89001f-6dd9-49ff-9b15-d8cd71b617f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Kubelet Read Only Port Is Not Set To Zero<br/><sup><sub>2940d48a-dc5e-4178-a3f8-bfbd80720b41</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Kubelet Streaming Connection Timeout Disabled<br/><sup><sub>ed89b97d-04e9-4fd4-919f-ee5b27e555e9</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Peer Auto TLS Set To True<br/><sup><sub>ae8827e2-4af9-4baa-9998-87539ae0d6f0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Pod Misconfigured Network Policy<br/><sup><sub>0401f71b-9c1e-4821-ab15-a955caa621be</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
-|Service With External Load Balancer<br/><sup><sub>26763a1c-5dda-4772-b507-5fca7fb5f165</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/">Documentation</a><br/>|
-|TSL Connection Certificate Not Setup<br/><sup><sub>fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Audit Log Path Not Set<br/><sup><sub>73e251f0-363d-4e53-86e2-0a93592437eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Policy File Not Defined<br/><sup><sub>13a49a2e-488e-4309-a7c0-d6b05577a5fb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Memory Limits Not Defined<br/><sup><sub>b14d1bc4-a208-45db-92f0-e21f8e2588e9</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
-|Memory Requests Not Defined<br/><sup><sub>229588ef-8fde-40c8-8756-f4f2b5825ded</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
-|Shared Host IPC Namespace<br/><sup><sub>cd290efd-6c82-4e9d-a698-be12ae31d536</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Shared Host Network Namespace<br/><sup><sub>6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Etcd Client Certificate Authentication Set To False<br/><sup><sub>9391103a-d8d7-4671-ac5d-606ba7ccb0ac</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Etcd Client Certificate File Not Defined<br/><sup><sub>3f5ff8a7-5ad6-4d02-86f5-666307da1b20</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Etcd Peer Client Certificate Authentication Set To False<br/><sup><sub>b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff" target="_blank">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
-|Kubelet Certificate Authority Not Set<br/><sup><sub>ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet Client Certificate Or Key Not Set<br/><sup><sub>36a27826-1bf5-49da-aeb0-a60a30c0e834</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Kubelet Client Periodic Certificate Switch Disabled<br/><sup><sub>52d70f2e-3257-474c-b3dc-8ad9ba6a061a</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Not Unique Certificate Authority<br/><sup><sub>cb7e695d-6a85-495c-b15f-23aed2519303</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Rotate Kubelet Server Certificate Not Active<br/><sup><sub>1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
-|Service Account Key File Not Properly Set<br/><sup><sub>dab4ec72-ce2e-4732-b7c3-1757dcce01a1</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|ServiceAccount Allows Access Secrets<br/><sup><sub>056ac60e-fe07-4acc-9b34-8e1d51716ab9</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
-|Shared Service Account<br/><sup><sub>c1032cf7-3628-44e2-bd53-38c17cf31b6b</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
-|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>249328b8-5f0f-409f-b1dd-029f07882e11</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles">Documentation</a><br/>|
-|Missing AppArmor Profile<br/><sup><sub>8b36775e-183d-4d46-b0f7-96a6f34a723f</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/clusters/apparmor/">Documentation</a><br/>|
-|Deployment Without PodDisruptionBudget<br/><sup><sub>b23e9b98-0cb6-4fc9-b257-1f3270442678</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
-|Event Rate Limit Admission Control Plugin Not Set<br/><sup><sub>e0099af2-fe17-411f-9991-0de28fe15f3c</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|HPA Targets Invalid Object<br/><sup><sub>2f652c42-619d-4361-b361-9f599688f8ca</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
-|StatefulSet Without PodDisruptionBudget<br/><sup><sub>1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
-|StatefulSet Without Service Name<br/><sup><sub>bb241e61-77c3-4b97-9575-c0f8a1e008d0</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
-|Metadata Label Is Invalid<br/><sup><sub>1123031a-f921-4c5b-bd86-ef354ecfd37a</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/">Documentation</a><br/>|
-|No Drop Capabilities for Containers<br/><sup><sub>268ca686-7fb7-4ae9-b129-955a2a89064e</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/init-containers/">Documentation</a><br/>|
-|Object Is Using A Deprecated API Version<br/><sup><sub>94b76ea5-e074-4ca2-8a03-c5a606e30645</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/using-api/deprecation-guide/">Documentation</a><br/>|
-|Image Policy Webhook Admission Control Plugin Not Set<br/><sup><sub>14abda69-8e91-4acb-9931-76e2bee90284</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Namespace Lifecycle Admission Control Plugin Disabled<br/><sup><sub>1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Root Container Not Mounted Read-only<br/><sup><sub>a9c2f49d-0671-4fc9-9ece-f4e261e128d0</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|StatefulSet Requests Storage<br/><sup><sub>8cf4671a-cf3d-46fc-8389-21e7405063a2</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
-|Dashboard Is Enabled<br/><sup><sub>d2ad057f-0928-41ef-a83c-f59203bb855b</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/">Documentation</a><br/>|
-|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>caa3479d-885d-4882-9aac-95e5e78ef5c2</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
-|Image Without Digest<br/><sup><sub>7c81d34c-8e5a-402b-9798-9f442630e678</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
-|Kubelet Hostname Override Is Set<br/><sup><sub>bf36b900-b5ef-4828-adb7-70eb543b7cfb</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Pod or Container Without LimitRange<br/><sup><sub>4a20ebac-1060-4c81-95d1-1f7f620e983b</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/limit-range/">Documentation</a><br/>|
-|Pod or Container Without ResourceQuota<br/><sup><sub>48a5beba-e4c0-4584-a2aa-e6894e4cf424</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/resource-quotas/">Documentation</a><br/>|
-|Pod or Container Without Security Context<br/><sup><sub>a97a340a-0063-418e-b3a1-3028941d0995</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
-|Service Does Not Target Pod<br/><sup><sub>3ca03a61-3249-4c16-8427-6f8e47dda729</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
-|Network Policy Is Not Targeting Any Pod<br/><sup><sub>85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
-|Service Type is NodePort<br/><sup><sub>845acfbe-3e10-4b8e-b656-3b404d36dfb2</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
-|Workload Host Port Not Specified<br/><sup><sub>2b1836f1-dcce-416e-8e16-da8c71920633</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#exposing-the-service">Documentation</a><br/>|
-|Audit Log Maxage Not Properly Set<br/><sup><sub>da9f3aa8-fbfb-472f-b5a1-576127944218</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Log Maxbackup Not Properly Set<br/><sup><sub>768aab52-2504-4a2f-a3e3-329d5a679848</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Log Maxsize Not Properly Set<br/><sup><sub>35c0a471-f7c8-4993-aa2c-503a3c712a66</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|Audit Policy Not Cover Key Security Concerns<br/><sup><sub>1828a670-5957-4bc5-9974-47da228f75e2</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/debug-application-cluster/audit/">Documentation</a><br/>|
-|Kubelet Event QPS Not Properly Set<br/><sup><sub>1a07a446-8e61-4e4d-bc16-b0781fcb8211</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
-|Profiling Not Set To False<br/><sup><sub>2f491173-6375-4a84-b28e-a4e2b9a58a69</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
-|CPU Limits Not Set<br/><sup><sub>4ac0e2b7-d2d2-4af7-8799-e8de6721ccda</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/">Documentation</a><br/>|
-|CPU Requests Not Set<br/><sup><sub>ca469dd4-c736-448f-8ac1-30a642705e0a</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#">Documentation</a><br/>|
-|CronJob Deadline Not Configured<br/><sup><sub>192fe40b-b1c3-448a-aba2-6cc19a300fe3</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/">Documentation</a><br/>|
-|Deployment Has No PodAntiAffinity<br/><sup><sub>a31b7b82-d994-48c4-bd21-3bab6c31827a</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
-|StatefulSet Has No PodAntiAffinity<br/><sup><sub>d740d048-8ed3-49d3-b77b-6f072f3b669e</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
-|Secrets As Environment Variables<br/><sup><sub>3d658f8b-d988-41a0-a841-40043121de1e</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables">Documentation</a><br/>|
-|Invalid Image Tag<br/><sup><sub>583053b7-e632-46f0-b989-f81ff8045385</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
-|Ensure Administrative Boundaries Between Resources<br/><sup><sub>e84eaf4d-2f45-47b2-abe8-e581b06deb66</sub></sup>|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/">Documentation</a><br/>|
-|HPA Targeted Deployments With Configured Replica Count<br/><sup><sub>5744cbb8-5946-4b75-a196-ade44449525b</sub></sup>|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
-|Liveness Probe Is Not Defined<br/><sup><sub>ade74944-a674-4e00-859e-c6eab5bde441</sub></sup>|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#when-should-you-use-a-liveness-probe">Documentation</a><br/>|
-|Not Limited Capabilities For Pod Security Policy<br/><sup><sub>caa93370-791f-4fc6-814b-ba6ce0cb4032</sub></sup>|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
-|Bind Address Not Properly Set<br/><sup><sub>46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
-|Using Kubernetes Native Secret Management<br/><sup><sub>b9c83569-459b-4110-8f79-6305aa33cb37</sub></sup>|<span style="color:#5bc0de">Info</span>|Secret Management|<a href="../kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37" target="_blank">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/">Documentation</a><br/>|
+|Authorization Mode Set To Always Allow<br/><sup><sub>f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Basic Auth File Is Set<br/><sup><sub>5da47109-f8d6-4585-9e2b-96a8958a12f5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Client Certificate Authentication Not Setup Properly<br/><sup><sub>e0e00aba-5f1c-4981-a542-9a9563c0ee20</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Non Kube System Pod With Host Mount<br/><sup><sub>aa8f7a35-9923-4cad-bd61-a19b7f6aac91</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
+|RBAC Wildcard In Rule<br/><sup><sub>6b896afb-ca07-467a-b256-1a0077a1c08e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|Service Account Lookup Set To False<br/><sup><sub>a5530bd7-225a-48f9-91bb-f40b04200165</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Token Auth File Is Set<br/><sup><sub>32ecd76e-7bbf-402e-bf48-8b9485749558</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Pod Security Policy Admission Control Plugin Not Set<br/><sup><sub>afa36afb-39fe-4d94-b9b6-afb236f7a03d</sub></sup>|<span style="color:#bb2124">High</span>|Build Process|<a href="../kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Cluster Allows Unsafe Sysctls<br/><sup><sub>9127f0d9-2310-42e7-866f-5fd9d20dcbad</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/">Documentation</a><br/>|
+|Container Is Privileged<br/><sup><sub>dd29336b-fe57-445b-a26e-e6aa867ae609</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/#privileged-mode-for-containers">Documentation</a><br/>|
+|Container Runs Unmasked<br/><sup><sub>f922827f-aab6-447c-832a-e1ff63312bd3</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#allowedprocmounttypes">Documentation</a><br/>|
+|Containers With Sys Admin Capabilities<br/><sup><sub>235236ee-ad78-4065-bd29-61b061f28ce0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Privilege Escalation Allowed<br/><sup><sub>5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>a33e9173-b674-4dfb-9d82-cf3754816e4b</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|PSP Allows Privilege Escalation<br/><sup><sub>87554eef-154d-411d-bdce-9dbd91e56851</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|PSP Allows Sharing Host IPC<br/><sup><sub>80f93444-b240-4ebb-a4c6-5c40b76c04ea</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|PSP Set To Privileged<br/><sup><sub>c48e57d3-d642-4e0b-90db-37f807b41b91</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#privileged">Documentation</a><br/>|
+|PSP With Added Capabilities<br/><sup><sub>7307579a-3abb-46ad-9ce5-2a915634d5c8</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Shared Host PID Namespace<br/><sup><sub>302736f4-b16c-41b8-befe-c0baffa0bd9d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Tiller (Helm v2) Is Deployed<br/><sup><sub>6d173be7-545a-46c6-a81d-2ae52ed1605d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
+|Tiller Service Is Not Deleted<br/><sup><sub>8b862ca9-0fbd-4959-ad72-b6609bdaa22d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service">Documentation</a><br/>|
+|Workload Mounting With Sensitive OS Directory<br/><sup><sub>5308a7a8-06f8-45ac-bf10-791fe21de46e</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Etcd Peer TLS Certificate Files Not Properly Set<br/><sup><sub>09bb9e96-8da3-4736-b89a-b36814acca60</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Insecure Bind Address Set<br/><sup><sub>b9380fd3-5ffe-4d10-9290-13e18e71eee1</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Insecure Port Not Properly Set<br/><sup><sub>fa4def8c-1898-4a35-a139-7b76b1acdef0</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Secure Port Set To Zero<br/><sup><sub>3d24b204-b73d-42cb-b0bf-1a5438c5f71e</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Tiller Deployment Is Accessible From Within The Cluster<br/><sup><sub>e17fa86a-6222-4584-a914-56e8f6c87e06</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/">Documentation</a><br/>|
+|PSP With Unrestricted Access to Host Path<br/><sup><sub>de4421f1-4e35-43b4-9783-737dd4e4a47e</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems">Documentation</a><br/>|
+|Volume Mount With OS Directory Write Permissions<br/><sup><sub>b7652612-de4e-4466-a0bf-1cd81f0c6063</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
+|Always Admit Admission Control Plugin Set<br/><sup><sub>ce30e584-b33f-4c7d-b418-a3d7027f8f60</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Anonymous Auth Is Not Set To False<br/><sup><sub>1de5cc51-f376-4638-a940-20f2e85ae238</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Authorization Mode RBAC Not Set<br/><sup><sub>1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>a6f34658-fdfb-4154-9536-56d516f65828</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/storage/volumes/">Documentation</a><br/>|
+|Node Restriction Admission Control Plugin Not Set<br/><sup><sub>33fc6923-6553-4fe6-9d3a-4efa51eb874b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Permissive Access to Create Pods<br/><sup><sub>592ad21d-ad9b-46c6-8d2d-fad09d62a942</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#privilege-escalation-prevention-and-bootstrapping">Documentation</a><br/>|
+|RBAC Roles Allow Privilege Escalation<br/><sup><sub>8320826e-7a9c-4b0b-9535-578333193432</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#restrictions-on-role-binding-creation-or-update">Documentation</a><br/>|
+|RBAC Roles with Attach Permission<br/><sup><sub>d45330fd-f58d-45fb-a682-6481477a0f84</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|RBAC Roles with Exec Permission<br/><sup><sub>c589f42c-7924-4871-aee2-1cede9bc7cbc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|RBAC Roles with Impersonate Permission<br/><sup><sub>9f85c3f6-26fd-4007-938a-2e0cb0100980</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation">Documentation</a><br/>|
+|RBAC Roles with Port-Forwarding Permission<br/><sup><sub>38fa11ef-dbcc-4da8-9680-7e1fd855b6fb</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|RBAC Roles with Read Secrets Permissions<br/><sup><sub>b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|Service Account Admission Control Plugin Disabled<br/><sup><sub>9587c890-0524-40c2-9ce2-663af7c2f063</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Use Service Account Credentials Not Set To True<br/><sup><sub>1acd93f1-5a37-45c0-aaac-82ece818be7d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Readiness Probe Is Not Configured<br/><sup><sub>a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes">Documentation</a><br/>|
+|Request Timeout Not Properly Set<br/><sup><sub>d89a15bb-8dba-4c71-9529-bef6729b9c09</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Terminated Pod Garbage Collector Threshold Not Properly Set<br/><sup><sub>49113af4-29ca-458e-b8d4-724c01a4a24f</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Container Running As Root<br/><sup><sub>cf34805e-3872-4c08-bf92-6ff7bb0cfadb</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Container Running With Low UID<br/><sup><sub>02323c00-cdc3-4fdc-a310-4f2b3e7a1660</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Root Containers Admitted<br/><sup><sub>e3aa0612-4351-4a0d-983f-aefea25cf203</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Always Pull Images Admission Control Plugin Not Set<br/><sup><sub>a77f4d07-c6e0-4a48-8b35-0eeb51576f4f</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>3878dc92-8e5d-47cf-9cdd-7590f71d21b9</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
+|Encryption Provider Config Is Not Defined<br/><sup><sub>cbd2db69-0b21-4c14-8a40-7710a50571a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Encryption Provider Not Properly Configured<br/><sup><sub>10efce34-5af6-4d83-b414-9e096d5a06a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#understanding-the-encryption-at-rest-configuration">Documentation</a><br/>|
+|Root CA File Not Defined<br/><sup><sub>05fb986f-ac73-4ebb-a5b2-7faafa93d882</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Service Account Private Key File Not Defined<br/><sup><sub>ccc98ff7-68a7-436e-9218-185cb0b0b780</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Weak TLS Cipher Suites<br/><sup><sub>510d5810-9a30-443a-817d-5c1fa527b110</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Authorization Mode Node Not Set<br/><sup><sub>4d7ee40f-fc5d-427d-8cac-dffbe22d42d1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Containers With Added Capabilities<br/><sup><sub>19ebaa28-fc86-4a58-bcfa-015c9e22fe40</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Ingress Controller Exposes Workload<br/><sup><sub>69bbc5e3-0818-4150-89cc-1e989b48f23b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/">Documentation</a><br/>|
+|Kubelet Protect Kernel Defaults Set To False<br/><sup><sub>6cf42c97-facd-4fda-b8af-ea4529123355</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>2270987f-bb51-479f-b8be-3ca73e5ad648</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>dbbc6705-d541-43b0-b166-dd4be8208b54</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|PSP Allows Sharing Host PID<br/><sup><sub>91dacd0e-d189-4a9c-8272-5999a3cc32d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Seccomp Profile Is Not Configured<br/><sup><sub>f377b83e-bd07-4f48-a591-60c82b14a78b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b')">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/security/seccomp/#create-pod-that-uses-the-container-runtime-default-seccomp-profile">Documentation</a><br/>|
+|Security Context Deny Admission Control Plugin Not Set<br/><sup><sub>6a68bebe-c021-492e-8ddb-55b0567fb768</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Using Unrecommended Namespace<br/><sup><sub>611ab018-c4aa-4ba2-b0f6-a448337509a6</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/">Documentation</a><br/>|
+|Role Binding To Default Service Account<br/><sup><sub>1e749bc9-fde8-471c-af0c-8254efd2dee5</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
+|Service Account Name Undefined Or Empty<br/><sup><sub>591ade62-d6b0-4580-b1ae-209f80ba1cd9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
+|Service Account Token Automount Not Disabled<br/><sup><sub>48471392-d4d0-47c0-b135-cdec95eb3eef</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server">Documentation</a><br/>|
+|Auto TLS Set To True<br/><sup><sub>98ce8b81-7707-4734-aa39-627c6db3d84b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|CNI Plugin Does Not Support Network Policies<br/><sup><sub>03aabc8c-35d6-481e-9c85-20139cf72d23</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/">Documentation</a><br/>|
+|Etcd TLS Certificate Files Not Properly Set<br/><sup><sub>075ca296-6768-4322-aea2-ba5063b969a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Etcd TLS Certificate Not Properly Configured<br/><sup><sub>895a5a95-3756-4b04-9924-2f3bc93181bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet HTTPS Set To False<br/><sup><sub>cdc8b54e-6b16-4538-a1b0-35849dbe29cf</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet Not Managing Ip Tables<br/><sup><sub>5f89001f-6dd9-49ff-9b15-d8cd71b617f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Kubelet Read Only Port Is Not Set To Zero<br/><sup><sub>2940d48a-dc5e-4178-a3f8-bfbd80720b41</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Kubelet Streaming Connection Timeout Disabled<br/><sup><sub>ed89b97d-04e9-4fd4-919f-ee5b27e555e9</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Peer Auto TLS Set To True<br/><sup><sub>ae8827e2-4af9-4baa-9998-87539ae0d6f0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Pod Misconfigured Network Policy<br/><sup><sub>0401f71b-9c1e-4821-ab15-a955caa621be</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
+|Service With External Load Balancer<br/><sup><sub>26763a1c-5dda-4772-b507-5fca7fb5f165</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/">Documentation</a><br/>|
+|TSL Connection Certificate Not Setup<br/><sup><sub>fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Audit Log Path Not Set<br/><sup><sub>73e251f0-363d-4e53-86e2-0a93592437eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Policy File Not Defined<br/><sup><sub>13a49a2e-488e-4309-a7c0-d6b05577a5fb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Memory Limits Not Defined<br/><sup><sub>b14d1bc4-a208-45db-92f0-e21f8e2588e9</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
+|Memory Requests Not Defined<br/><sup><sub>229588ef-8fde-40c8-8756-f4f2b5825ded</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/">Documentation</a><br/>|
+|Shared Host IPC Namespace<br/><sup><sub>cd290efd-6c82-4e9d-a698-be12ae31d536</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Shared Host Network Namespace<br/><sup><sub>6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Etcd Client Certificate Authentication Set To False<br/><sup><sub>9391103a-d8d7-4671-ac5d-606ba7ccb0ac</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Etcd Client Certificate File Not Defined<br/><sup><sub>3f5ff8a7-5ad6-4d02-86f5-666307da1b20</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Etcd Peer Client Certificate Authentication Set To False<br/><sup><sub>b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff')">Query details</a><br><a href="https://etcd.io/docs/v3.4/op-guide/security/">Documentation</a><br/>|
+|Kubelet Certificate Authority Not Set<br/><sup><sub>ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet Client Certificate Or Key Not Set<br/><sup><sub>36a27826-1bf5-49da-aeb0-a60a30c0e834</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Kubelet Client Periodic Certificate Switch Disabled<br/><sup><sub>52d70f2e-3257-474c-b3dc-8ad9ba6a061a</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Not Unique Certificate Authority<br/><sup><sub>cb7e695d-6a85-495c-b15f-23aed2519303</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Rotate Kubelet Server Certificate Not Active<br/><sup><sub>1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/">Documentation</a><br/>|
+|Service Account Key File Not Properly Set<br/><sup><sub>dab4ec72-ce2e-4732-b7c3-1757dcce01a1</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|ServiceAccount Allows Access Secrets<br/><sup><sub>056ac60e-fe07-4acc-9b34-8e1d51716ab9</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Documentation</a><br/>|
+|Shared Service Account<br/><sup><sub>c1032cf7-3628-44e2-bd53-38c17cf31b6b</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/">Documentation</a><br/>|
+|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>249328b8-5f0f-409f-b1dd-029f07882e11</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11')">Query details</a><br><a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles">Documentation</a><br/>|
+|Missing AppArmor Profile<br/><sup><sub>8b36775e-183d-4d46-b0f7-96a6f34a723f</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f')">Query details</a><br><a href="https://kubernetes.io/docs/tutorials/clusters/apparmor/">Documentation</a><br/>|
+|Deployment Without PodDisruptionBudget<br/><sup><sub>b23e9b98-0cb6-4fc9-b257-1f3270442678</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
+|Event Rate Limit Admission Control Plugin Not Set<br/><sup><sub>e0099af2-fe17-411f-9991-0de28fe15f3c</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|HPA Targets Invalid Object<br/><sup><sub>2f652c42-619d-4361-b361-9f599688f8ca</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
+|StatefulSet Without PodDisruptionBudget<br/><sup><sub>1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/">Documentation</a><br/>|
+|StatefulSet Without Service Name<br/><sup><sub>bb241e61-77c3-4b97-9575-c0f8a1e008d0</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
+|Metadata Label Is Invalid<br/><sup><sub>1123031a-f921-4c5b-bd86-ef354ecfd37a</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/">Documentation</a><br/>|
+|No Drop Capabilities for Containers<br/><sup><sub>268ca686-7fb7-4ae9-b129-955a2a89064e</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/init-containers/">Documentation</a><br/>|
+|Object Is Using A Deprecated API Version<br/><sup><sub>94b76ea5-e074-4ca2-8a03-c5a606e30645</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645')">Query details</a><br><a href="https://kubernetes.io/docs/reference/using-api/deprecation-guide/">Documentation</a><br/>|
+|Image Policy Webhook Admission Control Plugin Not Set<br/><sup><sub>14abda69-8e91-4acb-9931-76e2bee90284</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Namespace Lifecycle Admission Control Plugin Disabled<br/><sup><sub>1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Root Container Not Mounted Read-only<br/><sup><sub>a9c2f49d-0671-4fc9-9ece-f4e261e128d0</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|StatefulSet Requests Storage<br/><sup><sub>8cf4671a-cf3d-46fc-8389-21e7405063a2</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/">Documentation</a><br/>|
+|Dashboard Is Enabled<br/><sup><sub>d2ad057f-0928-41ef-a83c-f59203bb855b</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/">Documentation</a><br/>|
+|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>caa3479d-885d-4882-9aac-95e5e78ef5c2</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
+|Image Without Digest<br/><sup><sub>7c81d34c-8e5a-402b-9798-9f442630e678</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
+|Kubelet Hostname Override Is Set<br/><sup><sub>bf36b900-b5ef-4828-adb7-70eb543b7cfb</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Pod or Container Without LimitRange<br/><sup><sub>4a20ebac-1060-4c81-95d1-1f7f620e983b</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/limit-range/">Documentation</a><br/>|
+|Pod or Container Without ResourceQuota<br/><sup><sub>48a5beba-e4c0-4584-a2aa-e6894e4cf424</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/resource-quotas/">Documentation</a><br/>|
+|Pod or Container Without Security Context<br/><sup><sub>a97a340a-0063-418e-b3a1-3028941d0995</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/configure-pod-container/security-context/">Documentation</a><br/>|
+|Service Does Not Target Pod<br/><sup><sub>3ca03a61-3249-4c16-8427-6f8e47dda729</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
+|Network Policy Is Not Targeting Any Pod<br/><sup><sub>85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/">Documentation</a><br/>|
+|Service Type is NodePort<br/><sup><sub>845acfbe-3e10-4b8e-b656-3b404d36dfb2</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Documentation</a><br/>|
+|Workload Host Port Not Specified<br/><sup><sub>2b1836f1-dcce-416e-8e16-da8c71920633</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#exposing-the-service">Documentation</a><br/>|
+|Audit Log Maxage Not Properly Set<br/><sup><sub>da9f3aa8-fbfb-472f-b5a1-576127944218</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Log Maxbackup Not Properly Set<br/><sup><sub>768aab52-2504-4a2f-a3e3-329d5a679848</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Log Maxsize Not Properly Set<br/><sup><sub>35c0a471-f7c8-4993-aa2c-503a3c712a66</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|Audit Policy Not Cover Key Security Concerns<br/><sup><sub>1828a670-5957-4bc5-9974-47da228f75e2</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/debug-application-cluster/audit/">Documentation</a><br/>|
+|Kubelet Event QPS Not Properly Set<br/><sup><sub>1a07a446-8e61-4e4d-bc16-b0781fcb8211</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/">Documentation</a><br/>|
+|Profiling Not Set To False<br/><sup><sub>2f491173-6375-4a84-b28e-a4e2b9a58a69</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/">Documentation</a><br/>|
+|CPU Limits Not Set<br/><sup><sub>4ac0e2b7-d2d2-4af7-8799-e8de6721ccda</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/">Documentation</a><br/>|
+|CPU Requests Not Set<br/><sup><sub>ca469dd4-c736-448f-8ac1-30a642705e0a</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#">Documentation</a><br/>|
+|CronJob Deadline Not Configured<br/><sup><sub>192fe40b-b1c3-448a-aba2-6cc19a300fe3</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/">Documentation</a><br/>|
+|Deployment Has No PodAntiAffinity<br/><sup><sub>a31b7b82-d994-48c4-bd21-3bab6c31827a</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
+|StatefulSet Has No PodAntiAffinity<br/><sup><sub>d740d048-8ed3-49d3-b77b-6f072f3b669e</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/">Documentation</a><br/>|
+|Secrets As Environment Variables<br/><sup><sub>3d658f8b-d988-41a0-a841-40043121de1e</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables">Documentation</a><br/>|
+|Invalid Image Tag<br/><sup><sub>583053b7-e632-46f0-b989-f81ff8045385</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/containers/images/#updating-images">Documentation</a><br/>|
+|Ensure Administrative Boundaries Between Resources<br/><sup><sub>e84eaf4d-2f45-47b2-abe8-e581b06deb66</sub></sup>|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/">Documentation</a><br/>|
+|HPA Targeted Deployments With Configured Replica Count<br/><sup><sub>5744cbb8-5946-4b75-a196-ade44449525b</sub></sup>|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b')">Query details</a><br><a href="https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/">Documentation</a><br/>|
+|Liveness Probe Is Not Defined<br/><sup><sub>ade74944-a674-4e00-859e-c6eab5bde441</sub></sup>|<span style="color:#5bc0de">Info</span>|Availability|<a href="../kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#when-should-you-use-a-liveness-probe">Documentation</a><br/>|
+|Not Limited Capabilities For Pod Security Policy<br/><sup><sub>caa93370-791f-4fc6-814b-ba6ce0cb4032</sub></sup>|<span style="color:#5bc0de">Info</span>|Insecure Configurations|<a href="../kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/policy/pod-security-policy/">Documentation</a><br/>|
+|Bind Address Not Properly Set<br/><sup><sub>46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2</sub></sup>|<span style="color:#5bc0de">Info</span>|Networking and Firewall|<a href="../kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2')">Query details</a><br><a href="https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/">Documentation</a><br/>|
+|Using Kubernetes Native Secret Management<br/><sup><sub>b9c83569-459b-4110-8f79-6305aa33cb37</sub></sup>|<span style="color:#5bc0de">Info</span>|Secret Management|<a href="../kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37" onclick="newWindowOpenerSafe(event, '../kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37')">Query details</a><br><a href="https://kubernetes.io/docs/concepts/configuration/secret/">Documentation</a><br/>|
diff --git a/docs/queries/openapi-queries.md b/docs/queries/openapi-queries.md
index 2e319ee5ea9..784b09d3d80 100644
--- a/docs/queries/openapi-queries.md
+++ b/docs/queries/openapi-queries.md
@@ -8,53 +8,53 @@ Below are listed queries related to OpenAPI 2.0:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Security Definitions Undefined or Empty<br/><sup><sub>e3f026e8-fdb4-4d5a-bcfd-bd94452073fe</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
-|Security Requirement Not Defined In Security Definition<br/><sup><sub>a599b0d1-ff89-4cb8-9ece-9951854c06f6</sub></sup>|<span style="color:#bb2124">High</span>|Structure and Semantics|<a href="../openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Global Security Using Password Flow<br/><sup><sub>2da46be4-4317-4650-9285-56d7103c4f93</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Implicit Flow in OAuth2 (v2)<br/><sup><sub>e9817ad8-a8c9-4038-8a2f-db0e6e7b284b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Invalid OAuth2 Authorization URL (v2)<br/><sup><sub>33d96c65-977d-4c33-943f-440baca49185</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/33d96c65-977d-4c33-943f-440baca49185" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Invalid OAuth2 Token URL (v2)<br/><sup><sub>274f910a-0665-4f08-b66d-7058fe927dba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
-|Operation Using Basic Auth<br/><sup><sub>ceefb058-8065-418f-9c4c-584a78c7e104</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Operation Using Implicit Flow<br/><sup><sub>f42dfe7e-787d-4478-a75e-a5f3d8a2269e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Operation Using Password Flow<br/><sup><sub>2e44e632-d617-43cb-b294-6bfe72a08938</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Security Definitions Allows Password Flow<br/><sup><sub>773116aa-2e6d-416f-bd85-f0301cc05d76</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Security Definitions Using Basic Auth<br/><sup><sub>221015a8-aa2a-43f5-b00b-ad7d2b1d47a8</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
-|Global Schemes Uses HTTP<br/><sup><sub>f30ee711-0082-4480-85ab-31d922d9a2b2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
-|Path Scheme Accepts HTTP (v2)<br/><sup><sub>a6847dc6-f4ea-45ac-a81f-93291ae6c573</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
-|Schemes Uses HTTP<br/><sup><sub>a46928f1-43d7-4671-94e0-2dd99746f389</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
-|Operation Object Without 'consumes'<br/><sup><sub>0c79e50e-b3cf-490c-b8f6-587c644d4d0c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Operation Object Without 'produces'<br/><sup><sub>be3e170e-1572-461e-a8b6-d963def581ec</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Non OAuth2 Security Requirement Defining OAuth2 Scopes<br/><sup><sub>ba239cb9-f342-4c20-812d-7b5a2aa6969e</sub></sup>|<span style="color:#ff7213">Medium</span>|Structure and Semantics|<a href="../openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Undefined Scope 'securityDefinition' On 'security' Field On Operations<br/><sup><sub>3847280c-9193-40bc-8009-76168e822ce2</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/3847280c-9193-40bc-8009-76168e822ce2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
-|Undefined Scope 'securityDefinition' On Global 'security' Field<br/><sup><sub>9aa6e95c-d964-4239-a3a8-9f37a3c5a31f</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
-|Constraining Enum Property<br/><sup><sub>be1d8733-3731-40c7-a845-734741c6871d</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/be1d8733-3731-40c7-a845-734741c6871d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Global Parameter Definition Not Being Used<br/><sup><sub>b30981fa-a12e-49c7-a5bb-eeafb61d0f0f</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parametersDefinitionsObject">Documentation</a><br/>|
-|Global Responses Definition Not Being Used<br/><sup><sub>0b76d993-ee52-43e0-8b39-3787d2ddabf1</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
-|Global Schema Definition Not Being Used<br/><sup><sub>6d2e0790-cc3d-4c74-b973-d4e8b09f4455</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
-|Invalid Media Type Value (v2)<br/><sup><sub>f985a7d2-d404-4a7f-9814-f645f791e46e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Operation Summary Too Long<br/><sup><sub>d47940ca-5970-45cc-bdd1-4d81398cee1f</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Schema with 'additionalProperties' set as Boolean<br/><sup><sub>3a01790c-ebee-4da6-8fd3-e78657383b75</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Unknown Prefix (v2)<br/><sup><sub>3b615f00-c443-4ba9-acc4-7c308716917d</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
-|BasePath With Wrong Format<br/><sup><sub>b4803607-ed72-4d60-99e2-3fa6edf471c6</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schema">Documentation</a><br/>|
-|Body Parameter With Wrong Property<br/><sup><sub>c38d630d-a415-4e3e-bac2-65475979ba88</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Body Parameter Without Schema<br/><sup><sub>ed48229d-d43e-4da7-b453-5f98d964a57a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|File Parameter With Wrong Consumes Property<br/><sup><sub>7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Host With Invalid Pattern<br/><sup><sub>3d7d7b6c-fb0a-475e-8a28-c125e30d15f0</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
-|Multi 'collectionformat' Not Valid For 'in' Parameter<br/><sup><sub>750f6448-27c0-49f8-a153-b81735c1e19c</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Multiple Body Parameters In The Same Operation<br/><sup><sub>b90033cf-ad9f-4fb9-acd1-1b9d6d278c87</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Non Body Parameter Without Schema<br/><sup><sub>73c3bc54-3cc6-4c0a-b30a-e19f2abfc951</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Object Without Required Property (v2)<br/><sup><sub>5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
-|Operation Example Mismatch Produces MimeType<br/><sup><sub>2cf35b40-ded3-43d6-9633-c8dcc8bcc822</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#exampleObject">Documentation</a><br/>|
-|Operation Object Parameters With 'body' And 'formatData' locations<br/><sup><sub>eb3f9744-d24e-4614-b1ff-2a9514eca21c</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter File Type Not In 'formData'<br/><sup><sub>c3cab8c4-6c52-47a9-942b-c27f26fbd7d2</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter JSON Reference Does Not Exists (v2)<br/><sup><sub>fb889ae9-2d16-40b5-b41f-9da716c5abc1</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter Object With Incorrect Ref (v2)<br/><sup><sub>2596545e-1757-4ff7-a15a-8a9a180a42f3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#parameter-object">Documentation</a><br/>|
-|Property Not Unique<br/><sup><sub>750b40be-4bac-4f59-bdc4-1ca0e6c3450e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Response Object With Incorrect Ref (v2)<br/><sup><sub>bccfa089-89e4-47e0-a0e5-185fe6902220</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
-|Responses JSON Reference Does Not Exists (v2)<br/><sup><sub>e9db5fb4-6a84-4abb-b4af-3b94fbdace6d</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
-|Schema JSON Reference Does Not Exists (v2)<br/><sup><sub>98295b32-ec09-4b5b-89a9-39853197f914</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
-|Schema Object Incorrect Ref (v2)<br/><sup><sub>0220e1c5-65d1-49dd-b7c2-cef6d6cb5283</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Unknown Property (v2)<br/><sup><sub>429b2106-ba37-43ba-9727-7f699cc611e1</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
+|Security Definitions Undefined or Empty<br/><sup><sub>e3f026e8-fdb4-4d5a-bcfd-bd94452073fe</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe" onclick="newWindowOpenerSafe(event, '../openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
+|Security Requirement Not Defined In Security Definition<br/><sup><sub>a599b0d1-ff89-4cb8-9ece-9951854c06f6</sub></sup>|<span style="color:#bb2124">High</span>|Structure and Semantics|<a href="../openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6" onclick="newWindowOpenerSafe(event, '../openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
+|Global Security Using Password Flow<br/><sup><sub>2da46be4-4317-4650-9285-56d7103c4f93</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93" onclick="newWindowOpenerSafe(event, '../openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
+|Implicit Flow in OAuth2 (v2)<br/><sup><sub>e9817ad8-a8c9-4038-8a2f-db0e6e7b284b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b" onclick="newWindowOpenerSafe(event, '../openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Invalid OAuth2 Authorization URL (v2)<br/><sup><sub>33d96c65-977d-4c33-943f-440baca49185</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/33d96c65-977d-4c33-943f-440baca49185" onclick="newWindowOpenerSafe(event, '../openapi-queries/33d96c65-977d-4c33-943f-440baca49185')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Invalid OAuth2 Token URL (v2)<br/><sup><sub>274f910a-0665-4f08-b66d-7058fe927dba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba" onclick="newWindowOpenerSafe(event, '../openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba')">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
+|Operation Using Basic Auth<br/><sup><sub>ceefb058-8065-418f-9c4c-584a78c7e104</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104" onclick="newWindowOpenerSafe(event, '../openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Operation Using Implicit Flow<br/><sup><sub>f42dfe7e-787d-4478-a75e-a5f3d8a2269e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e" onclick="newWindowOpenerSafe(event, '../openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Operation Using Password Flow<br/><sup><sub>2e44e632-d617-43cb-b294-6bfe72a08938</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938" onclick="newWindowOpenerSafe(event, '../openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Security Definitions Allows Password Flow<br/><sup><sub>773116aa-2e6d-416f-bd85-f0301cc05d76</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76" onclick="newWindowOpenerSafe(event, '../openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Security Definitions Using Basic Auth<br/><sup><sub>221015a8-aa2a-43f5-b00b-ad7d2b1d47a8</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8" onclick="newWindowOpenerSafe(event, '../openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8')">Query details</a><br><a href="https://swagger.io/specification/v2/#securitySchemeObject">Documentation</a><br/>|
+|Global Schemes Uses HTTP<br/><sup><sub>f30ee711-0082-4480-85ab-31d922d9a2b2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2" onclick="newWindowOpenerSafe(event, '../openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2')">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
+|Path Scheme Accepts HTTP (v2)<br/><sup><sub>a6847dc6-f4ea-45ac-a81f-93291ae6c573</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573" onclick="newWindowOpenerSafe(event, '../openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573')">Query details</a><br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
+|Schemes Uses HTTP<br/><sup><sub>a46928f1-43d7-4671-94e0-2dd99746f389</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389" onclick="newWindowOpenerSafe(event, '../openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389')">Query details</a><br><a href="https://swagger.io/specification/v2/#swaggerObject">Documentation</a><br/>|
+|Operation Object Without 'consumes'<br/><sup><sub>0c79e50e-b3cf-490c-b8f6-587c644d4d0c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c" onclick="newWindowOpenerSafe(event, '../openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Operation Object Without 'produces'<br/><sup><sub>be3e170e-1572-461e-a8b6-d963def581ec</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec" onclick="newWindowOpenerSafe(event, '../openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Non OAuth2 Security Requirement Defining OAuth2 Scopes<br/><sup><sub>ba239cb9-f342-4c20-812d-7b5a2aa6969e</sub></sup>|<span style="color:#ff7213">Medium</span>|Structure and Semantics|<a href="../openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e" onclick="newWindowOpenerSafe(event, '../openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e')">Query details</a><br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
+|Undefined Scope 'securityDefinition' On 'security' Field On Operations<br/><sup><sub>3847280c-9193-40bc-8009-76168e822ce2</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/3847280c-9193-40bc-8009-76168e822ce2" onclick="newWindowOpenerSafe(event, '../openapi-queries/3847280c-9193-40bc-8009-76168e822ce2')">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
+|Undefined Scope 'securityDefinition' On Global 'security' Field<br/><sup><sub>9aa6e95c-d964-4239-a3a8-9f37a3c5a31f</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f" onclick="newWindowOpenerSafe(event, '../openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f')">Query details</a><br><a href="https://swagger.io/specification/v2/#security-scheme-object">Documentation</a><br/>|
+|Constraining Enum Property<br/><sup><sub>be1d8733-3731-40c7-a845-734741c6871d</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/be1d8733-3731-40c7-a845-734741c6871d" onclick="newWindowOpenerSafe(event, '../openapi-queries/be1d8733-3731-40c7-a845-734741c6871d')">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
+|Global Parameter Definition Not Being Used<br/><sup><sub>b30981fa-a12e-49c7-a5bb-eeafb61d0f0f</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f" onclick="newWindowOpenerSafe(event, '../openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f')">Query details</a><br><a href="https://swagger.io/specification/v2/#parametersDefinitionsObject">Documentation</a><br/>|
+|Global Responses Definition Not Being Used<br/><sup><sub>0b76d993-ee52-43e0-8b39-3787d2ddabf1</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1" onclick="newWindowOpenerSafe(event, '../openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1')">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
+|Global Schema Definition Not Being Used<br/><sup><sub>6d2e0790-cc3d-4c74-b973-d4e8b09f4455</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455" onclick="newWindowOpenerSafe(event, '../openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455')">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
+|Invalid Media Type Value (v2)<br/><sup><sub>f985a7d2-d404-4a7f-9814-f645f791e46e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e" onclick="newWindowOpenerSafe(event, '../openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Operation Summary Too Long<br/><sup><sub>d47940ca-5970-45cc-bdd1-4d81398cee1f</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f" onclick="newWindowOpenerSafe(event, '../openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Schema with 'additionalProperties' set as Boolean<br/><sup><sub>3a01790c-ebee-4da6-8fd3-e78657383b75</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75" onclick="newWindowOpenerSafe(event, '../openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75')">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
+|Unknown Prefix (v2)<br/><sup><sub>3b615f00-c443-4ba9-acc4-7c308716917d</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d" onclick="newWindowOpenerSafe(event, '../openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d')">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
+|BasePath With Wrong Format<br/><sup><sub>b4803607-ed72-4d60-99e2-3fa6edf471c6</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6" onclick="newWindowOpenerSafe(event, '../openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6')">Query details</a><br><a href="https://swagger.io/specification/v2/#schema">Documentation</a><br/>|
+|Body Parameter With Wrong Property<br/><sup><sub>c38d630d-a415-4e3e-bac2-65475979ba88</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88" onclick="newWindowOpenerSafe(event, '../openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Body Parameter Without Schema<br/><sup><sub>ed48229d-d43e-4da7-b453-5f98d964a57a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a" onclick="newWindowOpenerSafe(event, '../openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|File Parameter With Wrong Consumes Property<br/><sup><sub>7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a" onclick="newWindowOpenerSafe(event, '../openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a')">Query details</a><br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
+|Host With Invalid Pattern<br/><sup><sub>3d7d7b6c-fb0a-475e-8a28-c125e30d15f0</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0" onclick="newWindowOpenerSafe(event, '../openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0')">Query details</a><br><a href="https://swagger.io/specification/v2/#swagger-object">Documentation</a><br/>|
+|Multi 'collectionformat' Not Valid For 'in' Parameter<br/><sup><sub>750f6448-27c0-49f8-a153-b81735c1e19c</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c" onclick="newWindowOpenerSafe(event, '../openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Multiple Body Parameters In The Same Operation<br/><sup><sub>b90033cf-ad9f-4fb9-acd1-1b9d6d278c87</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87" onclick="newWindowOpenerSafe(event, '../openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Non Body Parameter Without Schema<br/><sup><sub>73c3bc54-3cc6-4c0a-b30a-e19f2abfc951</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951" onclick="newWindowOpenerSafe(event, '../openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Object Without Required Property (v2)<br/><sup><sub>5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275" onclick="newWindowOpenerSafe(event, '../openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275')">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
+|Operation Example Mismatch Produces MimeType<br/><sup><sub>2cf35b40-ded3-43d6-9633-c8dcc8bcc822</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822" onclick="newWindowOpenerSafe(event, '../openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822')">Query details</a><br><a href="https://swagger.io/specification/v2/#exampleObject">Documentation</a><br/>|
+|Operation Object Parameters With 'body' And 'formatData' locations<br/><sup><sub>eb3f9744-d24e-4614-b1ff-2a9514eca21c</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c" onclick="newWindowOpenerSafe(event, '../openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Parameter File Type Not In 'formData'<br/><sup><sub>c3cab8c4-6c52-47a9-942b-c27f26fbd7d2</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2" onclick="newWindowOpenerSafe(event, '../openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Parameter JSON Reference Does Not Exists (v2)<br/><sup><sub>fb889ae9-2d16-40b5-b41f-9da716c5abc1</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1" onclick="newWindowOpenerSafe(event, '../openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
+|Parameter Object With Incorrect Ref (v2)<br/><sup><sub>2596545e-1757-4ff7-a15a-8a9a180a42f3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3" onclick="newWindowOpenerSafe(event, '../openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3')">Query details</a><br><a href="https://swagger.io/specification/v2/#parameter-object">Documentation</a><br/>|
+|Property Not Unique<br/><sup><sub>750b40be-4bac-4f59-bdc4-1ca0e6c3450e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e" onclick="newWindowOpenerSafe(event, '../openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e')">Query details</a><br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
+|Response Object With Incorrect Ref (v2)<br/><sup><sub>bccfa089-89e4-47e0-a0e5-185fe6902220</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220" onclick="newWindowOpenerSafe(event, '../openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220')">Query details</a><br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
+|Responses JSON Reference Does Not Exists (v2)<br/><sup><sub>e9db5fb4-6a84-4abb-b4af-3b94fbdace6d</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d" onclick="newWindowOpenerSafe(event, '../openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d')">Query details</a><br><a href="https://swagger.io/specification/v2/#responsesDefinitionsObject">Documentation</a><br/>|
+|Schema JSON Reference Does Not Exists (v2)<br/><sup><sub>98295b32-ec09-4b5b-89a9-39853197f914</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914" onclick="newWindowOpenerSafe(event, '../openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914')">Query details</a><br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
+|Schema Object Incorrect Ref (v2)<br/><sup><sub>0220e1c5-65d1-49dd-b7c2-cef6d6cb5283</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283" onclick="newWindowOpenerSafe(event, '../openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283')">Query details</a><br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
+|Unknown Property (v2)<br/><sup><sub>429b2106-ba37-43ba-9727-7f699cc611e1</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1" onclick="newWindowOpenerSafe(event, '../openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1')">Query details</a><br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
 
 ### 3.0
 Below are listed queries related to OpenAPI 3.0:
@@ -63,81 +63,81 @@ Below are listed queries related to OpenAPI 3.0:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Cleartext Credentials With Basic Authentication For Operation<br/><sup><sub>86b1fa30-9790-4980-994d-a27e0f6f27c1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
-|Field 'securityScheme' On Components Is Undefined<br/><sup><sub>8db5544e-4874-4baa-9322-e9f75a2d219e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Global Security Scheme Using Basic Authentication<br/><sup><sub>77276d82-4f45-4cf1-8e2b-4d345b936228</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Invalid OAuth2 Authorization URL (v3)<br/><sup><sub>52c0d841-60d6-4a81-88dd-c35fef36d315</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|Invalid OAuth2 Token URL (v3)<br/><sup><sub>3ba0cca1-b815-47bf-ac62-1e584eb64a05</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|OAuth2 With Implicit Flow<br/><sup><sub>39cb32f2-3a42-4af0-8037-82a7a9654b6c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
-|OAuth2 With Password Flow<br/><sup><sub>3979b0a4-532c-4ea7-86e4-34c090eaa4f2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
-|Security Scheme HTTP Unknown Scheme<br/><sup><sub>06764426-3c56-407e-981f-caa25db1c149</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/06764426-3c56-407e-981f-caa25db1c149" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Global Server Object Uses HTTP<br/><sup><sub>2d8c175a-6d90-412b-8b0e-e034ea49a1fe</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Path Server Object Uses HTTP (v3)<br/><sup><sub>9670f240-7b4d-4955-bd93-edaa9fa38b58</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Media Type Object Without Schema<br/><sup><sub>f79b9d26-e945-44e7-98a1-b93f0f7a68a0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Parameter Object Without Schema<br/><sup><sub>8fe1846f-52cc-4413-ace9-1933d7d23672</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Header Object Without Schema<br/><sup><sub>50de3b5b-6465-4e06-a9b0-b4c2ba34326b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#header-object">Documentation</a><br/>|
-|API Key Exposed In Global Security Scheme<br/><sup><sub>40e1d1bf-11a9-4f63-a3a2-a8b84c602839</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using HTTP Basic<br/><sup><sub>68e5fcac-390c-4939-a373-6074b7be7c71</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using HTTP Digest<br/><sup><sub>a4247b11-890b-45df-bf42-350a7a3af9be</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using HTTP Negotiate<br/><sup><sub>f525cc92-9050-4c41-a75c-890dc6f64449</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Security Scheme Using Oauth 1.0<br/><sup><sub>1bc3205c-0d60-44e6-84f3-44fbf4dac5b3</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
-|Undefined Scope 'securityScheme' On 'security' Field On Operations<br/><sup><sub>462d6a1d-fed9-4d75-bb9e-3de902f35e6e</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|Undefined Scope 'securityScheme' On Global 'security' Field<br/><sup><sub>23a9e2d9-8738-4556-a71c-2802b6ffa022</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
-|Additional Properties Too Permissive<br/><sup><sub>9f88c88d-824d-4d9a-b985-e22977046042</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Additional Properties Too Restrictive<br/><sup><sub>a19c3bbd-c056-40d7-9e1c-eeb0634e320d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Success Response Code Undefined for Trace Operation<br/><sup><sub>105e20dd-8449-4d71-95c6-d5dac96639af</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
-|Components Callback Definition Is Unused<br/><sup><sub>d15db953-a553-4b8a-9a14-a3d62ea3d79d</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Example Definition Is Unused<br/><sup><sub>b05bb927-2df5-43cc-8d7b-6825c0e71625</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Header Definition Is Unused<br/><sup><sub>a68da022-e95a-4bc2-97d3-481e0bd6d446</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Link Definition Is Unused<br/><sup><sub>c19779a9-5774-4d2f-a3a1-a99831730375</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Parameter Definition Is Unused<br/><sup><sub>698a464e-bb3e-4ba8-ab5e-e6599b7644a0</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Request Body Definition Is Unused<br/><sup><sub>6b76f589-9713-44ab-97f5-59a3dba1a285</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Response Definition Is Unused<br/><sup><sub>9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Components Schema Definition Is Unused<br/><sup><sub>962fa01e-b791-4dcc-b04a-4a3e7389be5e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Encoding Header 'Content-Type' Improperly Defined<br/><sup><sub>4cd8de87-b595-48b6-ab3c-1904567135ab</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Invalid Media Type Value (v3)<br/><sup><sub>cf4a5f45-a27b-49df-843a-9911dbfe71d4</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Property 'allowEmptyValue' Ignored<br/><sup><sub>59c2f769-7cc2-49c8-a3de-4e211135cfab</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Property 'allowReserved' of Encoding Object Ignored<br/><sup><sub>4190dda7-af03-4cf0-a128-70ac1661ca09</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
-|Property 'explode' of Encoding Object Ignored<br/><sup><sub>a4dd69b8-49fa-45d2-a060-c76655405b05</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
-|Property 'style' of Encoding Object Ignored<br/><sup><sub>d3ea644a-9a5c-4fee-941f-f8a6786c0470</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
-|Unknown Prefix (v3)<br/><sup><sub>a5375be3-521c-43bb-9eab-e2432e368ee4</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Callback JSON Reference Does Not Exists<br/><sup><sub>f29904c8-6041-4bca-b043-dfa0546b8079</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Callback Object With Incorrect Ref<br/><sup><sub>ba066cda-e808-450d-92b6-f29109754d45</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ba066cda-e808-450d-92b6-f29109754d45" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#callback-object">Documentation</a><br/>|
-|Components Object Fixed Field Key Improperly Named<br/><sup><sub>151331e2-11f4-4bb6-bd35-9a005e695087</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Empty Array<br/><sup><sub>5915c20f-dffa-4cee-b5d4-f457ddc0151a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
-|Encoding Map Key Mismatch Schema Defined Properties<br/><sup><sub>cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Example JSON Reference Does Not Exists<br/><sup><sub>6a2c219f-da5e-4745-941e-5ea8cde23356</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Example JSON Reference Outside Components Examples<br/><sup><sub>bac56e3c-1f71-4a74-8ae6-2fba07efcddb</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
-|Header JSON Reference Does Not Exists<br/><sup><sub>376c9390-7e9e-4cb8-a067-fd31c05451fd</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Header Object With Incorrect Ref<br/><sup><sub>2d6646f4-2946-420f-8c14-3232d49ae0cb</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
-|Invalid Content Type For Multiple Files Upload<br/><sup><sub>26f06397-36d8-4ce7-b993-17711261d777</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/26f06397-36d8-4ce7-b993-17711261d777" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/describing-request-body/file-upload/">Documentation</a><br/>|
-|Link JSON Reference Does Not Exists<br/><sup><sub>801f0c6a-a834-4467-89c6-ddecffb46b5a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Link Object Incorrect Ref<br/><sup><sub>b9db8a10-020c-49ca-88c6-780e5fdb4328</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
-|Link Object OperationId Does Not Target Operation Object<br/><sup><sub>c5bb7461-aa57-470b-a714-3bc3d74f4669</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
-|Link Object With Both 'operationId' And 'operationRef'<br/><sup><sub>60fb6621-9f02-473b-9424-ba9a825747d3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
-|Object Without Required Property (v3)<br/><sup><sub>d172a060-8569-4412-8045-3560ebd477e8</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d172a060-8569-4412-8045-3560ebd477e8" target="_blank">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
-|Parameter JSON Reference Does Not Exists (v3)<br/><sup><sub>2e275f16-b627-4d3f-ae73-a6153a23ae8f</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Parameter Object Content With Multiple Entries<br/><sup><sub>8bfed1c6-2d59-4924-bc7f-9b9d793ed0df</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Parameter Object With Incorrect Ref (v3)<br/><sup><sub>d40f27e6-15fb-4b56-90f8-fc0ff0291c51</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Parameter Object With Schema And Content<br/><sup><sub>31dd6fc0-f274-493b-9614-e063086c19fc</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Parameter Object With Undefined Type<br/><sup><sub>46facedc-f243-4108-ab33-583b807d50b0</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/46facedc-f243-4108-ab33-583b807d50b0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Property 'allowReserved' Improperly Defined<br/><sup><sub>7f203940-39c4-4ea7-91ee-7aba16bca9e2</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
-|Request Body JSON Reference Does Not Exists<br/><sup><sub>ca02f4e8-d3ae-4832-b7db-bb037516d9e7</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Request Body Object With Incorrect Media Type<br/><sup><sub>58f06434-a88c-4f74-826c-db7e10cc7def</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
-|Request Body With Incorrect Ref<br/><sup><sub>0f6cd0ab-c366-4595-84fc-fbd8b9901e4d</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#request-body-object">Documentation</a><br/>|
-|Response JSON Reference Does Not Exists (v3)<br/><sup><sub>7a01dfbd-da62-4165-aed7-71349ad42ab4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Response Object With Incorrect Ref (v3)<br/><sup><sub>b3871dd8-9333-4d6c-bd52-67eb898b71ab</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
-|Schema JSON Reference Does Not Exists (v3)<br/><sup><sub>015eac96-6313-43c0-84e5-81b1374fa637</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
-|Schema Object Incorrect Ref (v3)<br/><sup><sub>4cac7ace-b0fb-477d-830d-65395d9109d9</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Schema With Both ReadOnly And WriteOnly<br/><sup><sub>d2361d58-361c-49f0-9e50-b957fd608b29</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
-|Security Field Undefined<br/><sup><sub>ab1263c2-81df-46f0-9f2c-0b62fdb68419</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
-|Security Operation Field Undefined<br/><sup><sub>20a482d5-c5d9-4a7a-b7a4-60d0805047b4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
-|Security Requirement Object With Wrong Scopes<br/><sup><sub>37140f7f-724a-4c87-a536-e9cee1d61533</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
-|Server Object Variable Not Used<br/><sup><sub>8aee4754-970d-4c5f-8142-a49dfe388b1a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-variable-object">Documentation</a><br/>|
-|Server URL Not Absolute<br/><sup><sub>a0bf7382-5d5a-4224-924c-3db8466026c9</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Server URL Uses Undefined Variables<br/><sup><sub>8d0921d6-4131-461f-a253-99e873f8f77e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Servers Array Undefined<br/><sup><sub>c66ebeaa-676c-40dc-a3ff-3e49395dcd5e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
-|Unknown Property (v3)<br/><sup><sub>fb7d81e7-4150-48c4-b914-92fc05da6a2f</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
+|Cleartext Credentials With Basic Authentication For Operation<br/><sup><sub>86b1fa30-9790-4980-994d-a27e0f6f27c1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1" onclick="newWindowOpenerSafe(event, '../openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Field 'securityScheme' On Components Is Undefined<br/><sup><sub>8db5544e-4874-4baa-9322-e9f75a2d219e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e" onclick="newWindowOpenerSafe(event, '../openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Global Security Scheme Using Basic Authentication<br/><sup><sub>77276d82-4f45-4cf1-8e2b-4d345b936228</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228" onclick="newWindowOpenerSafe(event, '../openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Invalid OAuth2 Authorization URL (v3)<br/><sup><sub>52c0d841-60d6-4a81-88dd-c35fef36d315</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315" onclick="newWindowOpenerSafe(event, '../openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|Invalid OAuth2 Token URL (v3)<br/><sup><sub>3ba0cca1-b815-47bf-ac62-1e584eb64a05</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05" onclick="newWindowOpenerSafe(event, '../openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|OAuth2 With Implicit Flow<br/><sup><sub>39cb32f2-3a42-4af0-8037-82a7a9654b6c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c" onclick="newWindowOpenerSafe(event, '../openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
+|OAuth2 With Password Flow<br/><sup><sub>3979b0a4-532c-4ea7-86e4-34c090eaa4f2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2" onclick="newWindowOpenerSafe(event, '../openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flows-object">Documentation</a><br/>|
+|Security Scheme HTTP Unknown Scheme<br/><sup><sub>06764426-3c56-407e-981f-caa25db1c149</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../openapi-queries/06764426-3c56-407e-981f-caa25db1c149" onclick="newWindowOpenerSafe(event, '../openapi-queries/06764426-3c56-407e-981f-caa25db1c149')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Global Server Object Uses HTTP<br/><sup><sub>2d8c175a-6d90-412b-8b0e-e034ea49a1fe</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe" onclick="newWindowOpenerSafe(event, '../openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Path Server Object Uses HTTP (v3)<br/><sup><sub>9670f240-7b4d-4955-bd93-edaa9fa38b58</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58" onclick="newWindowOpenerSafe(event, '../openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Media Type Object Without Schema<br/><sup><sub>f79b9d26-e945-44e7-98a1-b93f0f7a68a0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0" onclick="newWindowOpenerSafe(event, '../openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Parameter Object Without Schema<br/><sup><sub>8fe1846f-52cc-4413-ace9-1933d7d23672</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672" onclick="newWindowOpenerSafe(event, '../openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Object Without Schema<br/><sup><sub>50de3b5b-6465-4e06-a9b0-b4c2ba34326b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b" onclick="newWindowOpenerSafe(event, '../openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b')">Query details</a><br><a href="https://swagger.io/specification/#header-object">Documentation</a><br/>|
+|API Key Exposed In Global Security Scheme<br/><sup><sub>40e1d1bf-11a9-4f63-a3a2-a8b84c602839</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839" onclick="newWindowOpenerSafe(event, '../openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using HTTP Basic<br/><sup><sub>68e5fcac-390c-4939-a373-6074b7be7c71</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71" onclick="newWindowOpenerSafe(event, '../openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using HTTP Digest<br/><sup><sub>a4247b11-890b-45df-bf42-350a7a3af9be</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be" onclick="newWindowOpenerSafe(event, '../openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using HTTP Negotiate<br/><sup><sub>f525cc92-9050-4c41-a75c-890dc6f64449</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449" onclick="newWindowOpenerSafe(event, '../openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Security Scheme Using Oauth 1.0<br/><sup><sub>1bc3205c-0d60-44e6-84f3-44fbf4dac5b3</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3" onclick="newWindowOpenerSafe(event, '../openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|Undefined Scope 'securityScheme' On 'security' Field On Operations<br/><sup><sub>462d6a1d-fed9-4d75-bb9e-3de902f35e6e</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e" onclick="newWindowOpenerSafe(event, '../openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|Undefined Scope 'securityScheme' On Global 'security' Field<br/><sup><sub>23a9e2d9-8738-4556-a71c-2802b6ffa022</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022" onclick="newWindowOpenerSafe(event, '../openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022')">Query details</a><br><a href="https://swagger.io/specification/#oauth-flow-object">Documentation</a><br/>|
+|Additional Properties Too Permissive<br/><sup><sub>9f88c88d-824d-4d9a-b985-e22977046042</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042" onclick="newWindowOpenerSafe(event, '../openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Additional Properties Too Restrictive<br/><sup><sub>a19c3bbd-c056-40d7-9e1c-eeb0634e320d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d" onclick="newWindowOpenerSafe(event, '../openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Success Response Code Undefined for Trace Operation<br/><sup><sub>105e20dd-8449-4d71-95c6-d5dac96639af</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af" onclick="newWindowOpenerSafe(event, '../openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Components Callback Definition Is Unused<br/><sup><sub>d15db953-a553-4b8a-9a14-a3d62ea3d79d</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d" onclick="newWindowOpenerSafe(event, '../openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Example Definition Is Unused<br/><sup><sub>b05bb927-2df5-43cc-8d7b-6825c0e71625</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625" onclick="newWindowOpenerSafe(event, '../openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Header Definition Is Unused<br/><sup><sub>a68da022-e95a-4bc2-97d3-481e0bd6d446</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446" onclick="newWindowOpenerSafe(event, '../openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Link Definition Is Unused<br/><sup><sub>c19779a9-5774-4d2f-a3a1-a99831730375</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375" onclick="newWindowOpenerSafe(event, '../openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Parameter Definition Is Unused<br/><sup><sub>698a464e-bb3e-4ba8-ab5e-e6599b7644a0</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0" onclick="newWindowOpenerSafe(event, '../openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Request Body Definition Is Unused<br/><sup><sub>6b76f589-9713-44ab-97f5-59a3dba1a285</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285" onclick="newWindowOpenerSafe(event, '../openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Response Definition Is Unused<br/><sup><sub>9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae" onclick="newWindowOpenerSafe(event, '../openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Components Schema Definition Is Unused<br/><sup><sub>962fa01e-b791-4dcc-b04a-4a3e7389be5e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e" onclick="newWindowOpenerSafe(event, '../openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Encoding Header 'Content-Type' Improperly Defined<br/><sup><sub>4cd8de87-b595-48b6-ab3c-1904567135ab</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab" onclick="newWindowOpenerSafe(event, '../openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Invalid Media Type Value (v3)<br/><sup><sub>cf4a5f45-a27b-49df-843a-9911dbfe71d4</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4" onclick="newWindowOpenerSafe(event, '../openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Property 'allowEmptyValue' Ignored<br/><sup><sub>59c2f769-7cc2-49c8-a3de-4e211135cfab</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab" onclick="newWindowOpenerSafe(event, '../openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Property 'allowReserved' of Encoding Object Ignored<br/><sup><sub>4190dda7-af03-4cf0-a128-70ac1661ca09</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09" onclick="newWindowOpenerSafe(event, '../openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09')">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
+|Property 'explode' of Encoding Object Ignored<br/><sup><sub>a4dd69b8-49fa-45d2-a060-c76655405b05</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05" onclick="newWindowOpenerSafe(event, '../openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05')">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
+|Property 'style' of Encoding Object Ignored<br/><sup><sub>d3ea644a-9a5c-4fee-941f-f8a6786c0470</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470" onclick="newWindowOpenerSafe(event, '../openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470')">Query details</a><br><a href="https://swagger.io/specification/#encoding-object">Documentation</a><br/>|
+|Unknown Prefix (v3)<br/><sup><sub>a5375be3-521c-43bb-9eab-e2432e368ee4</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4" onclick="newWindowOpenerSafe(event, '../openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Callback JSON Reference Does Not Exists<br/><sup><sub>f29904c8-6041-4bca-b043-dfa0546b8079</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079" onclick="newWindowOpenerSafe(event, '../openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Callback Object With Incorrect Ref<br/><sup><sub>ba066cda-e808-450d-92b6-f29109754d45</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ba066cda-e808-450d-92b6-f29109754d45" onclick="newWindowOpenerSafe(event, '../openapi-queries/ba066cda-e808-450d-92b6-f29109754d45')">Query details</a><br><a href="https://swagger.io/specification/#callback-object">Documentation</a><br/>|
+|Components Object Fixed Field Key Improperly Named<br/><sup><sub>151331e2-11f4-4bb6-bd35-9a005e695087</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087" onclick="newWindowOpenerSafe(event, '../openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Empty Array<br/><sup><sub>5915c20f-dffa-4cee-b5d4-f457ddc0151a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a" onclick="newWindowOpenerSafe(event, '../openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a')">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
+|Encoding Map Key Mismatch Schema Defined Properties<br/><sup><sub>cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b" onclick="newWindowOpenerSafe(event, '../openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Example JSON Reference Does Not Exists<br/><sup><sub>6a2c219f-da5e-4745-941e-5ea8cde23356</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356" onclick="newWindowOpenerSafe(event, '../openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Example JSON Reference Outside Components Examples<br/><sup><sub>bac56e3c-1f71-4a74-8ae6-2fba07efcddb</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb" onclick="newWindowOpenerSafe(event, '../openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb')">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
+|Header JSON Reference Does Not Exists<br/><sup><sub>376c9390-7e9e-4cb8-a067-fd31c05451fd</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd" onclick="newWindowOpenerSafe(event, '../openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Header Object With Incorrect Ref<br/><sup><sub>2d6646f4-2946-420f-8c14-3232d49ae0cb</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb" onclick="newWindowOpenerSafe(event, '../openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Invalid Content Type For Multiple Files Upload<br/><sup><sub>26f06397-36d8-4ce7-b993-17711261d777</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/26f06397-36d8-4ce7-b993-17711261d777" onclick="newWindowOpenerSafe(event, '../openapi-queries/26f06397-36d8-4ce7-b993-17711261d777')">Query details</a><br><a href="https://swagger.io/docs/specification/describing-request-body/file-upload/">Documentation</a><br/>|
+|Link JSON Reference Does Not Exists<br/><sup><sub>801f0c6a-a834-4467-89c6-ddecffb46b5a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a" onclick="newWindowOpenerSafe(event, '../openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Link Object Incorrect Ref<br/><sup><sub>b9db8a10-020c-49ca-88c6-780e5fdb4328</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328" onclick="newWindowOpenerSafe(event, '../openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328')">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
+|Link Object OperationId Does Not Target Operation Object<br/><sup><sub>c5bb7461-aa57-470b-a714-3bc3d74f4669</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669" onclick="newWindowOpenerSafe(event, '../openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669')">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
+|Link Object With Both 'operationId' And 'operationRef'<br/><sup><sub>60fb6621-9f02-473b-9424-ba9a825747d3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3" onclick="newWindowOpenerSafe(event, '../openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3')">Query details</a><br><a href="https://swagger.io/specification/#link-object">Documentation</a><br/>|
+|Object Without Required Property (v3)<br/><sup><sub>d172a060-8569-4412-8045-3560ebd477e8</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d172a060-8569-4412-8045-3560ebd477e8" onclick="newWindowOpenerSafe(event, '../openapi-queries/d172a060-8569-4412-8045-3560ebd477e8')">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
+|Parameter JSON Reference Does Not Exists (v3)<br/><sup><sub>2e275f16-b627-4d3f-ae73-a6153a23ae8f</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f" onclick="newWindowOpenerSafe(event, '../openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Parameter Object Content With Multiple Entries<br/><sup><sub>8bfed1c6-2d59-4924-bc7f-9b9d793ed0df</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df" onclick="newWindowOpenerSafe(event, '../openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Object With Incorrect Ref (v3)<br/><sup><sub>d40f27e6-15fb-4b56-90f8-fc0ff0291c51</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51" onclick="newWindowOpenerSafe(event, '../openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Object With Schema And Content<br/><sup><sub>31dd6fc0-f274-493b-9614-e063086c19fc</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc" onclick="newWindowOpenerSafe(event, '../openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Object With Undefined Type<br/><sup><sub>46facedc-f243-4108-ab33-583b807d50b0</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/46facedc-f243-4108-ab33-583b807d50b0" onclick="newWindowOpenerSafe(event, '../openapi-queries/46facedc-f243-4108-ab33-583b807d50b0')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Property 'allowReserved' Improperly Defined<br/><sup><sub>7f203940-39c4-4ea7-91ee-7aba16bca9e2</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2" onclick="newWindowOpenerSafe(event, '../openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Request Body JSON Reference Does Not Exists<br/><sup><sub>ca02f4e8-d3ae-4832-b7db-bb037516d9e7</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7" onclick="newWindowOpenerSafe(event, '../openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Request Body Object With Incorrect Media Type<br/><sup><sub>58f06434-a88c-4f74-826c-db7e10cc7def</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def" onclick="newWindowOpenerSafe(event, '../openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def')">Query details</a><br><a href="https://swagger.io/specification/#media-type-object">Documentation</a><br/>|
+|Request Body With Incorrect Ref<br/><sup><sub>0f6cd0ab-c366-4595-84fc-fbd8b9901e4d</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d" onclick="newWindowOpenerSafe(event, '../openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d')">Query details</a><br><a href="https://swagger.io/specification/#request-body-object">Documentation</a><br/>|
+|Response JSON Reference Does Not Exists (v3)<br/><sup><sub>7a01dfbd-da62-4165-aed7-71349ad42ab4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4" onclick="newWindowOpenerSafe(event, '../openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Response Object With Incorrect Ref (v3)<br/><sup><sub>b3871dd8-9333-4d6c-bd52-67eb898b71ab</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab" onclick="newWindowOpenerSafe(event, '../openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Schema JSON Reference Does Not Exists (v3)<br/><sup><sub>015eac96-6313-43c0-84e5-81b1374fa637</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637" onclick="newWindowOpenerSafe(event, '../openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637')">Query details</a><br><a href="https://swagger.io/specification/#components-object">Documentation</a><br/>|
+|Schema Object Incorrect Ref (v3)<br/><sup><sub>4cac7ace-b0fb-477d-830d-65395d9109d9</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9" onclick="newWindowOpenerSafe(event, '../openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema With Both ReadOnly And WriteOnly<br/><sup><sub>d2361d58-361c-49f0-9e50-b957fd608b29</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29" onclick="newWindowOpenerSafe(event, '../openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Security Field Undefined<br/><sup><sub>ab1263c2-81df-46f0-9f2c-0b62fdb68419</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419" onclick="newWindowOpenerSafe(event, '../openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Security Operation Field Undefined<br/><sup><sub>20a482d5-c5d9-4a7a-b7a4-60d0805047b4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4" onclick="newWindowOpenerSafe(event, '../openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Security Requirement Object With Wrong Scopes<br/><sup><sub>37140f7f-724a-4c87-a536-e9cee1d61533</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533" onclick="newWindowOpenerSafe(event, '../openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Server Object Variable Not Used<br/><sup><sub>8aee4754-970d-4c5f-8142-a49dfe388b1a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a" onclick="newWindowOpenerSafe(event, '../openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a')">Query details</a><br><a href="https://swagger.io/specification/#server-variable-object">Documentation</a><br/>|
+|Server URL Not Absolute<br/><sup><sub>a0bf7382-5d5a-4224-924c-3db8466026c9</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9" onclick="newWindowOpenerSafe(event, '../openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Server URL Uses Undefined Variables<br/><sup><sub>8d0921d6-4131-461f-a253-99e873f8f77e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e" onclick="newWindowOpenerSafe(event, '../openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Servers Array Undefined<br/><sup><sub>c66ebeaa-676c-40dc-a3ff-3e49395dcd5e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e" onclick="newWindowOpenerSafe(event, '../openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e')">Query details</a><br><a href="https://swagger.io/specification/#server-object">Documentation</a><br/>|
+|Unknown Property (v3)<br/><sup><sub>fb7d81e7-4150-48c4-b914-92fc05da6a2f</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f" onclick="newWindowOpenerSafe(event, '../openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f')">Query details</a><br><a href="https://swagger.io/specification/">Documentation</a><br/>|
 
 ### SHARED (V2/V3)
 Below are listed queries related to OpenAPI SHARED (V2/V3):
@@ -147,146 +147,146 @@ Below are listed queries related to OpenAPI SHARED (V2/V3):
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
 |Global Security Field Has An Empty Array (v2)<br/><sup><sub>da31d54b-ad54-41dc-95eb-8b3828629213</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#security-requirement-object">Documentation</a><br/>|
-|Global Security Field Has An Empty Array (v3)<br/><sup><sub>d674aea4-ba8b-454b-bb97-88a772ea33f0</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Global Security Field Has An Empty Array (v3)<br/><sup><sub>d674aea4-ba8b-454b-bb97-88a772ea33f0</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0" onclick="newWindowOpenerSafe(event, '../openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |Global security field has an empty object (v2)<br/><sup><sub>292919fb-7b26-4454-bee9-ce29094768dd</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#security-requirement-object">Documentation</a><br/>|
-|Global security field has an empty object (v3)<br/><sup><sub>543e38f4-1eee-479e-8eb0-15257013aa0a</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Global security field has an empty object (v3)<br/><sup><sub>543e38f4-1eee-479e-8eb0-15257013aa0a</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a" onclick="newWindowOpenerSafe(event, '../openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |Global Security Field Is Undefined (v2)<br/><sup><sub>74703c89-0ea2-49ab-a7db-bf04f19f5a57</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|Global security field should be defined to prevent API to have insecure paths and have this rules defined on securityDefinitions<br><a href="https://swagger.io/specification/v2/#securityRequirementObject">Documentation</a><br/>|
-|Global Security Field Is Undefined (v3)<br/><sup><sub>8af270ce-298b-4405-9922-82a10aee7a4f</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|Global Security Field Is Undefined (v3)<br/><sup><sub>8af270ce-298b-4405-9922-82a10aee7a4f</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f" onclick="newWindowOpenerSafe(event, '../openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |No Global And Operation Security Defined (v2)<br/><sup><sub>586abcee-9653-462d-ad7b-2638a32bd6e6</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#security-requirement-object">Documentation</a><br/>|
-|No Global And Operation Security Defined (v3)<br/><sup><sub>96729c6b-7400-4d9e-9807-17f00cdde4d2</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
+|No Global And Operation Security Defined (v3)<br/><sup><sub>96729c6b-7400-4d9e-9807-17f00cdde4d2</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2" onclick="newWindowOpenerSafe(event, '../openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2')">Query details</a><br><a href="https://swagger.io/specification/#security-requirement-object">Documentation</a><br/>|
 |Security Field On Operations Has An Empty Array (v2)<br/><sup><sub>5d29effc-5d68-481f-9721-d74e5919226b</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Security Field On Operations Has An Empty Array (v3)<br/><sup><sub>663c442d-f918-4f62-b096-0bf5dcbeb655</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Security Field On Operations Has An Empty Array (v3)<br/><sup><sub>663c442d-f918-4f62-b096-0bf5dcbeb655</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655" onclick="newWindowOpenerSafe(event, '../openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Security Field On Operations Has An Empty Object Definition (v2)<br/><sup><sub>74581e3b-1d55-4323-a139-5959a7b3abc5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Security Field On Operations Has An Empty Object Definition (v3)<br/><sup><sub>baade968-7467-41e4-bf22-83ca222f5800</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/baade968-7467-41e4-bf22-83ca222f5800" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Security Field On Operations Has An Empty Object Definition (v3)<br/><sup><sub>baade968-7467-41e4-bf22-83ca222f5800</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../openapi-queries/baade968-7467-41e4-bf22-83ca222f5800" onclick="newWindowOpenerSafe(event, '../openapi-queries/baade968-7467-41e4-bf22-83ca222f5800')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Array Without Maximum Number of Items (v2)<br/><sup><sub>99eb2c95-2040-4104-9e7c-e16f7474d218</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|Array schema/parameter should have the field 'maxItems' set<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Array Without Maximum Number of Items (v3)<br/><sup><sub>6998389e-66b2-473d-8d05-c8d71ac4d04d</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Array Without Maximum Number of Items (v3)<br/><sup><sub>6998389e-66b2-473d-8d05-c8d71ac4d04d</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d" onclick="newWindowOpenerSafe(event, '../openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |JSON Object Schema Without Properties (v2)<br/><sup><sub>3d28f751-bc18-4f83-ace0-216b6086410b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|JSON Object Schema Without Properties (v3)<br/><sup><sub>9d967a2b-9d64-41a6-abea-dfc4960299bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|JSON Object Schema Without Properties (v3)<br/><sup><sub>9d967a2b-9d64-41a6-abea-dfc4960299bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd" onclick="newWindowOpenerSafe(event, '../openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |JSON Object Schema Without Type (v2)<br/><sup><sub>62d52544-82ef-4b75-8308-cad49d50212b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|JSON Object Schema Without Type (v3)<br/><sup><sub>e2ffa504-d22a-4c94-b6c5-f661849d2db7</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|JSON Object Schema Without Type (v3)<br/><sup><sub>e2ffa504-d22a-4c94-b6c5-f661849d2db7</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7" onclick="newWindowOpenerSafe(event, '../openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Pattern Undefined (v2)<br/><sup><sub>afde15cf-9444-4126-8c62-41cd79db1d1d</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|String schema/parameter/header should have 'pattern' defined.<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Pattern Undefined (v3)<br/><sup><sub>00b78adf-b83f-419c-8ed8-c6018441dd3a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Pattern Undefined (v3)<br/><sup><sub>00b78adf-b83f-419c-8ed8-c6018441dd3a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a" onclick="newWindowOpenerSafe(event, '../openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Object is Empty (v2)<br/><sup><sub>967575e5-eb44-4c24-aadb-7e33608ed30a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Schema Object is Empty (v3)<br/><sup><sub>500ce696-d501-41dd-86eb-eceb011a386f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Object is Empty (v3)<br/><sup><sub>500ce696-d501-41dd-86eb-eceb011a386f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f" onclick="newWindowOpenerSafe(event, '../openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Response on operations that should have a body has undefined schema (v2)<br/><sup><sub>31afbcb7-70e0-48bb-a31a-3374f95cf859</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
-|Response on operations that should have a body has undefined schema (v3)<br/><sup><sub>a92be1d5-d762-484a-86d6-8cd0907ba100</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
+|Response on operations that should have a body has undefined schema (v3)<br/><sup><sub>a92be1d5-d762-484a-86d6-8cd0907ba100</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100" onclick="newWindowOpenerSafe(event, '../openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100')">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
 |API Key Exposed In Global Security (v2)<br/><sup><sub>533a0d13-6e89-4551-ae33-bce14e5849c1</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.<br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
-|API Key Exposed In Global Security (v3)<br/><sup><sub>aecee30b-8ea1-4776-a99c-d6d600f0862f</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|API Key Exposed In Global Security (v3)<br/><sup><sub>aecee30b-8ea1-4776-a99c-d6d600f0862f</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f" onclick="newWindowOpenerSafe(event, '../openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
 |API Key Exposed In Operation Security (v2)<br/><sup><sub>392599e4-a4e2-403d-bc56-3fe05755782d</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.<br><a href="https://swagger.io/specification/v2/#securityDefinitionsObject">Documentation</a><br/>|
-|API Key Exposed In Operation Security (v3)<br/><sup><sub>281b8071-6226-4a43-911d-fec246d422c2</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/281b8071-6226-4a43-911d-fec246d422c2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
+|API Key Exposed In Operation Security (v3)<br/><sup><sub>281b8071-6226-4a43-911d-fec246d422c2</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../openapi-queries/281b8071-6226-4a43-911d-fec246d422c2" onclick="newWindowOpenerSafe(event, '../openapi-queries/281b8071-6226-4a43-911d-fec246d422c2')">Query details</a><br><a href="https://swagger.io/specification/#security-scheme-object">Documentation</a><br/>|
 |Array Items Has No Type (v2)<br/><sup><sub>8697a1a4-82c6-4603-8ac8-57529756744e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|Schema/Parameter array items type should be defined<br><a href="https://swagger.io/specification/v2/#format">Documentation</a><br/>|
-|Array Items Has No Type (v3)<br/><sup><sub>be0e0df7-f3d9-42a1-9b6f-d425f94872c4</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/#string">Documentation</a><br/>|
+|Array Items Has No Type (v3)<br/><sup><sub>be0e0df7-f3d9-42a1-9b6f-d425f94872c4</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4" onclick="newWindowOpenerSafe(event, '../openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4')">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/#string">Documentation</a><br/>|
 |Invalid Format (v2)<br/><sup><sub>caf1793e-95dd-4b18-8d90-8f3c0ab5bddf</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/">Documentation</a><br/>|
-|Invalid Format (v3)<br/><sup><sub>d929c031-078f-4241-b802-e224656ad890</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/d929c031-078f-4241-b802-e224656ad890" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/">Documentation</a><br/>|
+|Invalid Format (v3)<br/><sup><sub>d929c031-078f-4241-b802-e224656ad890</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/d929c031-078f-4241-b802-e224656ad890" onclick="newWindowOpenerSafe(event, '../openapi-queries/d929c031-078f-4241-b802-e224656ad890')">Query details</a><br><a href="https://swagger.io/docs/specification/data-models/data-types/">Documentation</a><br/>|
 |Maximum Length Undefined (v2)<br/><sup><sub>2ec86e48-ab90-4cb6-a131-0502afd1f442</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|String schema/parameter/header should have 'maxLength' defined.<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Maximum Length Undefined (v3)<br/><sup><sub>8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Maximum Length Undefined (v3)<br/><sup><sub>8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85" onclick="newWindowOpenerSafe(event, '../openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Numeric Schema Without Format (v2)<br/><sup><sub>3ed8fc82-c2bb-49e0-811f-c53923674c49</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Numeric Schema Without Format (v3)<br/><sup><sub>fbf699b5-ef74-4542-9cf1-f6eeac379373</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Numeric Schema Without Format (v3)<br/><sup><sub>fbf699b5-ef74-4542-9cf1-f6eeac379373</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373" onclick="newWindowOpenerSafe(event, '../openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Numeric Schema Without Maximum (v2)<br/><sup><sub>203eee11-15b6-4d47-b888-4c7f534967ee</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Numeric Schema Without Maximum (v3)<br/><sup><sub>2ea04bef-c769-409e-9179-ee3a50b5c0ac</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Numeric Schema Without Maximum (v3)<br/><sup><sub>2ea04bef-c769-409e-9179-ee3a50b5c0ac</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac" onclick="newWindowOpenerSafe(event, '../openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Numeric Schema Without Minimum (v2)<br/><sup><sub>efd1dfc8-da91-4909-a3f3-c23abc5ec799</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Numeric Schema Without Minimum (v3)<br/><sup><sub>181bd815-767e-4e95-a24d-bb3c87328e19</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Numeric Schema Without Minimum (v3)<br/><sup><sub>181bd815-767e-4e95-a24d-bb3c87328e19</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19" onclick="newWindowOpenerSafe(event, '../openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |String Schema with Broad Pattern (v2)<br/><sup><sub>e4a019f0-9af3-49c8-bf68-1939a6ff240d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|String Schema with Broad Pattern (v3)<br/><sup><sub>8c81d6c0-716b-49ec-afa5-2d62da4e3f3c</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|String Schema with Broad Pattern (v3)<br/><sup><sub>8c81d6c0-716b-49ec-afa5-2d62da4e3f3c</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c" onclick="newWindowOpenerSafe(event, '../openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Default Response Undefined On Operations (v2)<br/><sup><sub>5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#responses-object">Documentation</a><br/>|
-|Default Response Undefined On Operations (v3)<br/><sup><sub>86e3702f-c868-44b2-b61d-ea5316c18110</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Default Response Undefined On Operations (v3)<br/><sup><sub>86e3702f-c868-44b2-b61d-ea5316c18110</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110" onclick="newWindowOpenerSafe(event, '../openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
 |Response Code Missing (v2)<br/><sup><sub>6e96ed39-bf45-4089-99ba-f1fe7cf6966f</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Response Code Missing (v3)<br/><sup><sub>6c35d2c6-09f2-4e5c-a094-e0e91327071d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Response Code Missing (v3)<br/><sup><sub>6c35d2c6-09f2-4e5c-a094-e0e91327071d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d" onclick="newWindowOpenerSafe(event, '../openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Response on operations that should not have a body has declared content (v2)<br/><sup><sub>268defd2-2839-4e15-8cbc-de86eb38c231</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|If a response is head or its code is 204 or 304, it shouldn't have a schema defined<br><a href="https://swagger.io/docs/specification/2-0/describing-responses/">Documentation</a><br/>|
-|Response on operations that should not have a body has declared content (v3)<br/><sup><sub>12a7210b-f4b4-47d0-acac-0a819e2a0ca3</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3" target="_blank">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
+|Response on operations that should not have a body has declared content (v3)<br/><sup><sub>12a7210b-f4b4-47d0-acac-0a819e2a0ca3</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3" onclick="newWindowOpenerSafe(event, '../openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3')">Query details</a><br><a href="https://swagger.io/docs/specification/describing-responses/">Documentation</a><br/>|
 |Success Response Code Undefined for Delete Operation (v2)<br/><sup><sub>ad432855-b7fb-4429-92a3-93b5ce34f0b1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Delete Operation (v3)<br/><sup><sub>3b497874-ae59-46dd-8d72-1868a3b8f150</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Delete Operation (v3)<br/><sup><sub>3b497874-ae59-46dd-8d72-1868a3b8f150</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150" onclick="newWindowOpenerSafe(event, '../openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Get Operation (v2)<br/><sup><sub>9b633f3b-c94b-4fbb-a65b-1a4e9134fb63</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Get Operation (v3)<br/><sup><sub>b2f275be-7d64-4064-b418-be6b431363a7</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Get Operation (v3)<br/><sup><sub>b2f275be-7d64-4064-b418-be6b431363a7</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7" onclick="newWindowOpenerSafe(event, '../openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Head Operation (v2)<br/><sup><sub>4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Head Operation (v3)<br/><sup><sub>3b066059-f411-4554-ac8d-96f32bff90da</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Head Operation (v3)<br/><sup><sub>3b066059-f411-4554-ac8d-96f32bff90da</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da" onclick="newWindowOpenerSafe(event, '../openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Patch Operation (v2)<br/><sup><sub>f36e87cc-a209-4f37-8571-66833e4aead7</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Patch Operation (v3)<br/><sup><sub>1908a8ee-927d-4166-8f18-241152170cc1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Patch Operation (v3)<br/><sup><sub>1908a8ee-927d-4166-8f18-241152170cc1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1" onclick="newWindowOpenerSafe(event, '../openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Post Operation (v2)<br/><sup><sub>9fedee41-2e6d-4091-b011-4a16b4c18c70</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Post Operation (v3)<br/><sup><sub>f368dd2d-9344-4146-a05b-7c6faa1269ad</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Post Operation (v3)<br/><sup><sub>f368dd2d-9344-4146-a05b-7c6faa1269ad</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad" onclick="newWindowOpenerSafe(event, '../openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Success Response Code Undefined for Put Operation (v2)<br/><sup><sub>965a043f-5f3c-4d0a-be72-d9ce12fdb4d6</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<br><a href="https://swagger.io/specification/v2/#operation-object">Documentation</a><br/>|
-|Success Response Code Undefined for Put Operation (v3)<br/><sup><sub>60b5f56b-66ff-4e1c-9b62-5753e16825bc</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Success Response Code Undefined for Put Operation (v3)<br/><sup><sub>60b5f56b-66ff-4e1c-9b62-5753e16825bc</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc" onclick="newWindowOpenerSafe(event, '../openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Example Not Compliant With Schema Type (v2)<br/><sup><sub>448db771-06ea-4dee-b48c-1689cbfb4b43</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#example-object">Documentation</a><br/>|
-|Example Not Compliant With Schema Type (v3)<br/><sup><sub>881a6e71-c2a7-4fe2-b9c3-dfcf08895331</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#example-object">Documentation</a><br/>|
+|Example Not Compliant With Schema Type (v3)<br/><sup><sub>881a6e71-c2a7-4fe2-b9c3-dfcf08895331</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331" onclick="newWindowOpenerSafe(event, '../openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331')">Query details</a><br><a href="https://swagger.io/specification/#example-object">Documentation</a><br/>|
 |Header Parameter Named as 'Accept' (v2)<br/><sup><sub>3ddd74cc-6582-486c-8b0c-2b48cb38e0a3</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Header Parameter Named as 'Accept' (v3)<br/><sup><sub>f2702af5-6016-46cb-bbc8-84c766032095</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Parameter Named as 'Accept' (v3)<br/><sup><sub>f2702af5-6016-46cb-bbc8-84c766032095</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095" onclick="newWindowOpenerSafe(event, '../openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Header Parameter Named as 'Authorization' (v2)<br/><sup><sub>e2e00c97-7171-4fb4-b461-d631df9a711c</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Header Parameter Named as 'Authorization' (v3)<br/><sup><sub>8c84f75e-5048-4926-a4cb-33e7b3431300</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Parameter Named as 'Authorization' (v3)<br/><sup><sub>8c84f75e-5048-4926-a4cb-33e7b3431300</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300" onclick="newWindowOpenerSafe(event, '../openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Header Parameter Named as 'Content-Type' (v2)<br/><sup><sub>51978067-3b22-4c29-aaf3-96bf0bc28897</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Header Parameter Named as 'Content-Type' (v3)<br/><sup><sub>72d259ca-9741-48dd-9f62-eb11f2936b37</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Header Parameter Named as 'Content-Type' (v3)<br/><sup><sub>72d259ca-9741-48dd-9f62-eb11f2936b37</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37" onclick="newWindowOpenerSafe(event, '../openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Header Response Name Is Invalid (v2)<br/><sup><sub>86733e01-a435-4bd5-a8b0-5108be9dc1e4</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#response-object">Documentation</a><br/>|
-|Header Response Name Is Invalid (v3)<br/><sup><sub>d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#response-object">Documentation</a><br/>|
+|Header Response Name Is Invalid (v3)<br/><sup><sub>d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd" onclick="newWindowOpenerSafe(event, '../openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd')">Query details</a><br><a href="https://swagger.io/specification/#response-object">Documentation</a><br/>|
 |Invalid Contact Email (v2)<br/><sup><sub>d83bebc8-4e5e-4241-b783-cba9fb5a1c9a</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#contactObject">Documentation</a><br/>|
-|Invalid Contact Email (v3)<br/><sup><sub>b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
+|Invalid Contact Email (v3)<br/><sup><sub>b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7" onclick="newWindowOpenerSafe(event, '../openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7')">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
 |Invalid Contact URL (v2)<br/><sup><sub>c7000383-16d0-4509-8cd3-585e5ea2e2f2</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#contactObject">Documentation</a><br/>|
-|Invalid Contact URL (v3)<br/><sup><sub>332cf2ad-380d-4b90-b436-46f8e635cf38</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
+|Invalid Contact URL (v3)<br/><sup><sub>332cf2ad-380d-4b90-b436-46f8e635cf38</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38" onclick="newWindowOpenerSafe(event, '../openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38')">Query details</a><br><a href="https://swagger.io/specification/#contact-object">Documentation</a><br/>|
 |Invalid Global External Documentation URL (v2)<br/><sup><sub>46d3b74d-9fe9-45bf-9e9e-efb7f701ee28</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Global External Documentation URL (v3)<br/><sup><sub>b2d9dbf6-539c-4374-a1fd-210ddf5563a8</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Global External Documentation URL (v3)<br/><sup><sub>b2d9dbf6-539c-4374-a1fd-210ddf5563a8</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8" onclick="newWindowOpenerSafe(event, '../openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |Invalid License URL (v2)<br/><sup><sub>de2b4910-8484-46d6-a055-dc1e793ee3ff</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#licenseObject">Documentation</a><br/>|
-|Invalid License URL (v3)<br/><sup><sub>9239c289-9e4c-4d92-8be1-9d506057c971</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#license-object">Documentation</a><br/>|
+|Invalid License URL (v3)<br/><sup><sub>9239c289-9e4c-4d92-8be1-9d506057c971</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971" onclick="newWindowOpenerSafe(event, '../openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971')">Query details</a><br><a href="https://swagger.io/specification/#license-object">Documentation</a><br/>|
 |Invalid Operation External Documentation URL (v2)<br/><sup><sub>25635c31-ee32-4708-88e5-fced87516f51</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Operation External Documentation URL (v3)<br/><sup><sub>5ea61624-3733-4a3a-8ca4-b96fec9c5aeb</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Operation External Documentation URL (v3)<br/><sup><sub>5ea61624-3733-4a3a-8ca4-b96fec9c5aeb</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb" onclick="newWindowOpenerSafe(event, '../openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |Invalid Schema External Documentation URL (v2)<br/><sup><sub>f7fa95b7-d819-484c-9a2b-665dd1bba25e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Schema External Documentation URL (v3)<br/><sup><sub>6952a7e0-6e48-4285-bbc1-27c64e60f888</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Schema External Documentation URL (v3)<br/><sup><sub>6952a7e0-6e48-4285-bbc1-27c64e60f888</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888" onclick="newWindowOpenerSafe(event, '../openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |Invalid Tag External Documentation URL (v2)<br/><sup><sub>b4a7d925-738b-4219-99d9-87d6ee262a03</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#externalDocumentationObject">Documentation</a><br/>|
-|Invalid Tag External Documentation URL (v3)<br/><sup><sub>5aea1d7e-b834-4749-b143-2c7ec3bd5922</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
+|Invalid Tag External Documentation URL (v3)<br/><sup><sub>5aea1d7e-b834-4749-b143-2c7ec3bd5922</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922" onclick="newWindowOpenerSafe(event, '../openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922')">Query details</a><br><a href="https://swagger.io/specification/#external-documentation-object">Documentation</a><br/>|
 |JSON '$ref' alongside other properties (v2)<br/><sup><sub>f34c1c68-4773-4df0-a103-6e2ca32e585f</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#referenceObject">Documentation</a><br/>|
-|JSON '$ref' alongside other properties (v3)<br/><sup><sub>96beb800-566f-49a9-a0ea-dbdf4bc80429</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
+|JSON '$ref' alongside other properties (v3)<br/><sup><sub>96beb800-566f-49a9-a0ea-dbdf4bc80429</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429" onclick="newWindowOpenerSafe(event, '../openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429')">Query details</a><br><a href="https://swagger.io/specification/#reference-object">Documentation</a><br/>|
 |Object Using Enum With Keyword (v2)<br/><sup><sub>7f15962a-d862-451c-ac9b-84ec13747aa6</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|Schema/Parameter/Header Object properties should not contain 'enum' and schema keywords<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Object Using Enum With Keyword (v3)<br/><sup><sub>2e9b6612-8f69-42e0-a5b8-ed17739c2f3a</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Object Using Enum With Keyword (v3)<br/><sup><sub>2e9b6612-8f69-42e0-a5b8-ed17739c2f3a</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a" onclick="newWindowOpenerSafe(event, '../openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Operation Without Successful HTTP Status Code (v2)<br/><sup><sub>a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
-|Operation Without Successful HTTP Status Code (v3)<br/><sup><sub>48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|Operation Without Successful HTTP Status Code (v3)<br/><sup><sub>48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd" onclick="newWindowOpenerSafe(event, '../openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Path Without Operation (v2)<br/><sup><sub>609cd557-66b4-41fa-8edd-2abc6c7cfd08</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#pathItemObject">Documentation</a><br/>|
-|Path Without Operation (v3)<br/><sup><sub>84c826c9-1893-4b34-8cdd-db97645b4bf3</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
+|Path Without Operation (v3)<br/><sup><sub>84c826c9-1893-4b34-8cdd-db97645b4bf3</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3" onclick="newWindowOpenerSafe(event, '../openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3')">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
 |Required Property With Default Value (v2)<br/><sup><sub>f7ab6c83-ef89-40e1-8a99-32e2599fb665</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Required Property With Default Value (v3)<br/><sup><sub>013bdb4b-9246-4248-b0c3-7fb0fee42a29</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Required Property With Default Value (v3)<br/><sup><sub>013bdb4b-9246-4248-b0c3-7fb0fee42a29</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29" onclick="newWindowOpenerSafe(event, '../openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Default Invalid (v2)<br/><sup><sub>78dfd8f0-a6ee-48ec-af8c-e4d9b3292a07</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|The field 'default' of Schema/Parameter/Header Object should be consistent with the schema's/parameter's/header's type<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Default Invalid (v3)<br/><sup><sub>a96bbc06-8cde-4295-ad3c-ee343a7f658e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Default Invalid (v3)<br/><sup><sub>a96bbc06-8cde-4295-ad3c-ee343a7f658e</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e" onclick="newWindowOpenerSafe(event, '../openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Items Undefined (v2)<br/><sup><sub>3e4d34d2-36cf-4449-976d-6c256db8fc49</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Items Undefined (v3)<br/><sup><sub>a8e859da-4a43-4e7f-94b8-25d6e3bf8e90</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Items Undefined (v3)<br/><sup><sub>a8e859da-4a43-4e7f-94b8-25d6e3bf8e90</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90" onclick="newWindowOpenerSafe(event, '../openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Non-Array Schema With Items (v2)<br/><sup><sub>9d47956b-29cd-43b1-9e6e-b39a4d484353</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Non-Array Schema With Items (v3)<br/><sup><sub>20cb3159-b219-496b-8dac-54ae3ab2021a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Non-Array Schema With Items (v3)<br/><sup><sub>20cb3159-b219-496b-8dac-54ae3ab2021a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a" onclick="newWindowOpenerSafe(event, '../openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |OperationId Not Unique (v2)<br/><sup><sub>21245007-91c4-40e5-964e-40c85d1e5aa6</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#operationObject">Documentation</a><br/>|
-|OperationId Not Unique (v3)<br/><sup><sub>c254adc4-ef25-46e1-8270-b7944adb4198</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
+|OperationId Not Unique (v3)<br/><sup><sub>c254adc4-ef25-46e1-8270-b7944adb4198</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198" onclick="newWindowOpenerSafe(event, '../openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198')">Query details</a><br><a href="https://swagger.io/specification/#operation-object">Documentation</a><br/>|
 |Parameter Objects Headers With Duplicated Name (v2)<br/><sup><sub>bd2cbef5-62c4-40f1-af07-4b7f9ced6616</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameter Objects Headers With Duplicated Name (v3)<br/><sup><sub>05505192-ba2c-4a81-9b25-dcdbcc973746</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Parameter Objects Headers With Duplicated Name (v3)<br/><sup><sub>05505192-ba2c-4a81-9b25-dcdbcc973746</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746" onclick="newWindowOpenerSafe(event, '../openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Parameters Name In Combination Not Unique (v2)<br/><sup><sub>ab871897-ec02-4835-9818-702536ee1dda</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Parameters Name In Combination Not Unique (v3)<br/><sup><sub>f5b2e6af-76f5-496d-8482-8f898c5fdb4a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameters-object">Documentation</a><br/>|
+|Parameters Name In Combination Not Unique (v3)<br/><sup><sub>f5b2e6af-76f5-496d-8482-8f898c5fdb4a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a" onclick="newWindowOpenerSafe(event, '../openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a')">Query details</a><br><a href="https://swagger.io/specification/#parameters-object">Documentation</a><br/>|
 |Path Is Ambiguous (v2)<br/><sup><sub>b2468463-3ac4-4930-890c-f35b2bf4485d</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathItemObject">Documentation</a><br/>|
-|Path Is Ambiguous (v3)<br/><sup><sub>237402e2-c2f0-46c9-9cf5-286160cf7bfc</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
+|Path Is Ambiguous (v3)<br/><sup><sub>237402e2-c2f0-46c9-9cf5-286160cf7bfc</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc" onclick="newWindowOpenerSafe(event, '../openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc')">Query details</a><br><a href="https://swagger.io/specification/#path-item-object">Documentation</a><br/>|
 |Path Parameter Not Required (v2)<br/><sup><sub>ccd0613f-cb77-4684-a892-183bd2674d12</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Path Parameter Not Required (v3)<br/><sup><sub>0de50145-e845-47f4-9a15-23bcf2125710</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Path Parameter Not Required (v3)<br/><sup><sub>0de50145-e845-47f4-9a15-23bcf2125710</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710" onclick="newWindowOpenerSafe(event, '../openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Path Parameter With No Corresponding Template Path (v2)<br/><sup><sub>194ef1f8-360e-4c14-8ed2-e83e2bafa142</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathTemplating">Documentation</a><br/>|
-|Path Parameter With No Corresponding Template Path (v3)<br/><sup><sub>69d7aefd-149d-47b8-8d89-1c2181a8067b</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b" target="_blank">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
+|Path Parameter With No Corresponding Template Path (v3)<br/><sup><sub>69d7aefd-149d-47b8-8d89-1c2181a8067b</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b" onclick="newWindowOpenerSafe(event, '../openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b')">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
 |Path Template is Empty (v2)<br/><sup><sub>c201b7ad-6173-4598-a407-5edb04a1bcd7</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathsObject">Documentation</a><br/>|
-|Path Template is Empty (v3)<br/><sup><sub>ae13a37d-943b-47a7-a970-83c8598bcca3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
+|Path Template is Empty (v3)<br/><sup><sub>ae13a37d-943b-47a7-a970-83c8598bcca3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3" onclick="newWindowOpenerSafe(event, '../openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3')">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
 |Paths Object is Empty (v2)<br/><sup><sub>3e6c7b1c-8a8d-43ab-98b9-65159f44db4a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#pathsObject">Documentation</a><br/>|
-|Paths Object is Empty (v3)<br/><sup><sub>815021c8-a50c-46d9-b192-24f71072c400</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/815021c8-a50c-46d9-b192-24f71072c400" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
+|Paths Object is Empty (v3)<br/><sup><sub>815021c8-a50c-46d9-b192-24f71072c400</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/815021c8-a50c-46d9-b192-24f71072c400" onclick="newWindowOpenerSafe(event, '../openapi-queries/815021c8-a50c-46d9-b192-24f71072c400')">Query details</a><br><a href="https://swagger.io/specification/#paths-object">Documentation</a><br/>|
 |Properties Missing Required Property (v2)<br/><sup><sub>71beb6ab-8b70-4816-a9ac-a0ff1fb22a62</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Properties Missing Required Property (v3)<br/><sup><sub>3fb03214-25d4-4bd4-867c-c2d8d708a483</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Properties Missing Required Property (v3)<br/><sup><sub>3fb03214-25d4-4bd4-867c-c2d8d708a483</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483" onclick="newWindowOpenerSafe(event, '../openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Property 'allowEmptyValue' Improperly Defined (v2)<br/><sup><sub>0bc1477d-0922-478b-ae16-674a7634a1a8</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Property 'allowEmptyValue' Improperly Defined (v3)<br/><sup><sub>4bcbcd52-3028-469f-bc14-02c7dbba2df2</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
+|Property 'allowEmptyValue' Improperly Defined (v3)<br/><sup><sub>4bcbcd52-3028-469f-bc14-02c7dbba2df2</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2" onclick="newWindowOpenerSafe(event, '../openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2')">Query details</a><br><a href="https://swagger.io/specification/#parameter-object">Documentation</a><br/>|
 |Property Defining Minimum Greater Than Maximum (v2)<br/><sup><sub>b5102ea9-6527-4bb7-94fc-9b4076150e55</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Property Defining Minimum Greater Than Maximum (v3)<br/><sup><sub>ab2af219-cd08-4233-b5a1-a788aac88b51</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Property Defining Minimum Greater Than Maximum (v3)<br/><sup><sub>ab2af219-cd08-4233-b5a1-a788aac88b51</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51" onclick="newWindowOpenerSafe(event, '../openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Responses Object Is Empty (v2)<br/><sup><sub>6172e7ab-d2b7-45f8-a7db-1603931d8ba3</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#responsesObject">Documentation</a><br/>|
-|Responses Object Is Empty (v3)<br/><sup><sub>990eaf09-d6f1-4c3c-b174-a517b1de8917</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Responses Object Is Empty (v3)<br/><sup><sub>990eaf09-d6f1-4c3c-b174-a517b1de8917</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917" onclick="newWindowOpenerSafe(event, '../openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
 |Responses With Wrong HTTP Status Code (v2)<br/><sup><sub>069a5378-2091-43f0-aa3b-ee8f20996e99</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#parameterObject">Documentation</a><br/>|
-|Responses With Wrong HTTP Status Code (v3)<br/><sup><sub>d86655c0-92f6-4ffc-b4d5-5b5775804c27</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
+|Responses With Wrong HTTP Status Code (v3)<br/><sup><sub>d86655c0-92f6-4ffc-b4d5-5b5775804c27</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27" onclick="newWindowOpenerSafe(event, '../openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27')">Query details</a><br><a href="https://swagger.io/specification/#responses-object">Documentation</a><br/>|
 |Schema Discriminator Mismatch Defined Properties (v2)<br/><sup><sub>addc0eab-27f6-4c26-8526-d2ccd3732662</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Discriminator Mismatch Defined Properties (v3)<br/><sup><sub>40d3df21-c170-4dbe-9c02-4289b51f994f</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Discriminator Mismatch Defined Properties (v3)<br/><sup><sub>40d3df21-c170-4dbe-9c02-4289b51f994f</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f" onclick="newWindowOpenerSafe(event, '../openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Discriminator Not Required (v2)<br/><sup><sub>be6a3722-af60-438c-b1b9-2a03e2958ab7</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Discriminator Not Required (v3)<br/><sup><sub>b481d46c-9c61-480f-86d9-af07146dc4a4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Discriminator Not Required (v3)<br/><sup><sub>b481d46c-9c61-480f-86d9-af07146dc4a4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4" onclick="newWindowOpenerSafe(event, '../openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Discriminator Property Not String (v2)<br/><sup><sub>949376f1-f560-4c6d-a016-63424ca931bb</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Discriminator Property Not String (v3)<br/><sup><sub>dadc2f36-1f5a-46c0-8289-75e626583123</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#discriminator-object">Documentation</a><br/>|
+|Schema Discriminator Property Not String (v3)<br/><sup><sub>dadc2f36-1f5a-46c0-8289-75e626583123</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123" onclick="newWindowOpenerSafe(event, '../openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123')">Query details</a><br><a href="https://swagger.io/specification/#discriminator-object">Documentation</a><br/>|
 |Schema Enum Invalid (v2)<br/><sup><sub>8fe6d18a-ad4c-4397-8884-e3a9da57f4c9</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schema-object">Documentation</a><br/>|
-|Schema Enum Invalid (v3)<br/><sup><sub>03856cb2-e46c-4daf-bfbf-214ec93c882b</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Enum Invalid (v3)<br/><sup><sub>03856cb2-e46c-4daf-bfbf-214ec93c882b</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b" onclick="newWindowOpenerSafe(event, '../openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Has A Required Property Undefined (v2)<br/><sup><sub>811762c8-2e99-4f70-88f9-a63875a953b1</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Schema Has A Required Property Undefined (v3)<br/><sup><sub>2bd608ae-8a1f-457f-b710-c237883cb313</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Has A Required Property Undefined (v3)<br/><sup><sub>2bd608ae-8a1f-457f-b710-c237883cb313</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313" onclick="newWindowOpenerSafe(event, '../openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Object Properties With Duplicated Keys (v2)<br/><sup><sub>ded017bf-fb13-4f8d-868b-84aebcc572ad</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Schema Object Properties With Duplicated Keys (v3)<br/><sup><sub>10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Object Properties With Duplicated Keys (v3)<br/><sup><sub>10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa" onclick="newWindowOpenerSafe(event, '../openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Schema Object With Circular Ref (v2)<br/><sup><sub>cbff2508-85c9-4448-a8b3-770070edf5ca</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://swagger.io/specification/v2/#definitionsObject">Documentation</a><br/>|
-|Schema Object With Circular Ref (v3)<br/><sup><sub>1a1aea94-745b-40a7-b860-0702ea6ee636</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Schema Object With Circular Ref (v3)<br/><sup><sub>1a1aea94-745b-40a7-b860-0702ea6ee636</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636" onclick="newWindowOpenerSafe(event, '../openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
 |Template Path With No Corresponding Path Parameter (v2)<br/><sup><sub>e7656d8d-7288-4bbe-b07b-22b389be75ce</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/2.0.md#path-templating">Documentation</a><br/>|
-|Template Path With No Corresponding Path Parameter (v3)<br/><sup><sub>561710b1-b845-4562-95ce-2397a05ccef4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4" target="_blank">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
+|Template Path With No Corresponding Path Parameter (v3)<br/><sup><sub>561710b1-b845-4562-95ce-2397a05ccef4</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4" onclick="newWindowOpenerSafe(event, '../openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4')">Query details</a><br><a href="https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#pathTemplating">Documentation</a><br/>|
 |Type Has Invalid Keyword (v2)<br/><sup><sub>492c6cbb-f3f8-4807-aa4f-42b8b1c46b59</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|Schema/Parameter/Header Object define type should not use a keyword of another type<br><a href="https://swagger.io/specification/v2/#schemaObject">Documentation</a><br/>|
-|Type Has Invalid Keyword (v3)<br/><sup><sub>a9228976-10cf-4b5f-b902-9e962aad037a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a" target="_blank">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
+|Type Has Invalid Keyword (v3)<br/><sup><sub>a9228976-10cf-4b5f-b902-9e962aad037a</sub></sup>|<span style="color:#5bc0de">Info</span>|Structure and Semantics|<a href="../openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a" onclick="newWindowOpenerSafe(event, '../openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a')">Query details</a><br><a href="https://swagger.io/specification/#schema-object">Documentation</a><br/>|
diff --git a/docs/queries/pulumi-queries.md b/docs/queries/pulumi-queries.md
index 011004deff8..0d96bd90041 100644
--- a/docs/queries/pulumi-queries.md
+++ b/docs/queries/pulumi-queries.md
@@ -8,21 +8,21 @@ Below are listed queries related to Pulumi AWS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>bccb296f-362c-4b05-9221-86d1437a1016</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dms/replicationinstance/">Documentation</a><br/>|
-|DynamoDB Table Not Encrypted<br/><sup><sub>b6a7e0ae-aed8-4a19-a993-a95760bf8836</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#serversideencryption_yaml">Documentation</a><br/>|
-|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>9b18fc19-7fb8-49b1-8452-9c757c70f926</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#azmode_yaml">Documentation</a><br/>|
-|ElastiCache Redis Cluster Without Backup<br/><sup><sub>e93bbe63-a631-4c0f-b6ef-700d48441ff2</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#snapshotretentionlimit_yaml">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>f27791a5-e2ae-4905-8910-6f995c576d09</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#clientcertificateid_yaml">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>647de8aa-5a42-41b5-9faf-22136f117380</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/rds/instance/#publiclyaccessible_yaml">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>00603add-7f72-448f-a6c0-9e456a7a3f94</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#enforcehttps_yaml">Documentation</a><br/>|
-|API Gateway Access Logging Disabled<br/><sup><sub>bf4b48b9-fc1f-4552-984a-4becdb5bf503</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#accesslogsettings_yaml">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>2ca87964-fe7e-4cdc-899c-427f0f3525f8</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/docdb/cluster/#enabledcloudwatchlogsexports_yaml">Documentation</a><br/>|
-|EC2 Instance Monitoring Disabled<br/><sup><sub>daa581ef-731c-4121-832d-cf078f67759d</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#monitoring_yaml">Documentation</a><br/>|
-|Elasticsearch Logs Disabled<br/><sup><sub>a1120ee4-a712-42d9-8fb5-22595fed643b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#logpublishingoptions_yaml">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>9850d621-7485-44f7-8bdd-b3cf426315cf</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/iam/accountpasswordpolicy/#minimumpasswordlength_yaml">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>abcefee4-a0c1-4245-9f82-a473f79a9e2f</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ecs/cluster/#settings_yaml">Documentation</a><br/>|
-|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>327b0729-4c5c-4c44-8b5c-e476cd9c7290</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#pointintimerecovery_yaml">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>d991e4ae-42ab-429b-ab43-d5e5fa9ca633</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#ebsoptimized_yaml">Documentation</a><br/>|
+|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>bccb296f-362c-4b05-9221-86d1437a1016</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dms/replicationinstance/">Documentation</a><br/>|
+|DynamoDB Table Not Encrypted<br/><sup><sub>b6a7e0ae-aed8-4a19-a993-a95760bf8836</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#serversideencryption_yaml">Documentation</a><br/>|
+|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>9b18fc19-7fb8-49b1-8452-9c757c70f926</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#azmode_yaml">Documentation</a><br/>|
+|ElastiCache Redis Cluster Without Backup<br/><sup><sub>e93bbe63-a631-4c0f-b6ef-700d48441ff2</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticache/cluster/#snapshotretentionlimit_yaml">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>f27791a5-e2ae-4905-8910-6f995c576d09</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#clientcertificateid_yaml">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>647de8aa-5a42-41b5-9faf-22136f117380</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/rds/instance/#publiclyaccessible_yaml">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>00603add-7f72-448f-a6c0-9e456a7a3f94</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#enforcehttps_yaml">Documentation</a><br/>|
+|API Gateway Access Logging Disabled<br/><sup><sub>bf4b48b9-fc1f-4552-984a-4becdb5bf503</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/apigatewayv2/stage/#accesslogsettings_yaml">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>2ca87964-fe7e-4cdc-899c-427f0f3525f8</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/docdb/cluster/#enabledcloudwatchlogsexports_yaml">Documentation</a><br/>|
+|EC2 Instance Monitoring Disabled<br/><sup><sub>daa581ef-731c-4121-832d-cf078f67759d</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#monitoring_yaml">Documentation</a><br/>|
+|Elasticsearch Logs Disabled<br/><sup><sub>a1120ee4-a712-42d9-8fb5-22595fed643b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/elasticsearch/domain/#logpublishingoptions_yaml">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>9850d621-7485-44f7-8bdd-b3cf426315cf</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/iam/accountpasswordpolicy/#minimumpasswordlength_yaml">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>abcefee4-a0c1-4245-9f82-a473f79a9e2f</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ecs/cluster/#settings_yaml">Documentation</a><br/>|
+|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>327b0729-4c5c-4c44-8b5c-e476cd9c7290</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/dynamodb/table/#pointintimerecovery_yaml">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>d991e4ae-42ab-429b-ab43-d5e5fa9ca633</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633" onclick="newWindowOpenerSafe(event, '../pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/aws/api-docs/ec2/instance/#ebsoptimized_yaml">Documentation</a><br/>|
 
 ### AZURE
 Below are listed queries related to Pulumi AZURE:
@@ -31,8 +31,8 @@ Below are listed queries related to Pulumi AZURE:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Storage Account Not Forcing HTTPS<br/><sup><sub>cb8e4bf0-903d-45c6-a278-9a947d82a27b</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/storage/storageaccount/#enablehttpstrafficonly_yaml">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>49e30ac8-f58e-4222-b488-3dcb90158ec1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/cache/redis/#enablenonsslport_yaml">Documentation</a><br/>|
+|Storage Account Not Forcing HTTPS<br/><sup><sub>cb8e4bf0-903d-45c6-a278-9a947d82a27b</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b" onclick="newWindowOpenerSafe(event, '../pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/storage/storageaccount/#enablehttpstrafficonly_yaml">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>49e30ac8-f58e-4222-b488-3dcb90158ec1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1" onclick="newWindowOpenerSafe(event, '../pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/azure-native/api-docs/cache/redis/#enablenonsslport_yaml">Documentation</a><br/>|
 
 ### GCP
 Below are listed queries related to Pulumi GCP:
@@ -41,8 +41,8 @@ Below are listed queries related to Pulumi GCP:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>965e8830-2bec-4b9b-a7f0-24dbc200a68f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/compute/sslpolicy/#mintlsversion_yaml">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>48f7e44d-d1d1-44c2-b336-9f11b65c4fb0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/storage/bucket/#logging_yaml">Documentation</a><br/>|
+|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>965e8830-2bec-4b9b-a7f0-24dbc200a68f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f" onclick="newWindowOpenerSafe(event, '../pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/compute/sslpolicy/#mintlsversion_yaml">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>48f7e44d-d1d1-44c2-b336-9f11b65c4fb0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0" onclick="newWindowOpenerSafe(event, '../pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/gcp/api-docs/storage/bucket/#logging_yaml">Documentation</a><br/>|
 
 ### KUBERNETES
 Below are listed queries related to Pulumi KUBERNETES:
@@ -51,5 +51,5 @@ Below are listed queries related to Pulumi KUBERNETES:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|PSP Set To Privileged<br/><sup><sub>ee305555-6b1d-4055-94cf-e22131143c34</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/policy/v1beta1/podsecuritypolicy/#privileged_yaml">Documentation</a><br/>|
-|Missing App Armor Config<br/><sup><sub>95588189-1abd-4df1-9588-b0a5034f9e87</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87" target="_blank">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/core/v1/pod/#objectmeta">Documentation</a><br/>|
+|PSP Set To Privileged<br/><sup><sub>ee305555-6b1d-4055-94cf-e22131143c34</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34" onclick="newWindowOpenerSafe(event, '../pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/policy/v1beta1/podsecuritypolicy/#privileged_yaml">Documentation</a><br/>|
+|Missing App Armor Config<br/><sup><sub>95588189-1abd-4df1-9588-b0a5034f9e87</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87" onclick="newWindowOpenerSafe(event, '../pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87')">Query details</a><br><a href="https://www.pulumi.com/registry/packages/kubernetes/api-docs/core/v1/pod/#objectmeta">Documentation</a><br/>|
diff --git a/docs/queries/serverlessfw-queries.md b/docs/queries/serverlessfw-queries.md
index 70d7cea18aa..074cf61794c 100644
--- a/docs/queries/serverlessfw-queries.md
+++ b/docs/queries/serverlessfw-queries.md
@@ -3,13 +3,13 @@ This page contains all queries from ServerlessFW.
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Serverless Role With Full Privileges<br/><sup><sub>59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/iam">Documentation</a><br/>|
-|Serverless Function Without Unique IAM Role<br/><sup><sub>165aae3b-a56a-48f3-b76d-d2b5083f5b8f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#functions">Documentation</a><br/>|
-|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>4495bc5d-4d1e-4a26-ae92-152d18195648</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#kms-keys">Documentation</a><br/>|
-|Serverless API Endpoint Config Not Private<br/><sup><sub>4d424558-c6d1-453c-be98-9a7f877abd9a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#configuring-endpoint-types">Documentation</a><br/>|
-|Serverless API Access Logging Setting Undefined<br/><sup><sub>a4d32883-aac7-42e1-b403-9415af0f3846</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#logs">Documentation</a><br/>|
-|Serverless API X-Ray Tracing Disabled<br/><sup><sub>434945e5-4dfd-41b1-aba1-47075ccd9265</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#aws-x-ray-tracing">Documentation</a><br/>|
-|Serverless API Without Content Encoding<br/><sup><sub>d5d1fe08-89db-440c-8725-b93223387309</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#compression">Documentation</a><br/>|
-|Serverless Function Without Dead Letter Queue<br/><sup><sub>dec7bc85-d156-4f64-9a33-96ed3d9f3fed</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#dead-letter-queue-dlq">Documentation</a><br/>|
-|Serverless Function Without Tags<br/><sup><sub>f99d3482-fa8c-4f79-bad9-35212dded164</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#tags">Documentation</a><br/>|
-|Serverless Function Without X-Ray Tracing<br/><sup><sub>0d7ef70f-e176-44e6-bdba-add3e429788d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d" target="_blank">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#aws-x-ray-tracing">Documentation</a><br/>|
+|Serverless Role With Full Privileges<br/><sup><sub>59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/iam">Documentation</a><br/>|
+|Serverless Function Without Unique IAM Role<br/><sup><sub>165aae3b-a56a-48f3-b76d-d2b5083f5b8f</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#functions">Documentation</a><br/>|
+|Serverless Function Environment Variables Not Encrypted<br/><sup><sub>4495bc5d-4d1e-4a26-ae92-152d18195648</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#kms-keys">Documentation</a><br/>|
+|Serverless API Endpoint Config Not Private<br/><sup><sub>4d424558-c6d1-453c-be98-9a7f877abd9a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#configuring-endpoint-types">Documentation</a><br/>|
+|Serverless API Access Logging Setting Undefined<br/><sup><sub>a4d32883-aac7-42e1-b403-9415af0f3846</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#logs">Documentation</a><br/>|
+|Serverless API X-Ray Tracing Disabled<br/><sup><sub>434945e5-4dfd-41b1-aba1-47075ccd9265</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#aws-x-ray-tracing">Documentation</a><br/>|
+|Serverless API Without Content Encoding<br/><sup><sub>d5d1fe08-89db-440c-8725-b93223387309</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/events/apigateway#compression">Documentation</a><br/>|
+|Serverless Function Without Dead Letter Queue<br/><sup><sub>dec7bc85-d156-4f64-9a33-96ed3d9f3fed</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#dead-letter-queue-dlq">Documentation</a><br/>|
+|Serverless Function Without Tags<br/><sup><sub>f99d3482-fa8c-4f79-bad9-35212dded164</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#tags">Documentation</a><br/>|
+|Serverless Function Without X-Ray Tracing<br/><sup><sub>0d7ef70f-e176-44e6-bdba-add3e429788d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d" onclick="newWindowOpenerSafe(event, '../serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d')">Query details</a><br><a href="https://www.serverless.com/framework/docs/providers/aws/guide/functions#aws-x-ray-tracing">Documentation</a><br/>|
diff --git a/docs/queries/terraform-queries.md b/docs/queries/terraform-queries.md
index dfa661fb6a6..f8813937b4e 100644
--- a/docs/queries/terraform-queries.md
+++ b/docs/queries/terraform-queries.md
@@ -8,62 +8,62 @@ Below are listed queries related to Terraform ALICLOUD:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|OSS Bucket Allows All Actions From All Principals<br/><sup><sub>ec62a32c-a297-41ca-a850-cab40b42094a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|OSS Bucket Allows Delete Action From All Principals<br/><sup><sub>8c0695d8-2378-4cd6-8243-7fd5894fa574</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|OSS Bucket Allows Put Action From All Principals<br/><sup><sub>fe286195-e75c-4359-bd58-00847c4f855a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>faaefc15-51a5-419e-bb5e-51a4b5ab3485</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#address">Documentation</a><br/>|
-|OSS Bucket Allows List Action From All Principals<br/><sup><sub>88541597-6f88-42c8-bac6-7e0b855e8ff6</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|OSS Bucket Public Access Enabled<br/><sup><sub>62232513-b16f-4010-83d7-51d0e1d45426</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#acl">Documentation</a><br/>|
-|Ecs Data Disk Kms Key Id Undefined<br/><sup><sub>f262118c-1ac6-4bb3-8495-cc48f1775b85</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#kms_key_id">Documentation</a><br/>|
-|Launch Template Is Not Encrypted<br/><sup><sub>1455cb21-1d48-46d6-8ae3-cef911b71fd5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/launch_template#encrypted">Documentation</a><br/>|
-|NAS File System Not Encrypted<br/><sup><sub>67bfdff1-31ce-4525-b564-e94368735360</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#encrypt_type">Documentation</a><br/>|
-|NAS File System Without KMS<br/><sup><sub>5f670f9d-b1b4-4c90-8618-2288f1ab9676</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#kms_key_id">Documentation</a><br/>|
-|RDS Instance TDE Status Disabled<br/><sup><sub>44d434ca-a9bf-4203-8828-4c81a8d5a598</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#tde_status">Documentation</a><br/>|
-|OSS Bucket Has Static Website<br/><sup><sub>2b13c6ff-b87a-484d-86fd-21ef6e97d426</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#website">Documentation</a><br/>|
-|OSS Bucket Ip Restriction Disabled<br/><sup><sub>6107c530-7178-464a-88bc-df9cdd364ac8</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|Public Security Group Rule All Ports or Protocols<br/><sup><sub>60587dbd-6b67-432e-90f7-a8cf1892d968</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
-|Public Security Group Rule Sensitive Port<br/><sup><sub>2ae9d554-23fb-4065-bfd1-fe43d5f7c419</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
-|Public Security Group Rule Unknown Port<br/><sup><sub>dd706080-b7a8-47dc-81fb-3e8184430ec0</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
-|ActionTrail Trail OSS Bucket is Publicly Accessible<br/><sup><sub>69b5d7da-a5db-4db9-a42e-90b65d0efb0b</sub></sup>|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail">Documentation</a><br/>|
-|Ram Policy Admin Access Not Attached to Users Groups Roles<br/><sup><sub>e8e62026-da63-4904-b402-65adfe3ca975</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_policy">Documentation</a><br/>|
-|Ram Policy Attached to User<br/><sup><sub>66505003-7aba-45a1-8d83-5162d5706ef5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_user_policy_attachment">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>ed6e3ba0-278f-47b6-a1f5-173576b40b7e</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
-|OSS Bucket Versioning Disabled<br/><sup><sub>70919c0b-2548-4e6b-8d7a-3d84ab6dabba</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#versioning">Documentation</a><br/>|
-|ROS Stack Retention Disabled<br/><sup><sub>4bb06fa1-2114-4a00-b7b5-6aeab8b896f0</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack_instance#retain_stacks">Documentation</a><br/>|
-|ROS Stack Without Template<br/><sup><sub>92d65c51-5d82-4507-a2a1-d252e9706855</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>39750e32-3fe9-453b-8c33-dd277acdb2cc</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#encrypted">Documentation</a><br/>|
-|OSS Bucket Encryption Using CMK Disabled<br/><sup><sub>f20e97f9-4919-43f1-9be9-f203cd339cdd</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#server_side_encryption_rule">Documentation</a><br/>|
-|SLB Policy With Insecure TLS Version In Use<br/><sup><sub>dbfc834a-56e5-4750-b5da-73fda8e73f70</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/slb_tls_cipher_policy">Documentation</a><br/>|
-|CS Kubernetes Node Pool Auto Repair Disabled<br/><sup><sub>81ce9394-013d-4731-8fcc-9d229b474073</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes_node_pool#auto_repair">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>1b4565c0-4877-49ac-ab03-adebbccd42ae</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#security_ips">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>ee3b1557-9fb5-4685-a95d-93f1edf2a0d7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/alb_listener">Documentation</a><br/>|
-|API Gateway API Protocol Not HTTPS<br/><sup><sub>1bcdf9f0-b1aa-40a4-b8c6-cd7785836843</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/api_gateway_api#protocol">Documentation</a><br/>|
-|OSS Buckets Secure Transport Disabled<br/><sup><sub>c01d10de-c468-4790-b3a0-fc887a56f289</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
-|RDS Instance SSL Action Disabled<br/><sup><sub>7a1ee8a9-71be-4b11-bb70-efb62d16863b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#ssl_action">Documentation</a><br/>|
-|Action Trail Logging For All Regions Disabled<br/><sup><sub>c065b98e-1515-4991-9dca-b602bd6a2fbb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail#trail_region">Documentation</a><br/>|
-|OSS Bucket Logging Disabled<br/><sup><sub>05db341e-de7d-4972-a106-3e2bd5ee53e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#logging">Documentation</a><br/>|
-|RDS Instance Events Not Logged<br/><sup><sub>b9c524a4-fe76-4021-a6a2-cb978fb4fde1</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_audit">Documentation</a><br/>|
-|RDS Instance Log Connections Disabled<br/><sup><sub>140869ea-25f2-40d4-a595-0c0da135114e</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
-|RDS Instance Log Disconnections Disabled<br/><sup><sub>d53f4123-f8d8-4224-8cb3-f920b151cc98</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
-|RDS Instance Log Duration Disabled<br/><sup><sub>a597e05a-c065-44e7-9cc8-742f572a504a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
-|VPC Flow Logs Disabled<br/><sup><sub>d2731f3d-a992-44ed-812e-f4f1c2747d71</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc_flow_log">Documentation</a><br/>|
-|No ROS Stack Policy<br/><sup><sub>72ceb736-0aee-43ea-a191-3a69ab135681</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
-|High KMS Key Rotation Period<br/><sup><sub>cb319d87-b90f-485e-a7e7-f2408380f309</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key">Documentation</a><br/>|
-|Ram Account Password Policy Max Login Attempts Unrecommended<br/><sup><sub>e76fd7ab-7333-40c6-a2d8-ea28af4a319e</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_login_attempts">Documentation</a><br/>|
-|Ram Account Password Policy Max Password Age Unrecommended<br/><sup><sub>2bb13841-7575-439e-8e0a-cccd9ede2fa8</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_password_age">Documentation</a><br/>|
-|RAM Account Password Policy without Reuse Prevention<br/><sup><sub>a8128dd2-89b0-464b-98e9-5d629041dfe0</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
-|RAM Security Preference Not Enforce MFA Login<br/><sup><sub>dcda2d32-e482-43ee-a926-75eaabeaa4e0</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_security_preference#enforce_mfa_for_login">Documentation</a><br/>|
-|OSS Bucket Transfer Acceleration Disabled<br/><sup><sub>8f98334a-99aa-4d85-b72a-1399ca010413</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#transfer_acceleration">Documentation</a><br/>|
-|OSS Bucket Lifecycle Rule Disabled<br/><sup><sub>7db8bd7e-9772-478c-9ec5-4bc202c5686f</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#lifecycle_rule">Documentation</a><br/>|
-|Kubernetes Cluster Without Terway as CNI Network Plugin<br/><sup><sub>b9b7ada8-3868-4a35-854e-6100a2bb863d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes#cluster_network_type">Documentation</a><br/>|
-|Log Retention Is Not Greater Than 90 Days<br/><sup><sub>ed6cf6ff-9a1f-491c-9f88-e03c0807f390</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_store#retention_period">Documentation</a><br/>|
-|RDS Instance Retention Period Not Recommended<br/><sup><sub>dc158941-28ce-481d-a7fa-dc80761edf46</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#sql_collector_config_value">Documentation</a><br/>|
-|ROS Stack Notifications Disabled<br/><sup><sub>9ef08939-ea40-489c-8851-667870b2ef50</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack#notification_urls">Documentation</a><br/>|
-|Ram Account Password Policy Not Require At Least one Lowercase Character<br/><sup><sub>89143358-cec6-49f5-9392-920c591c669c</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_lowercase_characters">Documentation</a><br/>|
-|RAM Account Password Policy Not Require at Least one Uppercase Character<br/><sup><sub>5e0fb613-ba9b-44c3-88f0-b44188466bfd</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_uppercase_characters">Documentation</a><br/>|
-|Ram Account Password Policy Not Required Minimum Length<br/><sup><sub>a9dfec39-a740-4105-bbd6-721ba163c053</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#minimum_password_length">Documentation</a><br/>|
-|Ram Account Password Policy Not Required Numbers<br/><sup><sub>063234c0-91c0-4ab5-bbd0-47ddb5f23786</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_numbers">Documentation</a><br/>|
-|RAM Account Password Policy Not Required Symbols<br/><sup><sub>41a38329-d81b-4be4-aef4-55b2615d3282</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_symbols">Documentation</a><br/>|
+|OSS Bucket Allows All Actions From All Principals<br/><sup><sub>ec62a32c-a297-41ca-a850-cab40b42094a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|OSS Bucket Allows Delete Action From All Principals<br/><sup><sub>8c0695d8-2378-4cd6-8243-7fd5894fa574</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|OSS Bucket Allows Put Action From All Principals<br/><sup><sub>fe286195-e75c-4359-bd58-00847c4f855a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>faaefc15-51a5-419e-bb5e-51a4b5ab3485</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#address">Documentation</a><br/>|
+|OSS Bucket Allows List Action From All Principals<br/><sup><sub>88541597-6f88-42c8-bac6-7e0b855e8ff6</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|OSS Bucket Public Access Enabled<br/><sup><sub>62232513-b16f-4010-83d7-51d0e1d45426</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#acl">Documentation</a><br/>|
+|Ecs Data Disk Kms Key Id Undefined<br/><sup><sub>f262118c-1ac6-4bb3-8495-cc48f1775b85</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#kms_key_id">Documentation</a><br/>|
+|Launch Template Is Not Encrypted<br/><sup><sub>1455cb21-1d48-46d6-8ae3-cef911b71fd5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/launch_template#encrypted">Documentation</a><br/>|
+|NAS File System Not Encrypted<br/><sup><sub>67bfdff1-31ce-4525-b564-e94368735360</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#encrypt_type">Documentation</a><br/>|
+|NAS File System Without KMS<br/><sup><sub>5f670f9d-b1b4-4c90-8618-2288f1ab9676</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nas_file_system#kms_key_id">Documentation</a><br/>|
+|RDS Instance TDE Status Disabled<br/><sup><sub>44d434ca-a9bf-4203-8828-4c81a8d5a598</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#tde_status">Documentation</a><br/>|
+|OSS Bucket Has Static Website<br/><sup><sub>2b13c6ff-b87a-484d-86fd-21ef6e97d426</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#website">Documentation</a><br/>|
+|OSS Bucket Ip Restriction Disabled<br/><sup><sub>6107c530-7178-464a-88bc-df9cdd364ac8</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|Public Security Group Rule All Ports or Protocols<br/><sup><sub>60587dbd-6b67-432e-90f7-a8cf1892d968</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
+|Public Security Group Rule Sensitive Port<br/><sup><sub>2ae9d554-23fb-4065-bfd1-fe43d5f7c419</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
+|Public Security Group Rule Unknown Port<br/><sup><sub>dd706080-b7a8-47dc-81fb-3e8184430ec0</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule#port_range">Documentation</a><br/>|
+|ActionTrail Trail OSS Bucket is Publicly Accessible<br/><sup><sub>69b5d7da-a5db-4db9-a42e-90b65d0efb0b</sub></sup>|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail">Documentation</a><br/>|
+|Ram Policy Admin Access Not Attached to Users Groups Roles<br/><sup><sub>e8e62026-da63-4904-b402-65adfe3ca975</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_policy">Documentation</a><br/>|
+|Ram Policy Attached to User<br/><sup><sub>66505003-7aba-45a1-8d83-5162d5706ef5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_user_policy_attachment">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>ed6e3ba0-278f-47b6-a1f5-173576b40b7e</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
+|OSS Bucket Versioning Disabled<br/><sup><sub>70919c0b-2548-4e6b-8d7a-3d84ab6dabba</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#versioning">Documentation</a><br/>|
+|ROS Stack Retention Disabled<br/><sup><sub>4bb06fa1-2114-4a00-b7b5-6aeab8b896f0</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack_instance#retain_stacks">Documentation</a><br/>|
+|ROS Stack Without Template<br/><sup><sub>92d65c51-5d82-4507-a2a1-d252e9706855</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>39750e32-3fe9-453b-8c33-dd277acdb2cc</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/disk#encrypted">Documentation</a><br/>|
+|OSS Bucket Encryption Using CMK Disabled<br/><sup><sub>f20e97f9-4919-43f1-9be9-f203cd339cdd</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#server_side_encryption_rule">Documentation</a><br/>|
+|SLB Policy With Insecure TLS Version In Use<br/><sup><sub>dbfc834a-56e5-4750-b5da-73fda8e73f70</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/slb_tls_cipher_policy">Documentation</a><br/>|
+|CS Kubernetes Node Pool Auto Repair Disabled<br/><sup><sub>81ce9394-013d-4731-8fcc-9d229b474073</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes_node_pool#auto_repair">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>1b4565c0-4877-49ac-ab03-adebbccd42ae</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#security_ips">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>ee3b1557-9fb5-4685-a95d-93f1edf2a0d7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/alb_listener">Documentation</a><br/>|
+|API Gateway API Protocol Not HTTPS<br/><sup><sub>1bcdf9f0-b1aa-40a4-b8c6-cd7785836843</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/api_gateway_api#protocol">Documentation</a><br/>|
+|OSS Buckets Secure Transport Disabled<br/><sup><sub>c01d10de-c468-4790-b3a0-fc887a56f289</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy">Documentation</a><br/>|
+|RDS Instance SSL Action Disabled<br/><sup><sub>7a1ee8a9-71be-4b11-bb70-efb62d16863b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#ssl_action">Documentation</a><br/>|
+|Action Trail Logging For All Regions Disabled<br/><sup><sub>c065b98e-1515-4991-9dca-b602bd6a2fbb</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail#trail_region">Documentation</a><br/>|
+|OSS Bucket Logging Disabled<br/><sup><sub>05db341e-de7d-4972-a106-3e2bd5ee53e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#logging">Documentation</a><br/>|
+|RDS Instance Events Not Logged<br/><sup><sub>b9c524a4-fe76-4021-a6a2-cb978fb4fde1</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_audit">Documentation</a><br/>|
+|RDS Instance Log Connections Disabled<br/><sup><sub>140869ea-25f2-40d4-a595-0c0da135114e</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
+|RDS Instance Log Disconnections Disabled<br/><sup><sub>d53f4123-f8d8-4224-8cb3-f920b151cc98</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
+|RDS Instance Log Duration Disabled<br/><sup><sub>a597e05a-c065-44e7-9cc8-742f572a504a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#parameters">Documentation</a><br/>|
+|VPC Flow Logs Disabled<br/><sup><sub>d2731f3d-a992-44ed-812e-f4f1c2747d71</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc_flow_log">Documentation</a><br/>|
+|No ROS Stack Policy<br/><sup><sub>72ceb736-0aee-43ea-a191-3a69ab135681</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack">Documentation</a><br/>|
+|High KMS Key Rotation Period<br/><sup><sub>cb319d87-b90f-485e-a7e7-f2408380f309</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/kms_key">Documentation</a><br/>|
+|Ram Account Password Policy Max Login Attempts Unrecommended<br/><sup><sub>e76fd7ab-7333-40c6-a2d8-ea28af4a319e</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_login_attempts">Documentation</a><br/>|
+|Ram Account Password Policy Max Password Age Unrecommended<br/><sup><sub>2bb13841-7575-439e-8e0a-cccd9ede2fa8</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#max_password_age">Documentation</a><br/>|
+|RAM Account Password Policy without Reuse Prevention<br/><sup><sub>a8128dd2-89b0-464b-98e9-5d629041dfe0</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
+|RAM Security Preference Not Enforce MFA Login<br/><sup><sub>dcda2d32-e482-43ee-a926-75eaabeaa4e0</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_security_preference#enforce_mfa_for_login">Documentation</a><br/>|
+|OSS Bucket Transfer Acceleration Disabled<br/><sup><sub>8f98334a-99aa-4d85-b72a-1399ca010413</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#transfer_acceleration">Documentation</a><br/>|
+|OSS Bucket Lifecycle Rule Disabled<br/><sup><sub>7db8bd7e-9772-478c-9ec5-4bc202c5686f</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#lifecycle_rule">Documentation</a><br/>|
+|Kubernetes Cluster Without Terway as CNI Network Plugin<br/><sup><sub>b9b7ada8-3868-4a35-854e-6100a2bb863d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cs_kubernetes#cluster_network_type">Documentation</a><br/>|
+|Log Retention Is Not Greater Than 90 Days<br/><sup><sub>ed6cf6ff-9a1f-491c-9f88-e03c0807f390</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/log_store#retention_period">Documentation</a><br/>|
+|RDS Instance Retention Period Not Recommended<br/><sup><sub>dc158941-28ce-481d-a7fa-dc80761edf46</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance#sql_collector_config_value">Documentation</a><br/>|
+|ROS Stack Notifications Disabled<br/><sup><sub>9ef08939-ea40-489c-8851-667870b2ef50</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ros_stack#notification_urls">Documentation</a><br/>|
+|Ram Account Password Policy Not Require At Least one Lowercase Character<br/><sup><sub>89143358-cec6-49f5-9392-920c591c669c</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_lowercase_characters">Documentation</a><br/>|
+|RAM Account Password Policy Not Require at Least one Uppercase Character<br/><sup><sub>5e0fb613-ba9b-44c3-88f0-b44188466bfd</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_uppercase_characters">Documentation</a><br/>|
+|Ram Account Password Policy Not Required Minimum Length<br/><sup><sub>a9dfec39-a740-4105-bbd6-721ba163c053</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#minimum_password_length">Documentation</a><br/>|
+|Ram Account Password Policy Not Required Numbers<br/><sup><sub>063234c0-91c0-4ab5-bbd0-47ddb5f23786</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_numbers">Documentation</a><br/>|
+|RAM Account Password Policy Not Required Symbols<br/><sup><sub>41a38329-d81b-4be4-aef4-55b2615d3282</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282" onclick="newWindowOpenerSafe(event, '../terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282')">Query details</a><br><a href="https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_symbols">Documentation</a><br/>|
 
 ### AWS
 Below are listed queries related to Terraform AWS:
@@ -72,336 +72,336 @@ Below are listed queries related to Terraform AWS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>030d3b18-1821-45b4-9e08-50efbe7becbb</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dms_replication_instance">Documentation</a><br/>|
-|ECR Repository Is Publicly Accessible<br/><sup><sub>e86e26fc-489e-44f0-9bcd-97305e4ba69a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
-|S3 Bucket Access to Any Principal<br/><sup><sub>7af43613-6bb9-4a0e-8c4d-1314b799425e</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>38c5ee0d-7f22-4260-ab72-5073048df100</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
-|S3 Bucket ACL Grants WRITE_ACP Permission<br/><sup><sub>64a222aa-7793-4e40-915f-4b302c76e4d4</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl">Documentation</a><br/>|
-|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>ffdf4b37-7703-4dfe-a682-9d2e99bc6c09</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>d24c0755-c028-44b1-b503-8e719c898832</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket With All Permissions<br/><sup><sub>a4966c4f-9141-48b8-a564-ffe9959945bc</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
-|SNS Topic is Publicly Accessible<br/><sup><sub>b26d2b7e-60f6-413d-a3a1-a57db24aa2b3</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic">Documentation</a><br/>|
-|RDS DB Instance Publicly Accessible<br/><sup><sub>35113e6f-2c6b-414d-beec-7a9482d3b2d1</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
-|DB Security Group With Public Scope<br/><sup><sub>1e0ef61b-ad85-4518-a3d3-85eaad164885</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
-|RDS Associated with Public Subnet<br/><sup><sub>2f737336-b18a-4602-8ea0-b200312e1ac1</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#db_subnet_group_name">Documentation</a><br/>|
-|CloudWatch Unauthorized Access Alarm Missing<br/><sup><sub>4c18a45b-4ab1-4790-9f83-399ac695f1e5</sub></sup>|<span style="color:#ff0000">Critical</span>|Observability|<a href="../terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>09c35abf-5852-4622-ac7a-b987b331232e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role#assume_role_policy">Documentation</a><br/>|
-|ECS Service Admin Role Is Present<br/><sup><sub>3206240f-2e87-4e58-8d24-3e19e7c83d7c</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
-|IAM Policy Grants Full Permissions<br/><sup><sub>575a2155-6af1-4026-b1af-d5bc8fe2a904</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
-|IAM Role With Full Privileges<br/><sup><sub>b1ffa705-19a3-4b73-b9d0-0c97d0663842</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
-|Lambda With Vulnerable Policy<br/><sup><sub>ad9dabc7-7839-4bae-a957-aa9120013f39</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission#action">Documentation</a><br/>|
-|MSK Broker Is Publicly Accessible<br/><sup><sub>54378d69-dd7c-4b08-a43e-80d563396857</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#public_access">Documentation</a><br/>|
-|Neptune Cluster Instance is Publicly Accessible<br/><sup><sub>9ba198e0-fef4-464a-8a4d-75ea55300de7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster_instance#publicly_accessible">Documentation</a><br/>|
-|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>c91d7ea0-d4d1-403b-8fe1-c9961ac082c5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
-|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>57b9893d-33b1-4419-bcea-a717ea87e139</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl">Documentation</a><br/>|
-|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>1df37f4b-7197-45ce-83f8-9994d2fcf885</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket Allows List Action From All Principals<br/><sup><sub>66c6f96f-2d9e-417e-a998-9058aeeecd44</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
-|S3 Bucket Allows Public Policy<br/><sup><sub>1a4bc881-9f69-4d44-8c9a-d37d08f54c50</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|S3 Bucket Public ACL Overridden By Public Access Block<br/><sup><sub>bf878b1a-7418-4de3-b13c-3a86cf894920</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block#bucket">Documentation</a><br/>|
-|Secrets Manager With Vulnerable Policy<br/><sup><sub>fa00ce45-386d-4718-8392-fb485e1f3c5b</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_policy#policy">Documentation</a><br/>|
-|SES Policy With Allowed IAM Actions<br/><sup><sub>34b921bd-90a0-402e-a0a5-dc73371fd963</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ses_identity_policy#policy">Documentation</a><br/>|
-|SQS Policy Allows All Actions<br/><sup><sub>816ea8cf-d589-442d-a917-2dd0ce0e45e3</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
-|SQS Queue Exposed<br/><sup><sub>abb06e5f-ef9a-4a99-98c6-376d396bfcdf</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#policy">Documentation</a><br/>|
-|AmazonMQ Broker Encryption Disabled<br/><sup><sub>3db3f534-e3a3-487f-88c7-0a9fbf64b702</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
-|API Gateway Method Settings Cache Not Encrypted<br/><sup><sub>b7c9a40c-23e4-4a2d-8d39-a3352f10f288</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#cache_data_encrypted">Documentation</a><br/>|
-|Athena Database Not Encrypted<br/><sup><sub>b2315cae-b110-4426-81e0-80bb8640cdd3</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_database#encryption_configuration">Documentation</a><br/>|
-|Athena Workgroup Not Encrypted<br/><sup><sub>d364984a-a222-4b5f-a8b0-e23ab19ebff3</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup#encryption_configuration">Documentation</a><br/>|
-|Aurora With Disabled at Rest Encryption<br/><sup><sub>1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
-|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>abdb29d4-5ca1-4e91-800b-b3569bbd788c</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule">Documentation</a><br/>|
-|DAX Cluster Not Encrypted<br/><sup><sub>f11aec39-858f-4b6f-b946-0a1bf46c0c87</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dax_cluster#enabled">Documentation</a><br/>|
-|DB Instance Storage Not Encrypted<br/><sup><sub>08bd0760-8752-44e1-9779-7bb369b2b4e4</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#storage_encrypted">Documentation</a><br/>|
-|DOCDB Cluster Not Encrypted<br/><sup><sub>bc1f9009-84a0-490f-ae09-3e0ea6d74ad6</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#storage_encrypted">Documentation</a><br/>|
-|DOCDB Cluster Without KMS<br/><sup><sub>4766d3ea-241c-4ee6-93ff-c380c996bd1a</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
-|DynamoDB Table Not Encrypted<br/><sup><sub>ce089fd4-1406-47bd-8aad-c259772bb294</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#server_side_encryption">Documentation</a><br/>|
-|EBS Default Encryption Disabled<br/><sup><sub>3d3f6270-546b-443c-adb4-bb6fb2187ca6</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_encryption_by_default">Documentation</a><br/>|
-|EBS Volume Encryption Disabled<br/><sup><sub>cc997676-481b-4e93-aa81-d19f8c5e9b12</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted">Documentation</a><br/>|
-|EBS Volume Snapshot Not Encrypted<br/><sup><sub>e6b4b943-6883-47a9-9739-7ada9568f8ca</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_snapshot#encrypted">Documentation</a><br/>|
-|ECS Task Definition Volume Not Encrypted<br/><sup><sub>4d46ff3b-7160-41d1-a310-71d6d370b08f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#transit_encryption">Documentation</a><br/>|
-|EFS Not Encrypted<br/><sup><sub>48207659-729f-4b5c-9402-f884257d794f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#encrypted">Documentation</a><br/>|
-|EKS Cluster Encryption Disabled<br/><sup><sub>63ebcb19-2739-4d3f-aa5c-e8bbb9b85281</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#encryption_config">Documentation</a><br/>|
-|ElastiCache Replication Group Not Encrypted At Rest<br/><sup><sub>76976de7-c7b1-4f64-a94f-90c1345914c2</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#at_rest_encryption_enabled">Documentation</a><br/>|
-|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
-|ElasticSearch Not Encrypted At Rest<br/><sup><sub>24e16922-4330-4e9d-be8a-caa90299466a</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
-|ELB Using Weak Ciphers<br/><sup><sub>4a800e14-c94a-442d-9067-5a2e9f6c0a4c</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
-|Glue Data Catalog Encryption Disabled<br/><sup><sub>01d50b14-e933-4c99-b314-6d08cd37ad35</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_data_catalog_encryption_settings#data_catalog_encryption_settings">Documentation</a><br/>|
-|Glue Security Configuration Encryption Disabled<br/><sup><sub>ad5b4e97-2850-4adf-be17-1d293e0b85ee</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_security_configuration#encryption_configuration">Documentation</a><br/>|
-|Kinesis Not Encrypted With KMS<br/><sup><sub>862fe4bf-3eec-4767-a517-40f378886b88</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream">Documentation</a><br/>|
-|Kinesis SSE Not Configured<br/><sup><sub>5c6dd5e7-1fe0-4cae-8f81-4c122717cef3</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream#server_side_encryption">Documentation</a><br/>|
-|Launch Configuration Is Not Encrypted<br/><sup><sub>4de9de27-254e-424f-bd70-4c1e95790838</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#encrypted">Documentation</a><br/>|
-|MSK Cluster Encryption Disabled<br/><sup><sub>6db52fa6-d4da-4608-908a-89f0c59e743e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#encryption_info">Documentation</a><br/>|
-|Neptune Database Cluster Encryption Disabled<br/><sup><sub>98d59056-f745-4ef5-8613-32bca8d40b7e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
-|RDS Database Cluster not Encrypted<br/><sup><sub>656880aa-1388-488f-a6d4-8f73c23149b2</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_cluster_snapshot">Documentation</a><br/>|
-|RDS Storage Not Encrypted<br/><sup><sub>3199c26c-7871-4cb3-99c2-10a59244ce7f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
-|Redis Not Compliant<br/><sup><sub>254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine_version">Documentation</a><br/>|
-|Redshift Not Encrypted<br/><sup><sub>cfdcabb0-fc06-427c-865b-c59f13e898ce</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
-|S3 Bucket Object Not Encrypted<br/><sup><sub>5fb49a69-8d46-4495-a2f8-9c8c622b2b6e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_object#server_side_encryption">Documentation</a><br/>|
-|Sagemaker Endpoint Configuration Encryption Disabled<br/><sup><sub>58b35504-0287-4154-bf69-02c0573deab8</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_endpoint_configuration#kms_key_arn">Documentation</a><br/>|
-|Sagemaker Notebook Instance Without KMS<br/><sup><sub>f3674e0c-f6be-43fa-b71c-bf346d1aed99</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_notebook_instance#kms_key_id">Documentation</a><br/>|
-|SNS Topic Not Encrypted<br/><sup><sub>28545147-2fc6-42d5-a1f9-cf226658e591</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
-|User Data Contains Encoded Private Key<br/><sup><sub>443488f5-c734-460b-a36d-5b3f330174dc</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#user_data_base64">Documentation</a><br/>|
-|Workspaces Workspace Volume Not Encrypted<br/><sup><sub>b9033580-6886-401a-8631-5f19f5bb24c7</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_workspace#root_volume_encryption_enabled">Documentation</a><br/>|
-|Batch Job Definition With Privileged Container Properties<br/><sup><sub>66cd88ac-9ddf-424a-b77e-e55e17630bee</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/batch_job_definition">Documentation</a><br/>|
-|DB Security Group Has Public Interface<br/><sup><sub>f0d8781f-99bf-4958-9917-d39283b168a0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
-|KMS Key With Vulnerable Policy<br/><sup><sub>7ebc9038-0bde-479a-acc4-6ed7b6758899</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
-|Lambda Function With Privileged Role<br/><sup><sub>1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
-|MQ Broker Is Publicly Accessible<br/><sup><sub>4eb5f791-c861-4afd-9f94-f2a6a3fe49cb</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
-|Redshift Publicly Accessible<br/><sup><sub>af173fde-95ea-4584-b904-bb3923ac4bda</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster">Documentation</a><br/>|
-|Root Account Has Active Access Keys<br/><sup><sub>970d224d-b42a-416b-81f9-8f4dfe70c4bc</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
-|S3 Static Website Host Enabled<br/><sup><sub>42bb6b7f-6d54-4428-b707-666f669d94fb</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#website">Documentation</a><br/>|
-|DB Security Group Open To Large Scope<br/><sup><sub>4f615f3e-fb9c-4fad-8b70-2e9f781806ce</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
-|Default Security Groups With Unrestricted Traffic<br/><sup><sub>46883ce1-dc3e-4b17-9195-c6a601624c73</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
-|Network ACL With Unrestricted Access To RDP<br/><sup><sub>a20be318-cac7-457b-911d-04cc6e812c25</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
-|Remote Desktop Port Open To Internet<br/><sup><sub>151187cb-0efc-481c-babd-ad24e3c9bc22</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Route53 Record Undefined<br/><sup><sub>25db74bf-fa3b-44da-934e-8c3e005c0453</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>381c3f2a-ef6f-4eff-99f7-b169cda3422c</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Unknown Port Exposed To Internet<br/><sup><sub>590d878b-abdc-428f-895a-e2b68a0e1998</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Unrestricted Security Group Ingress<br/><sup><sub>4728cd65-a20c-49da-8b31-9c08b423e4db</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/security_group.html">Documentation</a><br/>|
-|VPC Default Security Group Accepts All Traffic<br/><sup><sub>9a4ef195-74b9-4c58-b8ed-2b2fe4353a75</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
-|VPC Peering Route Table with Unrestricted CIDR<br/><sup><sub>b3a41501-f712-4c4f-81e5-db9a7dc0e34e</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route">Documentation</a><br/>|
-|CloudTrail Log Files S3 Bucket is Publicly Accessible<br/><sup><sub>bd0088a5-c133-4b20-b129-ec9968b16ef3</sub></sup>|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
-|Hardcoded AWS Access Key<br/><sup><sub>d7b9d850-3e06-4a75-852f-c46c2e92240b</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
-|Hardcoded AWS Access Key In Lambda<br/><sup><sub>1402afd8-a95c-4e84-8b0b-6fb43758e6ce</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
-|AMI Shared With Multiple Accounts<br/><sup><sub>ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ami_launch_permission">Documentation</a><br/>|
-|API Gateway Method Does Not Contains An API Key<br/><sup><sub>671211c5-5d2a-4e97-8867-30fc28b02216</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
-|API Gateway Without Configured Authorizer<br/><sup><sub>0a96ce49-4163-4ee6-8169-eb3b0797d694</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_authorizer">Documentation</a><br/>|
-|Certificate Has Expired<br/><sup><sub>c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|EC2 Instance Using Default Security Group<br/><sup><sub>f1adc521-f79a-4d71-b55b-a68294687432</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#security_groups">Documentation</a><br/>|
-|EFS With Vulnerable Policy<br/><sup><sub>fae52418-bb8b-4ac2-b287-0b9082d6a3fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system_policy#policy">Documentation</a><br/>|
-|Elasticsearch Domain With Vulnerable Policy<br/><sup><sub>16c4216a-50d3-4785-bfb2-4adb5144a8ba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain_policy#access_policies">Documentation</a><br/>|
-|Elasticsearch Without IAM Authentication<br/><sup><sub>e7530c3c-b7cf-4149-8db9-d037a0b5268e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
-|Glue With Vulnerable Policy<br/><sup><sub>d25edb51-07fb-4a73-97d4-41cecdc53a22</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_resource_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>9b0ffadc-a61f-4c2a-b1e6-68fab60f6267</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>15e6ad8c-f420-49a6-bafb-074f5eb1ec74</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>7d544dad-8a6c-431c-84c1-5f07fe9afc0e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>8f3c16b3-354d-45db-8ad5-5066778a9485</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>970ed7a2-0aca-4425-acf1-0453c9ecbca1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>70b42736-efee-4bce-80d5-50358ed94990</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>3dd96caa-0b5f-4a85-b929-acfac4646cc2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>db78d14b-10e5-4e6e-84b1-dace6327b1ec</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>846646e3-2af1-428c-ac5d-271eccfa6faf</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>04c686f1-e0cd-4812-88e1-4e038410074c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ec49cbfd-fae4-45f3-81b1-860526d66e3f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>e77c89f6-9c85-49ea-b95b-5f960fe5be92</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>c0c1e744-0f37-445e-924a-1846f0839f69</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>60263b4a-6801-4587-911d-919c37ed733b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>7782d4b3-e23e-432b-9742-d9528432e771</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>78f1ec6f-5659-41ea-bd48-d0a142dce4f2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>ad296c0d-8131-4d6b-b030-1b0e73a99ad3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>034d0aee-620f-4bf7-b7fb-efdf661fdb9e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>571254d8-aa6a-432e-9725-535d3ef04d69</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
-|IAM Access Key Is Exposed<br/><sup><sub>7081f85c-b94d-40fd-8b45-a4f1cac75e46</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
-|IAM Group Without Users<br/><sup><sub>fc101ca7-c9dd-4198-a1eb-0fbe92e80044</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_membership#users">Documentation</a><br/>|
-|IAM Policies Attached To User<br/><sup><sub>b4378389-a9aa-44ee-91e7-ef183f11079e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment">Documentation</a><br/>|
-|IAM Policies With Full Privileges<br/><sup><sub>2f37c4a3-58b9-4afe-8a87-d7f1d2286f84</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>bcdcbdc6-a350-4855-ae7c-d1e6436f7c97</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
-|IAM Role Allows All Principals To Assume<br/><sup><sub>12b7e704-37f0-4d1e-911a-44bf60c48c21</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
-|IAM Role Policy passRole Allows All<br/><sup><sub>e39bee8c-fe54-4a3f-824d-e5e2d1cca40a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-security-warning-pass-role-with-star-in-resource">Documentation</a><br/>|
-|IAM User With Access To Console<br/><sup><sub>9ec311bf-dfd9-421f-8498-0b063c8bc552</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
-|Lambda Permission Principal Is Wildcard<br/><sup><sub>e08ed7eb-f3ef-494d-9d22-2e3db756a347</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347" target="_blank">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
-|Policy Without Principal<br/><sup><sub>bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html">Documentation</a><br/>|
-|Public and Private EC2 Share Role<br/><sup><sub>c53c7a89-f9d7-4c7b-8b66-8a555be99593</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
-|Public Lambda via API Gateway<br/><sup><sub>3ef8696c-e4ae-4872-92c7-520bb44dfe77</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
-|REST API With Vulnerable Policy<br/><sup><sub>b161c11b-a59b-4431-9a29-4e19f63e6b27</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>be2aa235-bd93-4b68-978a-1cc65d49082f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>30b88745-eebe-4ecb-a3a9-5cf886e96204</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>0a592060-8166-49f5-8e65-99ac6dce9871</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>eda48c88-2b7d-4e34-b6ca-04c0194aee17</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>b8a31292-509d-4b61-bc40-13b167db7e9c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>f906113d-cdc0-415a-ba60-609cc6daaf4d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>f465fff1-0a0f-457d-aa4d-1bddb6f204ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>7c96920c-6fd0-449d-9a52-0aa431b6beaf</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>5b4d4aee-ac94-4810-9611-833636e5916d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>9a205ba3-0dd1-42eb-8d54-2ffec836b51a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ee49557d-750c-4cc1-aa95-94ab36cbefde</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>d6047119-a0b2-4b59-a4f2-127a36fb685b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>8f75840d-9ee7-42f3-b203-b40e3979eb12</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>118281d0-6471-422e-a7c5-051bc667926e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>f1173d8c-3264-4148-9fdb-61181e031b51</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>35ccf766-0e4d-41ed-9ec4-2dab155082b4</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>fa62ac4f-f5b9-45b9-97c1-625c8b6253ca</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>c583f0f9-7dfd-476b-a056-f47c62b47b46</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
-|S3 Bucket Allows Public ACL<br/><sup><sub>d0cc8694-fcad-43ff-ac86-32331d7e867f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>5ea624e4-c8b1-4bb3-87a4-4235a776adcc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy">Documentation</a><br/>|
-|SQS Policy With Public Access<br/><sup><sub>730675f9-52ed-49b6-8ead-0acb5dd7df7f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
-|SSO Identity User Unsafe Creation<br/><sup><sub>4003118b-046b-4640-b200-b8c7a4c8b89f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_user">Documentation</a><br/>|
-|SSO Policy with full privileges<br/><sup><sub>132a8c31-9837-4203-9fd1-15ca210c7b73</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set_inline_policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>19ffbe31-9d72-4379-9768-431195eae328</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>89561b03-cb35-44a9-a7e9-8356e71606f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>94fbe150-27e3-4eba-9ca6-af32865e4503</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>9b877bd8-94b4-4c10-a060-8e0436cc09fa</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>bf9d42c7-c2f9-4dfe-942c-c8cc8249a081</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>6d23d87e-1c5b-4308-b224-92624300f29b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>e227091e-2228-4b40-b046-fc13650d8e88</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>70cb518c-d990-46f6-bc05-44a5041493d6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>113208f2-a886-4526-9ecc-f3218600e12c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>0fd7d920-4711-46bd-aff2-d307d82cd8b7</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>1743f5f1-0bb0-4934-acef-c80baa5dadfa</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>8bfbf7ab-d5e8-4100-8618-798956e101e0</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eeb4d37a-3c59-4789-a00c-1509bc3af1e5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>0c10d7da-85c4-4d62-b2a8-d6c104f1bd77</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>43a41523-386a-4cb1-becb-42af6b414433</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>33627268-1445-4385-988a-318fd9d1a512</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>6deb34e2-5d9c-499a-801b-ea6d9eda894f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>8055dec2-efb8-4fe6-8837-d9bed6ff202a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>b69247e5-7e73-464e-ba74-ec9b715c6e12</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
-|Auto Scaling Group With No Associated ELB<br/><sup><sub>8e94dced-9bcc-4203-8eb7-7e41202b2505</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#load_balancers">Documentation</a><br/>|
-|CMK Is Unusable<br/><sup><sub>7350fa23-dcf7-4938-916d-6a60b0c73b50</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
-|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>6db03a91-f933-4f13-ab38-a8b87a7de54d</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster">Documentation</a><br/>|
-|ElastiCache Redis Cluster Without Backup<br/><sup><sub>8fdb08a0-a868-4fdf-9c27-ccab0237f1ab</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#snapshot_retention_limit">Documentation</a><br/>|
-|RDS Cluster With Backup Disabled<br/><sup><sub>e542bd46-58c4-4e0f-a52a-1fb4f9548e02</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#backup_retention_period">Documentation</a><br/>|
-|RDS With Backup Disabled<br/><sup><sub>1dc73fb4-5b51-430c-8c5f-25dcf9090b02</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
-|S3 Bucket Without Versioning<br/><sup><sub>568a4d22-3517-44a6-a7ad-6a7eed88722c</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning">Documentation</a><br/>|
-|Stack Retention Disabled<br/><sup><sub>6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set_instance#stack_set_name">Documentation</a><br/>|
-|ALB Not Dropping Invalid Headers<br/><sup><sub>6e3fd2ed-5c83-4c68-9679-7700d224d379</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#drop_invalid_header_fields">Documentation</a><br/>|
-|AMI Not Encrypted<br/><sup><sub>8bbb242f-6e38-4127-86d4-d8f0b2687ae2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami">Documentation</a><br/>|
-|CA Certificate Identifier Is Outdated<br/><sup><sub>9f40c07e-699e-4410-8856-3ba0f2e3a2dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
-|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>55af1353-2f62-4fa0-a8e1-a210ca2708f5</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|CloudWatch Log Group Without KMS<br/><sup><sub>0afbcfe9-d341-4b92-a64c-7e6de0543879</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
-|ElastiCache Replication Group Not Encrypted At Transit<br/><sup><sub>1afbb3fa-cf6c-4a3d-b730-95e9f4df343e</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#transit_encryption_enabled">Documentation</a><br/>|
-|Elasticsearch Domain Not Encrypted Node To Node<br/><sup><sub>967eb3e6-26fc-497d-8895-6428beb6e8e2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#node_to_node_encryption">Documentation</a><br/>|
-|ELB Using Insecure Protocols<br/><sup><sub>126c1788-23c2-4a10-906c-ef179f4f96ec</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
-|IAM Database Auth Not Enabled<br/><sup><sub>88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#iam_database_authentication_enabled">Documentation</a><br/>|
-|S3 Bucket Policy Accepts HTTP Requests<br/><sup><sub>4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy#policy">Documentation</a><br/>|
-|Secretsmanager Secret Encrypted With AWS Managed Key<br/><sup><sub>b0d3ef3f-845d-4b1b-83d6-63a5a380375f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
-|Secretsmanager Secret Without KMS<br/><sup><sub>a2f548f2-188c-4fff-b172-e9a6acb216bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
-|Secure Ciphers Disabled<br/><sup><sub>5c0003fb-9aa0-42c1-9da3-eb0e332bef21</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|SNS Topic Encrypted With AWS Managed Key<br/><sup><sub>b1a72f66-2236-4f3b-87ba-0da1b366956f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
-|SQS With SSE Disabled<br/><sup><sub>6e8849c1-3aa7-40e3-9063-b85ee300f29f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue">Documentation</a><br/>|
-|SSM Session Transit Encryption Disabled<br/><sup><sub>ce60cc6b-6831-4bd7-84a2-cc7f8ee71433</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_document#content">Documentation</a><br/>|
-|ALB Deletion Protection Disabled<br/><sup><sub>afecd1f1-6378-4f7e-bb3b-60c35801fdd4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#enable_deletion_protection">Documentation</a><br/>|
-|API Gateway With Open Access<br/><sup><sub>15ccec05-5476-4890-ad19-53991eba1db8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
-|API Gateway Without Security Policy<br/><sup><sub>4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_domain_name#security_policy">Documentation</a><br/>|
-|API Gateway Without SSL Certificate<br/><sup><sub>0b4869fc-a842-4597-aa00-1294df425440</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#client_certificate_id">Documentation</a><br/>|
-|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>874d68a3-bfbe-4a4b-aaa0-9e74d7da634b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>00e5e55e-c2ff-46b3-a757-a7a1cd802456</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|ECR Image Tag Not Immutable<br/><sup><sub>d1846b12-20c5-4d45-8798-fc35b79268eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository">Documentation</a><br/>|
-|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>9f4a9409-9c60-4671-be96-9716dbf63db1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#network_mode">Documentation</a><br/>|
-|EKS Cluster Has Public Access<br/><sup><sub>42f4b905-3736-4213-bfe9-c0660518cda8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
-|IAM User Has Too Many Access Keys<br/><sup><sub>3561130e-9c5f-485b-9e16-2764c82763e5</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#user">Documentation</a><br/>|
-|No Password Policy Enabled<br/><sup><sub>b592ffd4-0577-44b6-bd35-8c5ee81b5918</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
-|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>98a8f708-121b-455b-ae2f-da3fb59d17e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#cors_rule">Documentation</a><br/>|
-|S3 Bucket Without Ignore Public ACL<br/><sup><sub>4fa66806-0dd9-4f8d-9480-3174d39c7c91</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>1ec253ab-c220-4d63-b2de-5b40e0af9293</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
-|Service Control Policies Disabled<br/><sup><sub>5ba6229c-8057-433e-91d0-21cf13569ca9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy">Documentation</a><br/>|
-|Default VPC Exists<br/><sup><sub>96ed3526-0179-4c73-b1b2-372fde2e0d13</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc">Documentation</a><br/>|
-|Vulnerable Default SSL Certificate<br/><sup><sub>3a1e94df-6847-4c0e-a3b6-6c6af4e128ef</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|ALB Is Not Integrated With WAF<br/><sup><sub>0afa6ab8-a047-48cf-be07-93a2f8c34cf7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association">Documentation</a><br/>|
-|ALB Listening on HTTP<br/><sup><sub>de7f5e83-da88-4046-871f-ea18504b1d43</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener">Documentation</a><br/>|
-|API Gateway Endpoint Config is Not Private<br/><sup><sub>6b2739db-9c49-4db7-b980-7816e0c248c1</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|API Gateway without WAF<br/><sup><sub>a186e82c-1078-4a7b-85d8-579561fde884</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association#resource_arn">Documentation</a><br/>|
-|CloudFront Without WAF<br/><sup><sub>1419b4c6-6d5c-4534-9cf6-6a5266085333</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|EC2 Instance Has Public IP<br/><sup><sub>5a2486aa-facf-477d-a5c1-b010789459ce</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#associate_public_ip_address">Documentation</a><br/>|
-|EKS Cluster Has Public Access CIDRs<br/><sup><sub>61cf9883-1752-4768-b18c-0d57f2737709</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
-|EKS node group remote access disabled<br/><sup><sub>ba40ace1-a047-483c-8a8d-bc2d3a67a82d</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group#remote_access">Documentation</a><br/>|
-|Elasticsearch with HTTPS disabled<br/><sup><sub>2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#enforce_https">Documentation</a><br/>|
-|HTTP Port Open To Internet<br/><sup><sub>ffac8a12-322e-42c1-b9b9-81ff85c39ef7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Network ACL With Unrestricted Access To SSH<br/><sup><sub>3af7f2fd-06e6-4dab-b996-2912bea19ba4</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
-|Security Group With Unrestricted Access To SSH<br/><sup><sub>65905cec-d691-4320-b320-2000436cb696</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e35c16a2-d54e-419d-8546-a804d8e024d0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>54c417bf-c762-48b9-9d31-b3d87047e3f0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|VPC Subnet Assigns Public IP<br/><sup><sub>52f04a44-6bfa-4c41-b1d3-4ae99a2de05c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch">Documentation</a><br/>|
-|VPC Without Network Firewall<br/><sup><sub>fd632aaf-b8a1-424d-a4d1-0de22fd3247a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall#vpc_id">Documentation</a><br/>|
-|API Gateway Access Logging Disabled<br/><sup><sub>1b6799eb-4a7a-4b04-9001-8cceb9999326</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#access_log_settings">Documentation</a><br/>|
-|API Gateway Deployment Without Access Log Setting<br/><sup><sub>625abc0e-f980-4ac9-a775-f7519ee34296</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
-|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>982aa526-6970-4c59-8b9b-2ce7e019fe36</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#managing-the-api-logging-cloudwatch-log-group">Documentation</a><br/>|
-|CloudFront Logging Disabled<br/><sup><sub>94690d79-b3b0-43de-b656-84ebef5753e5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|CloudTrail Log Files S3 Bucket with Logging Disabled<br/><sup><sub>ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
-|CloudTrail Logging Disabled<br/><sup><sub>4bb76f17-3d63-4529-bdca-2b454529d774</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_logging">Documentation</a><br/>|
-|CloudWatch AWS Config Configuration Changes Alarm Missing<br/><sup><sub>5b8d7527-de8e-4114-b9dd-9d988f1f418f</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Changes To NACL Alarm Missing<br/><sup><sub>0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|Cloudwatch Cloudtrail Configuration Changes Alarm Missing<br/><sup><sub>0f6cbf69-41bb-47dc-93f3-3844640bf480</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing<br/><sup><sub>56a585f5-555c-48b2-8395-e64e4740a9cf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Logging Disabled<br/><sup><sub>7dbba512-e244-42dc-98bb-422339827967</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_query_log">Documentation</a><br/>|
-|CloudWatch Management Console Auth Failed Alarm Missing<br/><sup><sub>5864d189-ee9a-4009-ac0c-8a582e6b7919</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Metrics Disabled<br/><sup><sub>081069cb-588b-4ce1-884c-2a1ce3029fe5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#metrics_enabled">Documentation</a><br/>|
-|CloudWatch Root Account Use Missing<br/><sup><sub>8b1b1e67-6248-4dca-bbad-93486bb181c0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch S3 policy Change Alarm Missing<br/><sup><sub>27c6a499-895a-4dc7-9617-5c485218db13</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|Cloudwatch Security Group Changes Alarm Missing<br/><sup><sub>4beaf898-9f8b-4237-89e2-5ffdc7ee6006</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch VPC Changes Alarm Missing<br/><sup><sub>9d0d4512-1959-43a2-a17f-72360ff06d1b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|DocDB Logging Is Disabled<br/><sup><sub>56f6a008-1b14-4af4-b9b2-ab7cf7e27641</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
-|EC2 Instance Monitoring Disabled<br/><sup><sub>23b70e32-032e-4fa6-ba5c-82f56b9980e6</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#monitoring">Documentation</a><br/>|
-|EKS cluster logging is not enabled<br/><sup><sub>37304d3f-f852-40b8-ae3f-725e87a7cedf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabled_cluster_log_types">Documentation</a><br/>|
-|Elasticsearch Log Disabled<br/><sup><sub>acb6b4e2-a086-4f35-aefd-4db6ea51ada2</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
-|ELB Access Log Disabled<br/><sup><sub>20018359-6fd7-4d05-ab26-d4dffccbdf79</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elb#enabled">Documentation</a><br/>|
-|Global Accelerator Flow Logs Disabled<br/><sup><sub>96e8183b-e985-457b-90cd-61c0503a3369</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/globalaccelerator_accelerator#flow_logs_enabled">Documentation</a><br/>|
-|GuardDuty Detector Disabled<br/><sup><sub>704dadd3-54fc-48ac-b6a0-02f170011473</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector#example-usage">Documentation</a><br/>|
-|Missing Cluster Log Types<br/><sup><sub>66f130d9-b81d-4e8e-9b08-da74b9c891df</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/eks_cluster.html">Documentation</a><br/>|
-|MQ Broker Logging Disabled<br/><sup><sub>31245f98-a6a9-4182-9fc1-45482b9d030a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
-|MSK Cluster Logging Disabled<br/><sup><sub>2f56b7ab-7fba-4e93-82f0-247e5ddeb239</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#broker_logs">Documentation</a><br/>|
-|Neptune Logging Is Disabled<br/><sup><sub>45cff7b6-3b80-40c1-ba7b-2cf480678bb8</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#enable_cloudwatch_logs_exports">Documentation</a><br/>|
-|RDS Without Logging<br/><sup><sub>8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
-|Redshift Cluster Logging Disabled<br/><sup><sub>15ffbacc-fa42-4f6f-a57d-2feac7365caa</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#enable">Documentation</a><br/>|
-|S3 Bucket Logging Disabled<br/><sup><sub>f861041c-8c9f-4156-acfc-5e6e524f5884</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
-|S3 Bucket Object Level CloudTrail Logging Disabled<br/><sup><sub>a8fc2180-b3ac-4c93-bd0d-a55b974e4b07</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#event_selector">Documentation</a><br/>|
-|Stack Notifications Disabled<br/><sup><sub>b72d0026-f649-4c91-a9ea-15d8f681ac09</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
-|VPC FlowLogs Disabled<br/><sup><sub>f83121ea-03da-434f-9277-9cd247ab3047</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc">Documentation</a><br/>|
-|No Stack Policy<br/><sup><sub>2f01fb2d-828a-499d-b98e-b83747305052</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
-|Authentication Without MFA<br/><sup><sub>3ddfa124-6407-4845-a501-179f90c65097</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy">Documentation</a><br/>|
-|CloudWatch Logs Destination With Vulnerable Policy<br/><sup><sub>db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_destination_policy#access_policy">Documentation</a><br/>|
-|EC2 Instance Using API Keys<br/><sup><sub>0b93729a-d882-4803-bdc3-ac429a21f158</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
-|SSO Permission With Inadequate User Session Duration<br/><sup><sub>ce9dfce0-5fc8-433b-944a-3b16153111a8</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set">Documentation</a><br/>|
-|Autoscaling Groups Supply Tags<br/><sup><sub>ba48df05-eaa1-4d64-905e-4a4b051e7587</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#tag-and-tags">Documentation</a><br/>|
-|ECS Service Without Running Tasks<br/><sup><sub>91f16d09-689e-4926-aca7-155157f634ed</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
-|Automatic Minor Upgrades Disabled<br/><sup><sub>3b6d777b-76e3-4133-80a3-0d6f667ade7f</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#auto_minor_version_upgrade">Documentation</a><br/>|
-|CDN Configuration Is Missing<br/><sup><sub>1bc367f6-901d-4870-ad0c-71d79762ef52</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
-|Cognito UserPool Without MFA<br/><sup><sub>ec28bf61-a474-4dbe-b414-6dd3a067d6f0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool">Documentation</a><br/>|
-|ECR Repository Without Policy<br/><sup><sub>69e7c320-b65d-41bb-be02-d63ecc0bcc9d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
-|IAM Access Analyzer Not Enabled<br/><sup><sub>e592a0c5-5bdb-414c-9066-5dba7cdea370</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/accessanalyzer_analyzer">Documentation</a><br/>|
-|IAM Password Without Minimum Length<br/><sup><sub>1bc1c685-e593-450e-88fb-19db4c82aa1d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
-|Lambda IAM InvokeFunction Misconfigured<br/><sup><sub>0ca1017d-3b80-423e-bb9c-6cd5898d34bd</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
-|Lambda Permission Misconfigured<br/><sup><sub>75ec6890-83af-4bf1-9f16-e83726df0bd0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
-|Misconfigured Password Policy Expiration<br/><sup><sub>ce60d060-efb8-4bfd-9cf7-ff8945d00d90</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
-|Password Without Reuse Prevention<br/><sup><sub>89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
-|Stack Without Template<br/><sup><sub>91bea7b8-0c31-4863-adc9-93f6177266c4</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
-|API Gateway With Invalid Compression<br/><sup><sub>ed35928e-195c-4405-a252-98ccb664ab7b</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
-|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>5d9e3164-9265-470c-9a10-57ae454ac0c7</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#kms_key_id">Documentation</a><br/>|
-|CodeBuild Project Encrypted With AWS Managed Key<br/><sup><sub>3deec14b-03d2-4d27-9670-7d79322e3340</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codebuild_project#encryption_key">Documentation</a><br/>|
-|DOCDB Cluster Encrypted With AWS Managed Key<br/><sup><sub>2134641d-30a4-4b16-8ffc-2cd4c4ffd15d</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
-|ECR Repository Not Encrypted With CMK<br/><sup><sub>0e32d561-4b5a-4664-a6e3-a3fa85649157</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#encryption_configuration">Documentation</a><br/>|
-|EFS Without KMS<br/><sup><sub>25d251f3-f348-4f95-845c-1090e41a615c</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#kms_key_id">Documentation</a><br/>|
-|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>9ef7d25d-9764-4224-9968-fa321c56ef76</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
-|IAM User Policy Without MFA<br/><sup><sub>b5681959-6c09-4f55-b42b-c40fa12d03ec</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec" target="_blank">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html">Documentation</a><br/>|
-|Instance With No VPC<br/><sup><sub>a31a5a29-718a-4ff4-8001-a69e5e4d029e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
-|Redis Disabled<br/><sup><sub>4bd15dd9-8d5e-4008-8532-27eb0c3706d3</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine">Documentation</a><br/>|
-|Redshift Cluster Without VPC<br/><sup><sub>0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#vpc_security_group_ids">Documentation</a><br/>|
-|S3 Bucket Without Enabled MFA Delete<br/><sup><sub>c5b31ab9-0f26-4a49-b8aa-4cc064392f4d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#mfa_delete">Documentation</a><br/>|
-|Dynamodb VPC Endpoint Without Route Table Association<br/><sup><sub>0bc534c5-13d1-4353-a7fe-b8665d5c1d7d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint#vpc_id">Documentation</a><br/>|
-|EC2 Instance Using Default VPC<br/><sup><sub>7e4a6e76-568d-43ef-8c4e-36dea481bff1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#subnet_id">Documentation</a><br/>|
-|ElastiCache Using Default Port<br/><sup><sub>5d89db57-8b51-4b38-bb76-b9bd42bd40f0</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#port">Documentation</a><br/>|
-|ElastiCache Without VPC<br/><sup><sub>8c849af7-a399-46f7-a34c-32d3dc96f1fc</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#subnet_group_name">Documentation</a><br/>|
-|EMR Without VPC<br/><sup><sub>2b3c8a6d-9856-43e6-ab1d-d651094f03b4</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/emr_cluster#subnet_id">Documentation</a><br/>|
-|RDS Using Default Port<br/><sup><sub>bca7cc4d-b3a4-4345-9461-eb69c68fcd26</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#port">Documentation</a><br/>|
-|Redshift Using Default Port<br/><sup><sub>41abc6cc-dde1-4217-83d3-fb5f0cc09d8f</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#port">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>92fe237e-074c-4262-81a4-2077acb928c1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|Shield Advanced Not In Use<br/><sup><sub>084c6686-2a70-4710-91b1-000393e54c12</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/shield_protection#resource_arn">Documentation</a><br/>|
-|SQS VPC Endpoint Without DNS Resolution<br/><sup><sub>e9b7acf9-9ba0-4837-a744-31e7df1e434d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_dns_support">Documentation</a><br/>|
-|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>b3a59b8e-94a3-403e-b6e2-527abaf12034</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
-|API Gateway X-Ray Disabled<br/><sup><sub>5813ef56-fa94-406a-b35d-977d4a56ff2b</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#xray_tracing_enabled">Documentation</a><br/>|
-|CloudTrail Log File Validation Disabled<br/><sup><sub>52ffcfa6-6c70-4ea6-8376-d828d3961669</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_log_file_validation">Documentation</a><br/>|
-|CloudTrail Multi Region Disabled<br/><sup><sub>8173d5eb-96b5-4aa6-a71b-ecfa153c123d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#is_multi_region_trail">Documentation</a><br/>|
-|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>17b30f8f-8dfb-4597-adf6-57600b6cf25e</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
-|CloudTrail SNS Topic Name Undefined<br/><sup><sub>482b7d26-0bdb-4b5f-bf6f-545826c0a3dd</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
-|CloudWatch Console Sign-in Without MFA Alarm Missing<br/><sup><sub>44ceb4fa-0897-4fd2-b676-30e7a58f2933</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch IAM Policy Changes Alarm Missing<br/><sup><sub>eaaba502-2f94-411a-a3c2-83d63cc1776d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Network Gateways Changes Alarm Missing<br/><sup><sub>6b6874fe-4c2f-4eea-8b90-7cceaa4a125e</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Route Table Changes Alarm Missing<br/><sup><sub>2285e608-ddbc-47f3-ba54-ce7121e31216</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CMK Rotation Disabled<br/><sup><sub>22fbfeac-7b5a-421a-8a27-7a2178bb910b</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#enable_key_rotation">Documentation</a><br/>|
-|Configuration Aggregator to All Regions Disabled<br/><sup><sub>ac5a0bc0-a54c-45aa-90c3-15f7703b9132</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator#all_regions">Documentation</a><br/>|
-|ECS Cluster with Container Insights Disabled<br/><sup><sub>97cb0688-369a-4d26-b1f7-86c4c91231bc</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster#setting">Documentation</a><br/>|
-|ElasticSearch Without Slow Logs<br/><sup><sub>e979fcbc-df6c-422d-9458-c33d65e71c45</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
-|KMS Key With No Deletion Window<br/><sup><sub>0b530315-0ea4-497f-b34c-4ff86268f59d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
-|Lambda Functions Without X-Ray Tracing<br/><sup><sub>8152e0cf-d2f0-47ad-96d5-d003a76eabd1</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#tracing_config">Documentation</a><br/>|
-|Unscanned ECR Image<br/><sup><sub>9630336b-3fed-4096-8173-b9afdfe346a7</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#scan_on_push">Documentation</a><br/>|
-|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>c999cf62-0920-40f8-8dda-0caccd66ed7e</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage">Documentation</a><br/>|
-|Security Group Not Used<br/><sup><sub>4849211b-ac39-479e-ae78-5694d506cb24</sub></sup>|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
-|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>741f1291-47ac-4a85-a07b-3d32a9d6bd3e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#point_in_time_recovery">Documentation</a><br/>|
-|EC2 Not EBS Optimized<br/><sup><sub>60224630-175a-472a-9e23-133827040766</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/60224630-175a-472a-9e23-133827040766" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs_optimized">Documentation</a><br/>|
-|Resource Not Using Tags<br/><sup><sub>e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/resource-tagging">Documentation</a><br/>|
-|Security Group Rule Without Description<br/><sup><sub>68eb4bf3-f9bf-463d-b5cf-e029bb446d2e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
-|Security Group Rule Without Description<br/><sup><sub>cb3f5ed6-0d18-40de-a93d-b3538db31e8c</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
-|CloudWatch AWS Organizations Changes Missing Alarm<br/><sup><sub>38b85c45-e772-4de8-a247-69619ca137b3</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
-|CloudWatch Without Retention Period Specified<br/><sup><sub>ef0b316a-211e-42f1-888e-64efe172b755</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
+|Amazon DMS Replication Instance Is Publicly Accessible<br/><sup><sub>030d3b18-1821-45b4-9e08-50efbe7becbb</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dms_replication_instance">Documentation</a><br/>|
+|ECR Repository Is Publicly Accessible<br/><sup><sub>e86e26fc-489e-44f0-9bcd-97305e4ba69a</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
+|S3 Bucket Access to Any Principal<br/><sup><sub>7af43613-6bb9-4a0e-8c4d-1314b799425e</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read Or Write to All Users<br/><sup><sub>38c5ee0d-7f22-4260-ab72-5073048df100</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
+|S3 Bucket ACL Grants WRITE_ACP Permission<br/><sup><sub>64a222aa-7793-4e40-915f-4b302c76e4d4</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl">Documentation</a><br/>|
+|S3 Bucket Allows Delete Action From All Principals<br/><sup><sub>ffdf4b37-7703-4dfe-a682-9d2e99bc6c09</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket Allows Put Action From All Principals<br/><sup><sub>d24c0755-c028-44b1-b503-8e719c898832</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket With All Permissions<br/><sup><sub>a4966c4f-9141-48b8-a564-ffe9959945bc</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
+|SNS Topic is Publicly Accessible<br/><sup><sub>b26d2b7e-60f6-413d-a3a1-a57db24aa2b3</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic">Documentation</a><br/>|
+|RDS DB Instance Publicly Accessible<br/><sup><sub>35113e6f-2c6b-414d-beec-7a9482d3b2d1</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
+|DB Security Group With Public Scope<br/><sup><sub>1e0ef61b-ad85-4518-a3d3-85eaad164885</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
+|RDS Associated with Public Subnet<br/><sup><sub>2f737336-b18a-4602-8ea0-b200312e1ac1</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#db_subnet_group_name">Documentation</a><br/>|
+|CloudWatch Unauthorized Access Alarm Missing<br/><sup><sub>4c18a45b-4ab1-4790-9f83-399ac695f1e5</sub></sup>|<span style="color:#ff0000">Critical</span>|Observability|<a href="../terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA<br/><sup><sub>09c35abf-5852-4622-ac7a-b987b331232e</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role#assume_role_policy">Documentation</a><br/>|
+|ECS Service Admin Role Is Present<br/><sup><sub>3206240f-2e87-4e58-8d24-3e19e7c83d7c</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
+|IAM Policy Grants Full Permissions<br/><sup><sub>575a2155-6af1-4026-b1af-d5bc8fe2a904</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
+|IAM Role With Full Privileges<br/><sup><sub>b1ffa705-19a3-4b73-b9d0-0c97d0663842</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
+|Lambda With Vulnerable Policy<br/><sup><sub>ad9dabc7-7839-4bae-a957-aa9120013f39</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission#action">Documentation</a><br/>|
+|MSK Broker Is Publicly Accessible<br/><sup><sub>54378d69-dd7c-4b08-a43e-80d563396857</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#public_access">Documentation</a><br/>|
+|Neptune Cluster Instance is Publicly Accessible<br/><sup><sub>9ba198e0-fef4-464a-8a4d-75ea55300de7</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster_instance#publicly_accessible">Documentation</a><br/>|
+|Neptune Cluster With IAM Database Authentication Disabled<br/><sup><sub>c91d7ea0-d4d1-403b-8fe1-c9961ac082c5</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
+|S3 Bucket ACL Allows Read to Any Authenticated User<br/><sup><sub>57b9893d-33b1-4419-bcea-a717ea87e139</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl">Documentation</a><br/>|
+|S3 Bucket Allows Get Action From All Principals<br/><sup><sub>1df37f4b-7197-45ce-83f8-9994d2fcf885</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket Allows List Action From All Principals<br/><sup><sub>66c6f96f-2d9e-417e-a998-9058aeeecd44</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy">Documentation</a><br/>|
+|S3 Bucket Allows Public Policy<br/><sup><sub>1a4bc881-9f69-4d44-8c9a-d37d08f54c50</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|S3 Bucket Public ACL Overridden By Public Access Block<br/><sup><sub>bf878b1a-7418-4de3-b13c-3a86cf894920</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block#bucket">Documentation</a><br/>|
+|Secrets Manager With Vulnerable Policy<br/><sup><sub>fa00ce45-386d-4718-8392-fb485e1f3c5b</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_policy#policy">Documentation</a><br/>|
+|SES Policy With Allowed IAM Actions<br/><sup><sub>34b921bd-90a0-402e-a0a5-dc73371fd963</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ses_identity_policy#policy">Documentation</a><br/>|
+|SQS Policy Allows All Actions<br/><sup><sub>816ea8cf-d589-442d-a917-2dd0ce0e45e3</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
+|SQS Queue Exposed<br/><sup><sub>abb06e5f-ef9a-4a99-98c6-376d396bfcdf</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#policy">Documentation</a><br/>|
+|AmazonMQ Broker Encryption Disabled<br/><sup><sub>3db3f534-e3a3-487f-88c7-0a9fbf64b702</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
+|API Gateway Method Settings Cache Not Encrypted<br/><sup><sub>b7c9a40c-23e4-4a2d-8d39-a3352f10f288</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#cache_data_encrypted">Documentation</a><br/>|
+|Athena Database Not Encrypted<br/><sup><sub>b2315cae-b110-4426-81e0-80bb8640cdd3</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_database#encryption_configuration">Documentation</a><br/>|
+|Athena Workgroup Not Encrypted<br/><sup><sub>d364984a-a222-4b5f-a8b0-e23ab19ebff3</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup#encryption_configuration">Documentation</a><br/>|
+|Aurora With Disabled at Rest Encryption<br/><sup><sub>1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
+|Config Rule For Encrypted Volumes Disabled<br/><sup><sub>abdb29d4-5ca1-4e91-800b-b3569bbd788c</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule">Documentation</a><br/>|
+|DAX Cluster Not Encrypted<br/><sup><sub>f11aec39-858f-4b6f-b946-0a1bf46c0c87</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dax_cluster#enabled">Documentation</a><br/>|
+|DB Instance Storage Not Encrypted<br/><sup><sub>08bd0760-8752-44e1-9779-7bb369b2b4e4</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#storage_encrypted">Documentation</a><br/>|
+|DOCDB Cluster Not Encrypted<br/><sup><sub>bc1f9009-84a0-490f-ae09-3e0ea6d74ad6</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#storage_encrypted">Documentation</a><br/>|
+|DOCDB Cluster Without KMS<br/><sup><sub>4766d3ea-241c-4ee6-93ff-c380c996bd1a</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
+|DynamoDB Table Not Encrypted<br/><sup><sub>ce089fd4-1406-47bd-8aad-c259772bb294</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#server_side_encryption">Documentation</a><br/>|
+|EBS Default Encryption Disabled<br/><sup><sub>3d3f6270-546b-443c-adb4-bb6fb2187ca6</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_encryption_by_default">Documentation</a><br/>|
+|EBS Volume Encryption Disabled<br/><sup><sub>cc997676-481b-4e93-aa81-d19f8c5e9b12</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted">Documentation</a><br/>|
+|EBS Volume Snapshot Not Encrypted<br/><sup><sub>e6b4b943-6883-47a9-9739-7ada9568f8ca</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_snapshot#encrypted">Documentation</a><br/>|
+|ECS Task Definition Volume Not Encrypted<br/><sup><sub>4d46ff3b-7160-41d1-a310-71d6d370b08f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#transit_encryption">Documentation</a><br/>|
+|EFS Not Encrypted<br/><sup><sub>48207659-729f-4b5c-9402-f884257d794f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#encrypted">Documentation</a><br/>|
+|EKS Cluster Encryption Disabled<br/><sup><sub>63ebcb19-2739-4d3f-aa5c-e8bbb9b85281</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#encryption_config">Documentation</a><br/>|
+|ElastiCache Replication Group Not Encrypted At Rest<br/><sup><sub>76976de7-c7b1-4f64-a94f-90c1345914c2</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#at_rest_encryption_enabled">Documentation</a><br/>|
+|ElasticSearch Encryption With KMS Disabled<br/><sup><sub>7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
+|ElasticSearch Not Encrypted At Rest<br/><sup><sub>24e16922-4330-4e9d-be8a-caa90299466a</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
+|ELB Using Weak Ciphers<br/><sup><sub>4a800e14-c94a-442d-9067-5a2e9f6c0a4c</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
+|Glue Data Catalog Encryption Disabled<br/><sup><sub>01d50b14-e933-4c99-b314-6d08cd37ad35</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_data_catalog_encryption_settings#data_catalog_encryption_settings">Documentation</a><br/>|
+|Glue Security Configuration Encryption Disabled<br/><sup><sub>ad5b4e97-2850-4adf-be17-1d293e0b85ee</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_security_configuration#encryption_configuration">Documentation</a><br/>|
+|Kinesis Not Encrypted With KMS<br/><sup><sub>862fe4bf-3eec-4767-a517-40f378886b88</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream">Documentation</a><br/>|
+|Kinesis SSE Not Configured<br/><sup><sub>5c6dd5e7-1fe0-4cae-8f81-4c122717cef3</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream#server_side_encryption">Documentation</a><br/>|
+|Launch Configuration Is Not Encrypted<br/><sup><sub>4de9de27-254e-424f-bd70-4c1e95790838</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#encrypted">Documentation</a><br/>|
+|MSK Cluster Encryption Disabled<br/><sup><sub>6db52fa6-d4da-4608-908a-89f0c59e743e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#encryption_info">Documentation</a><br/>|
+|Neptune Database Cluster Encryption Disabled<br/><sup><sub>98d59056-f745-4ef5-8613-32bca8d40b7e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#storage_encrypted">Documentation</a><br/>|
+|RDS Database Cluster not Encrypted<br/><sup><sub>656880aa-1388-488f-a6d4-8f73c23149b2</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_cluster_snapshot">Documentation</a><br/>|
+|RDS Storage Not Encrypted<br/><sup><sub>3199c26c-7871-4cb3-99c2-10a59244ce7f</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#storage_encrypted">Documentation</a><br/>|
+|Redis Not Compliant<br/><sup><sub>254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine_version">Documentation</a><br/>|
+|Redshift Not Encrypted<br/><sup><sub>cfdcabb0-fc06-427c-865b-c59f13e898ce</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#encrypted">Documentation</a><br/>|
+|S3 Bucket Object Not Encrypted<br/><sup><sub>5fb49a69-8d46-4495-a2f8-9c8c622b2b6e</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_object#server_side_encryption">Documentation</a><br/>|
+|Sagemaker Endpoint Configuration Encryption Disabled<br/><sup><sub>58b35504-0287-4154-bf69-02c0573deab8</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_endpoint_configuration#kms_key_arn">Documentation</a><br/>|
+|Sagemaker Notebook Instance Without KMS<br/><sup><sub>f3674e0c-f6be-43fa-b71c-bf346d1aed99</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sagemaker_notebook_instance#kms_key_id">Documentation</a><br/>|
+|SNS Topic Not Encrypted<br/><sup><sub>28545147-2fc6-42d5-a1f9-cf226658e591</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
+|User Data Contains Encoded Private Key<br/><sup><sub>443488f5-c734-460b-a36d-5b3f330174dc</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#user_data_base64">Documentation</a><br/>|
+|Workspaces Workspace Volume Not Encrypted<br/><sup><sub>b9033580-6886-401a-8631-5f19f5bb24c7</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_workspace#root_volume_encryption_enabled">Documentation</a><br/>|
+|Batch Job Definition With Privileged Container Properties<br/><sup><sub>66cd88ac-9ddf-424a-b77e-e55e17630bee</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/batch_job_definition">Documentation</a><br/>|
+|DB Security Group Has Public Interface<br/><sup><sub>f0d8781f-99bf-4958-9917-d39283b168a0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
+|KMS Key With Vulnerable Policy<br/><sup><sub>7ebc9038-0bde-479a-acc4-6ed7b6758899</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
+|Lambda Function With Privileged Role<br/><sup><sub>1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
+|MQ Broker Is Publicly Accessible<br/><sup><sub>4eb5f791-c861-4afd-9f94-f2a6a3fe49cb</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
+|Redshift Publicly Accessible<br/><sup><sub>af173fde-95ea-4584-b904-bb3923ac4bda</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster">Documentation</a><br/>|
+|Root Account Has Active Access Keys<br/><sup><sub>970d224d-b42a-416b-81f9-8f4dfe70c4bc</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
+|S3 Static Website Host Enabled<br/><sup><sub>42bb6b7f-6d54-4428-b707-666f669d94fb</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#website">Documentation</a><br/>|
+|DB Security Group Open To Large Scope<br/><sup><sub>4f615f3e-fb9c-4fad-8b70-2e9f781806ce</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_security_group">Documentation</a><br/>|
+|Default Security Groups With Unrestricted Traffic<br/><sup><sub>46883ce1-dc3e-4b17-9195-c6a601624c73</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
+|Network ACL With Unrestricted Access To RDP<br/><sup><sub>a20be318-cac7-457b-911d-04cc6e812c25</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
+|Remote Desktop Port Open To Internet<br/><sup><sub>151187cb-0efc-481c-babd-ad24e3c9bc22</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Route53 Record Undefined<br/><sup><sub>25db74bf-fa3b-44da-934e-8c3e005c0453</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>381c3f2a-ef6f-4eff-99f7-b169cda3422c</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Unknown Port Exposed To Internet<br/><sup><sub>590d878b-abdc-428f-895a-e2b68a0e1998</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Unrestricted Security Group Ingress<br/><sup><sub>4728cd65-a20c-49da-8b31-9c08b423e4db</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db')">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/security_group.html">Documentation</a><br/>|
+|VPC Default Security Group Accepts All Traffic<br/><sup><sub>9a4ef195-74b9-4c58-b8ed-2b2fe4353a75</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group">Documentation</a><br/>|
+|VPC Peering Route Table with Unrestricted CIDR<br/><sup><sub>b3a41501-f712-4c4f-81e5-db9a7dc0e34e</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route">Documentation</a><br/>|
+|CloudTrail Log Files S3 Bucket is Publicly Accessible<br/><sup><sub>bd0088a5-c133-4b20-b129-ec9968b16ef3</sub></sup>|<span style="color:#bb2124">High</span>|Observability|<a href="../terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
+|Hardcoded AWS Access Key<br/><sup><sub>d7b9d850-3e06-4a75-852f-c46c2e92240b</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
+|Hardcoded AWS Access Key In Lambda<br/><sup><sub>1402afd8-a95c-4e84-8b0b-6fb43758e6ce</sub></sup>|<span style="color:#bb2124">High</span>|Secret Management|<a href="../terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function">Documentation</a><br/>|
+|AMI Shared With Multiple Accounts<br/><sup><sub>ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ami_launch_permission">Documentation</a><br/>|
+|API Gateway Method Does Not Contains An API Key<br/><sup><sub>671211c5-5d2a-4e97-8867-30fc28b02216</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
+|API Gateway Without Configured Authorizer<br/><sup><sub>0a96ce49-4163-4ee6-8169-eb3b0797d694</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_authorizer">Documentation</a><br/>|
+|Certificate Has Expired<br/><sup><sub>c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|EC2 Instance Using Default Security Group<br/><sup><sub>f1adc521-f79a-4d71-b55b-a68294687432</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#security_groups">Documentation</a><br/>|
+|EFS With Vulnerable Policy<br/><sup><sub>fae52418-bb8b-4ac2-b287-0b9082d6a3fd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system_policy#policy">Documentation</a><br/>|
+|Elasticsearch Domain With Vulnerable Policy<br/><sup><sub>16c4216a-50d3-4785-bfb2-4adb5144a8ba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain_policy#access_policies">Documentation</a><br/>|
+|Elasticsearch Without IAM Authentication<br/><sup><sub>e7530c3c-b7cf-4149-8db9-d037a0b5268e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain">Documentation</a><br/>|
+|Glue With Vulnerable Policy<br/><sup><sub>d25edb51-07fb-4a73-97d4-41cecdc53a22</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_resource_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>9b0ffadc-a61f-4c2a-b1e6-68fab60f6267</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>15e6ad8c-f420-49a6-bafb-074f5eb1ec74</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>7d544dad-8a6c-431c-84c1-5f07fe9afc0e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>8f3c16b3-354d-45db-8ad5-5066778a9485</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>970ed7a2-0aca-4425-acf1-0453c9ecbca1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>70b42736-efee-4bce-80d5-50358ed94990</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>3dd96caa-0b5f-4a85-b929-acfac4646cc2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>db78d14b-10e5-4e6e-84b1-dace6327b1ec</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>846646e3-2af1-428c-ac5d-271eccfa6faf</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>04c686f1-e0cd-4812-88e1-4e038410074c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ec49cbfd-fae4-45f3-81b1-860526d66e3f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>e77c89f6-9c85-49ea-b95b-5f960fe5be92</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>c0c1e744-0f37-445e-924a-1846f0839f69</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>60263b4a-6801-4587-911d-919c37ed733b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>7782d4b3-e23e-432b-9742-d9528432e771</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>78f1ec6f-5659-41ea-bd48-d0a142dce4f2</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>ad296c0d-8131-4d6b-b030-1b0e73a99ad3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>034d0aee-620f-4bf7-b7fb-efdf661fdb9e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>571254d8-aa6a-432e-9725-535d3ef04d69</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_policy#policy">Documentation</a><br/>|
+|IAM Access Key Is Exposed<br/><sup><sub>7081f85c-b94d-40fd-8b45-a4f1cac75e46</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key">Documentation</a><br/>|
+|IAM Group Without Users<br/><sup><sub>fc101ca7-c9dd-4198-a1eb-0fbe92e80044</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_group_membership#users">Documentation</a><br/>|
+|IAM Policies Attached To User<br/><sup><sub>b4378389-a9aa-44ee-91e7-ef183f11079e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment">Documentation</a><br/>|
+|IAM Policies With Full Privileges<br/><sup><sub>2f37c4a3-58b9-4afe-8a87-d7f1d2286f84</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy">Documentation</a><br/>|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services<br/><sup><sub>bcdcbdc6-a350-4855-ae7c-d1e6436f7c97</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
+|IAM Role Allows All Principals To Assume<br/><sup><sub>12b7e704-37f0-4d1e-911a-44bf60c48c21</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role">Documentation</a><br/>|
+|IAM Role Policy passRole Allows All<br/><sup><sub>e39bee8c-fe54-4a3f-824d-e5e2d1cca40a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-security-warning-pass-role-with-star-in-resource">Documentation</a><br/>|
+|IAM User With Access To Console<br/><sup><sub>9ec311bf-dfd9-421f-8498-0b063c8bc552</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
+|Lambda Permission Principal Is Wildcard<br/><sup><sub>e08ed7eb-f3ef-494d-9d22-2e3db756a347</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347')">Query details</a><br><a href="https://docs.ansible.com/ansible/latest/collections/community/aws/lambda_policy_module.html">Documentation</a><br/>|
+|Policy Without Principal<br/><sup><sub>bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html">Documentation</a><br/>|
+|Public and Private EC2 Share Role<br/><sup><sub>c53c7a89-f9d7-4c7b-8b66-8a555be99593</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
+|Public Lambda via API Gateway<br/><sup><sub>3ef8696c-e4ae-4872-92c7-520bb44dfe77</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
+|REST API With Vulnerable Policy<br/><sup><sub>b161c11b-a59b-4431-9a29-4e19f63e6b27</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>be2aa235-bd93-4b68-978a-1cc65d49082f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>30b88745-eebe-4ecb-a3a9-5cf886e96204</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>0a592060-8166-49f5-8e65-99ac6dce9871</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>eda48c88-2b7d-4e34-b6ca-04c0194aee17</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>b8a31292-509d-4b61-bc40-13b167db7e9c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>f906113d-cdc0-415a-ba60-609cc6daaf4d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>f465fff1-0a0f-457d-aa4d-1bddb6f204ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>7c96920c-6fd0-449d-9a52-0aa431b6beaf</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>5b4d4aee-ac94-4810-9611-833636e5916d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>9a205ba3-0dd1-42eb-8d54-2ffec836b51a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>ee49557d-750c-4cc1-aa95-94ab36cbefde</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>d6047119-a0b2-4b59-a4f2-127a36fb685b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>8f75840d-9ee7-42f3-b203-b40e3979eb12</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>118281d0-6471-422e-a7c5-051bc667926e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>f1173d8c-3264-4148-9fdb-61181e031b51</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>35ccf766-0e4d-41ed-9ec4-2dab155082b4</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>fa62ac4f-f5b9-45b9-97c1-625c8b6253ca</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>c583f0f9-7dfd-476b-a056-f47c62b47b46</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy#policy">Documentation</a><br/>|
+|S3 Bucket Allows Public ACL<br/><sup><sub>d0cc8694-fcad-43ff-ac86-32331d7e867f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously<br/><sup><sub>5ea624e4-c8b1-4bb3-87a4-4235a776adcc</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy">Documentation</a><br/>|
+|SQS Policy With Public Access<br/><sup><sub>730675f9-52ed-49b6-8ead-0acb5dd7df7f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy">Documentation</a><br/>|
+|SSO Identity User Unsafe Creation<br/><sup><sub>4003118b-046b-4640-b200-b8c7a4c8b89f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_user">Documentation</a><br/>|
+|SSO Policy with full privileges<br/><sup><sub>132a8c31-9837-4203-9fd1-15ca210c7b73</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set_inline_policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'<br/><sup><sub>19ffbe31-9d72-4379-9768-431195eae328</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'<br/><sup><sub>89561b03-cb35-44a9-a7e9-8356e71606f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'<br/><sup><sub>94fbe150-27e3-4eba-9ca6-af32865e4503</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'<br/><sup><sub>9b877bd8-94b4-4c10-a060-8e0436cc09fa</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AddUserToGroup'<br/><sup><sub>bf9d42c7-c2f9-4dfe-942c-c8cc8249a081</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'<br/><sup><sub>6d23d87e-1c5b-4308-b224-92624300f29b</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'<br/><sup><sub>e227091e-2228-4b40-b046-fc13650d8e88</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'<br/><sup><sub>70cb518c-d990-46f6-bc05-44a5041493d6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:CreateAccessKey'<br/><sup><sub>113208f2-a886-4526-9ecc-f3218600e12c</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'<br/><sup><sub>0fd7d920-4711-46bd-aff2-d307d82cd8b7</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'<br/><sup><sub>1743f5f1-0bb0-4934-acef-c80baa5dadfa</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'<br/><sup><sub>8bfbf7ab-d5e8-4100-8618-798956e101e0</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:PutRolePolicy'<br/><sup><sub>eeb4d37a-3c59-4789-a00c-1509bc3af1e5</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:PutUserPolicy'<br/><sup><sub>0c10d7da-85c4-4d62-b2a8-d6c104f1bd77</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'<br/><sup><sub>43a41523-386a-4cb1-becb-42af6b414433</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'<br/><sup><sub>33627268-1445-4385-988a-318fd9d1a512</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'<br/><sup><sub>6deb34e2-5d9c-499a-801b-ea6d9eda894f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'<br/><sup><sub>8055dec2-efb8-4fe6-8837-d9bed6ff202a</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'<br/><sup><sub>b69247e5-7e73-464e-ba74-ec9b715c6e12</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy#policy">Documentation</a><br/>|
+|Auto Scaling Group With No Associated ELB<br/><sup><sub>8e94dced-9bcc-4203-8eb7-7e41202b2505</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#load_balancers">Documentation</a><br/>|
+|CMK Is Unusable<br/><sup><sub>7350fa23-dcf7-4938-916d-6a60b0c73b50</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#is_enabled">Documentation</a><br/>|
+|ElastiCache Nodes Not Created Across Multi AZ<br/><sup><sub>6db03a91-f933-4f13-ab38-a8b87a7de54d</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster">Documentation</a><br/>|
+|ElastiCache Redis Cluster Without Backup<br/><sup><sub>8fdb08a0-a868-4fdf-9c27-ccab0237f1ab</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#snapshot_retention_limit">Documentation</a><br/>|
+|RDS Cluster With Backup Disabled<br/><sup><sub>e542bd46-58c4-4e0f-a52a-1fb4f9548e02</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#backup_retention_period">Documentation</a><br/>|
+|RDS With Backup Disabled<br/><sup><sub>1dc73fb4-5b51-430c-8c5f-25dcf9090b02</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
+|S3 Bucket Without Versioning<br/><sup><sub>568a4d22-3517-44a6-a7ad-6a7eed88722c</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning">Documentation</a><br/>|
+|Stack Retention Disabled<br/><sup><sub>6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set_instance#stack_set_name">Documentation</a><br/>|
+|ALB Not Dropping Invalid Headers<br/><sup><sub>6e3fd2ed-5c83-4c68-9679-7700d224d379</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#drop_invalid_header_fields">Documentation</a><br/>|
+|AMI Not Encrypted<br/><sup><sub>8bbb242f-6e38-4127-86d4-d8f0b2687ae2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami">Documentation</a><br/>|
+|CA Certificate Identifier Is Outdated<br/><sup><sub>9f40c07e-699e-4410-8856-3ba0f2e3a2dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance">Documentation</a><br/>|
+|Cloudfront Viewer Protocol Policy Allows HTTP<br/><sup><sub>55af1353-2f62-4fa0-a8e1-a210ca2708f5</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|CloudWatch Log Group Without KMS<br/><sup><sub>0afbcfe9-d341-4b92-a64c-7e6de0543879</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
+|ElastiCache Replication Group Not Encrypted At Transit<br/><sup><sub>1afbb3fa-cf6c-4a3d-b730-95e9f4df343e</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#transit_encryption_enabled">Documentation</a><br/>|
+|Elasticsearch Domain Not Encrypted Node To Node<br/><sup><sub>967eb3e6-26fc-497d-8895-6428beb6e8e2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#node_to_node_encryption">Documentation</a><br/>|
+|ELB Using Insecure Protocols<br/><sup><sub>126c1788-23c2-4a10-906c-ef179f4f96ec</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/load_balancer_policy">Documentation</a><br/>|
+|IAM Database Auth Not Enabled<br/><sup><sub>88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#iam_database_authentication_enabled">Documentation</a><br/>|
+|S3 Bucket Policy Accepts HTTP Requests<br/><sup><sub>4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy#policy">Documentation</a><br/>|
+|Secretsmanager Secret Encrypted With AWS Managed Key<br/><sup><sub>b0d3ef3f-845d-4b1b-83d6-63a5a380375f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
+|Secretsmanager Secret Without KMS<br/><sup><sub>a2f548f2-188c-4fff-b172-e9a6acb216bd</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id">Documentation</a><br/>|
+|Secure Ciphers Disabled<br/><sup><sub>5c0003fb-9aa0-42c1-9da3-eb0e332bef21</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|SNS Topic Encrypted With AWS Managed Key<br/><sup><sub>b1a72f66-2236-4f3b-87ba-0da1b366956f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic#kms_master_key_id">Documentation</a><br/>|
+|SQS With SSE Disabled<br/><sup><sub>6e8849c1-3aa7-40e3-9063-b85ee300f29f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue">Documentation</a><br/>|
+|SSM Session Transit Encryption Disabled<br/><sup><sub>ce60cc6b-6831-4bd7-84a2-cc7f8ee71433</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_document#content">Documentation</a><br/>|
+|ALB Deletion Protection Disabled<br/><sup><sub>afecd1f1-6378-4f7e-bb3b-60c35801fdd4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#enable_deletion_protection">Documentation</a><br/>|
+|API Gateway With Open Access<br/><sup><sub>15ccec05-5476-4890-ad19-53991eba1db8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method">Documentation</a><br/>|
+|API Gateway Without Security Policy<br/><sup><sub>4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_domain_name#security_policy">Documentation</a><br/>|
+|API Gateway Without SSL Certificate<br/><sup><sub>0b4869fc-a842-4597-aa00-1294df425440</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#client_certificate_id">Documentation</a><br/>|
+|Certificate RSA Key Bytes Lower Than 256<br/><sup><sub>874d68a3-bfbe-4a4b-aaa0-9e74d7da634b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|CloudFront Without Minimum Protocol TLS 1.2<br/><sup><sub>00e5e55e-c2ff-46b3-a757-a7a1cd802456</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|ECR Image Tag Not Immutable<br/><sup><sub>d1846b12-20c5-4d45-8798-fc35b79268eb</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository">Documentation</a><br/>|
+|ECS Task Definition Network Mode Not Recommended<br/><sup><sub>9f4a9409-9c60-4671-be96-9716dbf63db1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition#network_mode">Documentation</a><br/>|
+|EKS Cluster Has Public Access<br/><sup><sub>42f4b905-3736-4213-bfe9-c0660518cda8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
+|IAM User Has Too Many Access Keys<br/><sup><sub>3561130e-9c5f-485b-9e16-2764c82763e5</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#user">Documentation</a><br/>|
+|No Password Policy Enabled<br/><sup><sub>b592ffd4-0577-44b6-bd35-8c5ee81b5918</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_login_profile">Documentation</a><br/>|
+|S3 Bucket with Unsecured CORS Rule<br/><sup><sub>98a8f708-121b-455b-ae2f-da3fb59d17e1</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#cors_rule">Documentation</a><br/>|
+|S3 Bucket Without Ignore Public ACL<br/><sup><sub>4fa66806-0dd9-4f8d-9480-3174d39c7c91</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|S3 Bucket Without Restriction Of Public Bucket<br/><sup><sub>1ec253ab-c220-4d63-b2de-5b40e0af9293</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block">Documentation</a><br/>|
+|Service Control Policies Disabled<br/><sup><sub>5ba6229c-8057-433e-91d0-21cf13569ca9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy">Documentation</a><br/>|
+|Default VPC Exists<br/><sup><sub>96ed3526-0179-4c73-b1b2-372fde2e0d13</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc">Documentation</a><br/>|
+|Vulnerable Default SSL Certificate<br/><sup><sub>3a1e94df-6847-4c0e-a3b6-6c6af4e128ef</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|ALB Is Not Integrated With WAF<br/><sup><sub>0afa6ab8-a047-48cf-be07-93a2f8c34cf7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association">Documentation</a><br/>|
+|ALB Listening on HTTP<br/><sup><sub>de7f5e83-da88-4046-871f-ea18504b1d43</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener">Documentation</a><br/>|
+|API Gateway Endpoint Config is Not Private<br/><sup><sub>6b2739db-9c49-4db7-b980-7816e0c248c1</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|API Gateway without WAF<br/><sup><sub>a186e82c-1078-4a7b-85d8-579561fde884</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafregional_web_acl_association#resource_arn">Documentation</a><br/>|
+|CloudFront Without WAF<br/><sup><sub>1419b4c6-6d5c-4534-9cf6-6a5266085333</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|EC2 Instance Has Public IP<br/><sup><sub>5a2486aa-facf-477d-a5c1-b010789459ce</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#associate_public_ip_address">Documentation</a><br/>|
+|EKS Cluster Has Public Access CIDRs<br/><sup><sub>61cf9883-1752-4768-b18c-0d57f2737709</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster">Documentation</a><br/>|
+|EKS node group remote access disabled<br/><sup><sub>ba40ace1-a047-483c-8a8d-bc2d3a67a82d</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group#remote_access">Documentation</a><br/>|
+|Elasticsearch with HTTPS disabled<br/><sup><sub>2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#enforce_https">Documentation</a><br/>|
+|HTTP Port Open To Internet<br/><sup><sub>ffac8a12-322e-42c1-b9b9-81ff85c39ef7</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Network ACL With Unrestricted Access To SSH<br/><sup><sub>3af7f2fd-06e6-4dab-b996-2912bea19ba4</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl">Documentation</a><br/>|
+|Security Group With Unrestricted Access To SSH<br/><sup><sub>65905cec-d691-4320-b320-2000436cb696</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e35c16a2-d54e-419d-8546-a804d8e024d0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible<br/><sup><sub>54c417bf-c762-48b9-9d31-b3d87047e3f0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|VPC Subnet Assigns Public IP<br/><sup><sub>52f04a44-6bfa-4c41-b1d3-4ae99a2de05c</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch">Documentation</a><br/>|
+|VPC Without Network Firewall<br/><sup><sub>fd632aaf-b8a1-424d-a4d1-0de22fd3247a</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall#vpc_id">Documentation</a><br/>|
+|API Gateway Access Logging Disabled<br/><sup><sub>1b6799eb-4a7a-4b04-9001-8cceb9999326</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#access_log_settings">Documentation</a><br/>|
+|API Gateway Deployment Without Access Log Setting<br/><sup><sub>625abc0e-f980-4ac9-a775-f7519ee34296</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
+|API Gateway With CloudWatch Logging Disabled<br/><sup><sub>982aa526-6970-4c59-8b9b-2ce7e019fe36</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#managing-the-api-logging-cloudwatch-log-group">Documentation</a><br/>|
+|CloudFront Logging Disabled<br/><sup><sub>94690d79-b3b0-43de-b656-84ebef5753e5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|CloudTrail Log Files S3 Bucket with Logging Disabled<br/><sup><sub>ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#s3_bucket_name">Documentation</a><br/>|
+|CloudTrail Logging Disabled<br/><sup><sub>4bb76f17-3d63-4529-bdca-2b454529d774</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_logging">Documentation</a><br/>|
+|CloudWatch AWS Config Configuration Changes Alarm Missing<br/><sup><sub>5b8d7527-de8e-4114-b9dd-9d988f1f418f</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Changes To NACL Alarm Missing<br/><sup><sub>0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|Cloudwatch Cloudtrail Configuration Changes Alarm Missing<br/><sup><sub>0f6cbf69-41bb-47dc-93f3-3844640bf480</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing<br/><sup><sub>56a585f5-555c-48b2-8395-e64e4740a9cf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Logging Disabled<br/><sup><sub>7dbba512-e244-42dc-98bb-422339827967</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_query_log">Documentation</a><br/>|
+|CloudWatch Management Console Auth Failed Alarm Missing<br/><sup><sub>5864d189-ee9a-4009-ac0c-8a582e6b7919</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Metrics Disabled<br/><sup><sub>081069cb-588b-4ce1-884c-2a1ce3029fe5</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#metrics_enabled">Documentation</a><br/>|
+|CloudWatch Root Account Use Missing<br/><sup><sub>8b1b1e67-6248-4dca-bbad-93486bb181c0</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch S3 policy Change Alarm Missing<br/><sup><sub>27c6a499-895a-4dc7-9617-5c485218db13</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|Cloudwatch Security Group Changes Alarm Missing<br/><sup><sub>4beaf898-9f8b-4237-89e2-5ffdc7ee6006</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch VPC Changes Alarm Missing<br/><sup><sub>9d0d4512-1959-43a2-a17f-72360ff06d1b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|DocDB Logging Is Disabled<br/><sup><sub>56f6a008-1b14-4af4-b9b2-ab7cf7e27641</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
+|EC2 Instance Monitoring Disabled<br/><sup><sub>23b70e32-032e-4fa6-ba5c-82f56b9980e6</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#monitoring">Documentation</a><br/>|
+|EKS cluster logging is not enabled<br/><sup><sub>37304d3f-f852-40b8-ae3f-725e87a7cedf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabled_cluster_log_types">Documentation</a><br/>|
+|Elasticsearch Log Disabled<br/><sup><sub>acb6b4e2-a086-4f35-aefd-4db6ea51ada2</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
+|ELB Access Log Disabled<br/><sup><sub>20018359-6fd7-4d05-ab26-d4dffccbdf79</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elb#enabled">Documentation</a><br/>|
+|Global Accelerator Flow Logs Disabled<br/><sup><sub>96e8183b-e985-457b-90cd-61c0503a3369</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/globalaccelerator_accelerator#flow_logs_enabled">Documentation</a><br/>|
+|GuardDuty Detector Disabled<br/><sup><sub>704dadd3-54fc-48ac-b6a0-02f170011473</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector#example-usage">Documentation</a><br/>|
+|Missing Cluster Log Types<br/><sup><sub>66f130d9-b81d-4e8e-9b08-da74b9c891df</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df')">Query details</a><br><a href="https://www.terraform.io/docs/providers/aws/r/eks_cluster.html">Documentation</a><br/>|
+|MQ Broker Logging Disabled<br/><sup><sub>31245f98-a6a9-4182-9fc1-45482b9d030a</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker">Documentation</a><br/>|
+|MSK Cluster Logging Disabled<br/><sup><sub>2f56b7ab-7fba-4e93-82f0-247e5ddeb239</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/msk_cluster#broker_logs">Documentation</a><br/>|
+|Neptune Logging Is Disabled<br/><sup><sub>45cff7b6-3b80-40c1-ba7b-2cf480678bb8</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster#enable_cloudwatch_logs_exports">Documentation</a><br/>|
+|RDS Without Logging<br/><sup><sub>8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#enabled_cloudwatch_logs_exports">Documentation</a><br/>|
+|Redshift Cluster Logging Disabled<br/><sup><sub>15ffbacc-fa42-4f6f-a57d-2feac7365caa</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#enable">Documentation</a><br/>|
+|S3 Bucket Logging Disabled<br/><sup><sub>f861041c-8c9f-4156-acfc-5e6e524f5884</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket">Documentation</a><br/>|
+|S3 Bucket Object Level CloudTrail Logging Disabled<br/><sup><sub>a8fc2180-b3ac-4c93-bd0d-a55b974e4b07</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#event_selector">Documentation</a><br/>|
+|Stack Notifications Disabled<br/><sup><sub>b72d0026-f649-4c91-a9ea-15d8f681ac09</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
+|VPC FlowLogs Disabled<br/><sup><sub>f83121ea-03da-434f-9277-9cd247ab3047</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc">Documentation</a><br/>|
+|No Stack Policy<br/><sup><sub>2f01fb2d-828a-499d-b98e-b83747305052</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
+|Authentication Without MFA<br/><sup><sub>3ddfa124-6407-4845-a501-179f90c65097</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy">Documentation</a><br/>|
+|CloudWatch Logs Destination With Vulnerable Policy<br/><sup><sub>db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_destination_policy#access_policy">Documentation</a><br/>|
+|EC2 Instance Using API Keys<br/><sup><sub>0b93729a-d882-4803-bdc3-ac429a21f158</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#iam_instance_profile">Documentation</a><br/>|
+|SSO Permission With Inadequate User Session Duration<br/><sup><sub>ce9dfce0-5fc8-433b-944a-3b16153111a8</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_permission_set">Documentation</a><br/>|
+|Autoscaling Groups Supply Tags<br/><sup><sub>ba48df05-eaa1-4d64-905e-4a4b051e7587</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#tag-and-tags">Documentation</a><br/>|
+|ECS Service Without Running Tasks<br/><sup><sub>91f16d09-689e-4926-aca7-155157f634ed</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service">Documentation</a><br/>|
+|Automatic Minor Upgrades Disabled<br/><sup><sub>3b6d777b-76e3-4133-80a3-0d6f667ade7f</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#auto_minor_version_upgrade">Documentation</a><br/>|
+|CDN Configuration Is Missing<br/><sup><sub>1bc367f6-901d-4870-ad0c-71d79762ef52</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution">Documentation</a><br/>|
+|Cognito UserPool Without MFA<br/><sup><sub>ec28bf61-a474-4dbe-b414-6dd3a067d6f0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool">Documentation</a><br/>|
+|ECR Repository Without Policy<br/><sup><sub>69e7c320-b65d-41bb-be02-d63ecc0bcc9d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy">Documentation</a><br/>|
+|IAM Access Analyzer Not Enabled<br/><sup><sub>e592a0c5-5bdb-414c-9066-5dba7cdea370</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/accessanalyzer_analyzer">Documentation</a><br/>|
+|IAM Password Without Minimum Length<br/><sup><sub>1bc1c685-e593-450e-88fb-19db4c82aa1d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
+|Lambda IAM InvokeFunction Misconfigured<br/><sup><sub>0ca1017d-3b80-423e-bb9c-6cd5898d34bd</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
+|Lambda Permission Misconfigured<br/><sup><sub>75ec6890-83af-4bf1-9f16-e83726df0bd0</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission">Documentation</a><br/>|
+|Misconfigured Password Policy Expiration<br/><sup><sub>ce60d060-efb8-4bfd-9cf7-ff8945d00d90</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
+|Password Without Reuse Prevention<br/><sup><sub>89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy#password_reuse_prevention">Documentation</a><br/>|
+|Stack Without Template<br/><sup><sub>91bea7b8-0c31-4863-adc9-93f6177266c4</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack">Documentation</a><br/>|
+|API Gateway With Invalid Compression<br/><sup><sub>ed35928e-195c-4405-a252-98ccb664ab7b</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api">Documentation</a><br/>|
+|CloudTrail Log Files Not Encrypted With KMS<br/><sup><sub>5d9e3164-9265-470c-9a10-57ae454ac0c7</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#kms_key_id">Documentation</a><br/>|
+|CodeBuild Project Encrypted With AWS Managed Key<br/><sup><sub>3deec14b-03d2-4d27-9670-7d79322e3340</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codebuild_project#encryption_key">Documentation</a><br/>|
+|DOCDB Cluster Encrypted With AWS Managed Key<br/><sup><sub>2134641d-30a4-4b16-8ffc-2cd4c4ffd15d</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id">Documentation</a><br/>|
+|ECR Repository Not Encrypted With CMK<br/><sup><sub>0e32d561-4b5a-4664-a6e3-a3fa85649157</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#encryption_configuration">Documentation</a><br/>|
+|EFS Without KMS<br/><sup><sub>25d251f3-f348-4f95-845c-1090e41a615c</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system#kms_key_id">Documentation</a><br/>|
+|AWS Password Policy With Unchangeable Passwords<br/><sup><sub>9ef7d25d-9764-4224-9968-fa321c56ef76</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy">Documentation</a><br/>|
+|IAM User Policy Without MFA<br/><sup><sub>b5681959-6c09-4f55-b42b-c40fa12d03ec</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec')">Query details</a><br><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html">Documentation</a><br/>|
+|Instance With No VPC<br/><sup><sub>a31a5a29-718a-4ff4-8001-a69e5e4d029e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance">Documentation</a><br/>|
+|Redis Disabled<br/><sup><sub>4bd15dd9-8d5e-4008-8532-27eb0c3706d3</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#engine">Documentation</a><br/>|
+|Redshift Cluster Without VPC<br/><sup><sub>0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#vpc_security_group_ids">Documentation</a><br/>|
+|S3 Bucket Without Enabled MFA Delete<br/><sup><sub>c5b31ab9-0f26-4a49-b8aa-4cc064392f4d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#mfa_delete">Documentation</a><br/>|
+|Dynamodb VPC Endpoint Without Route Table Association<br/><sup><sub>0bc534c5-13d1-4353-a7fe-b8665d5c1d7d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint#vpc_id">Documentation</a><br/>|
+|EC2 Instance Using Default VPC<br/><sup><sub>7e4a6e76-568d-43ef-8c4e-36dea481bff1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#subnet_id">Documentation</a><br/>|
+|ElastiCache Using Default Port<br/><sup><sub>5d89db57-8b51-4b38-bb76-b9bd42bd40f0</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#port">Documentation</a><br/>|
+|ElastiCache Without VPC<br/><sup><sub>8c849af7-a399-46f7-a34c-32d3dc96f1fc</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#subnet_group_name">Documentation</a><br/>|
+|EMR Without VPC<br/><sup><sub>2b3c8a6d-9856-43e6-ab1d-d651094f03b4</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/emr_cluster#subnet_id">Documentation</a><br/>|
+|RDS Using Default Port<br/><sup><sub>bca7cc4d-b3a4-4345-9461-eb69c68fcd26</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#port">Documentation</a><br/>|
+|Redshift Using Default Port<br/><sup><sub>41abc6cc-dde1-4217-83d3-fb5f0cc09d8f</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#port">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>92fe237e-074c-4262-81a4-2077acb928c1</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|Shield Advanced Not In Use<br/><sup><sub>084c6686-2a70-4710-91b1-000393e54c12</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/shield_protection#resource_arn">Documentation</a><br/>|
+|SQS VPC Endpoint Without DNS Resolution<br/><sup><sub>e9b7acf9-9ba0-4837-a744-31e7df1e434d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_dns_support">Documentation</a><br/>|
+|API Gateway Deployment Without API Gateway UsagePlan Associated<br/><sup><sub>b3a59b8e-94a3-403e-b6e2-527abaf12034</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_deployment">Documentation</a><br/>|
+|API Gateway X-Ray Disabled<br/><sup><sub>5813ef56-fa94-406a-b35d-977d4a56ff2b</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#xray_tracing_enabled">Documentation</a><br/>|
+|CloudTrail Log File Validation Disabled<br/><sup><sub>52ffcfa6-6c70-4ea6-8376-d828d3961669</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#enable_log_file_validation">Documentation</a><br/>|
+|CloudTrail Multi Region Disabled<br/><sup><sub>8173d5eb-96b5-4aa6-a71b-ecfa153c123d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#is_multi_region_trail">Documentation</a><br/>|
+|CloudTrail Not Integrated With CloudWatch<br/><sup><sub>17b30f8f-8dfb-4597-adf6-57600b6cf25e</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
+|CloudTrail SNS Topic Name Undefined<br/><sup><sub>482b7d26-0bdb-4b5f-bf6f-545826c0a3dd</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail">Documentation</a><br/>|
+|CloudWatch Console Sign-in Without MFA Alarm Missing<br/><sup><sub>44ceb4fa-0897-4fd2-b676-30e7a58f2933</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch IAM Policy Changes Alarm Missing<br/><sup><sub>eaaba502-2f94-411a-a3c2-83d63cc1776d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Network Gateways Changes Alarm Missing<br/><sup><sub>6b6874fe-4c2f-4eea-8b90-7cceaa4a125e</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Route Table Changes Alarm Missing<br/><sup><sub>2285e608-ddbc-47f3-ba54-ce7121e31216</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CMK Rotation Disabled<br/><sup><sub>22fbfeac-7b5a-421a-8a27-7a2178bb910b</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#enable_key_rotation">Documentation</a><br/>|
+|Configuration Aggregator to All Regions Disabled<br/><sup><sub>ac5a0bc0-a54c-45aa-90c3-15f7703b9132</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator#all_regions">Documentation</a><br/>|
+|ECS Cluster with Container Insights Disabled<br/><sup><sub>97cb0688-369a-4d26-b1f7-86c4c91231bc</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster#setting">Documentation</a><br/>|
+|ElasticSearch Without Slow Logs<br/><sup><sub>e979fcbc-df6c-422d-9458-c33d65e71c45</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#log_publishing_options">Documentation</a><br/>|
+|KMS Key With No Deletion Window<br/><sup><sub>0b530315-0ea4-497f-b34c-4ff86268f59d</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key">Documentation</a><br/>|
+|Lambda Functions Without X-Ray Tracing<br/><sup><sub>8152e0cf-d2f0-47ad-96d5-d003a76eabd1</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#tracing_config">Documentation</a><br/>|
+|Unscanned ECR Image<br/><sup><sub>9630336b-3fed-4096-8173-b9afdfe346a7</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#scan_on_push">Documentation</a><br/>|
+|API Gateway Stage Without API Gateway UsagePlan Associated<br/><sup><sub>c999cf62-0920-40f8-8dda-0caccd66ed7e</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage">Documentation</a><br/>|
+|Security Group Not Used<br/><sup><sub>4849211b-ac39-479e-ae78-5694d506cb24</sub></sup>|<span style="color:#5bc0de">Info</span>|Access Control|<a href="../terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group">Documentation</a><br/>|
+|DynamoDB Table Point In Time Recovery Disabled<br/><sup><sub>741f1291-47ac-4a85-a07b-3d32a9d6bd3e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#point_in_time_recovery">Documentation</a><br/>|
+|EC2 Not EBS Optimized<br/><sup><sub>60224630-175a-472a-9e23-133827040766</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/60224630-175a-472a-9e23-133827040766" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/60224630-175a-472a-9e23-133827040766')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs_optimized">Documentation</a><br/>|
+|Resource Not Using Tags<br/><sup><sub>e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/resource-tagging">Documentation</a><br/>|
+|Security Group Rule Without Description<br/><sup><sub>cb3f5ed6-0d18-40de-a93d-b3538db31e8c</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
+|Security Group Rule Without Description<br/><sup><sub>68eb4bf3-f9bf-463d-b5cf-e029bb446d2e</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#description">Documentation</a><br/>|
+|CloudWatch AWS Organizations Changes Missing Alarm<br/><sup><sub>38b85c45-e772-4de8-a247-69619ca137b3</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter#pattern">Documentation</a><br/>|
+|CloudWatch Without Retention Period Specified<br/><sup><sub>ef0b316a-211e-42f1-888e-64efe172b755</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group">Documentation</a><br/>|
 
 ### AWS_BOM
 Below are listed queries related to Terraform AWS_BOM:
@@ -410,17 +410,17 @@ Below are listed queries related to Terraform AWS_BOM:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|BOM - AWS DynamoDB<br/><sup><sub>23edf35f-7c22-4ff9-87e6-0ca74261cfbf</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EBS<br/><sup><sub>86571149-eef3-4280-a645-01e60df854b0</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS EFS<br/><sup><sub>f53f16d6-46a9-4277-9fbe-617b1e24cdca</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Elasticache<br/><sup><sub>54229498-850b-4f78-b3a7-218d24ef2c37</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS Kinesis<br/><sup><sub>0e59d33e-bba2-4037-8f88-9765647ca7ad</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MQ<br/><sup><sub>fcb1b388-f558-4b7f-9b6e-f4e98abb7380</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS MSK<br/><sup><sub>051f2063-2517-4295-ad8e-ba88c1bf5cfc</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS RDS<br/><sup><sub>12933609-c5bf-44b4-9a41-a6467c3b685b</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS S3 Buckets<br/><sup><sub>2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SNS<br/><sup><sub>eccc4d59-74b9-4974-86f1-74386e0c7f33</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - AWS SQS<br/><sup><sub>baecd2da-492a-4d59-b9dc-29540a1398e0</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS DynamoDB<br/><sup><sub>23edf35f-7c22-4ff9-87e6-0ca74261cfbf</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EBS<br/><sup><sub>86571149-eef3-4280-a645-01e60df854b0</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS EFS<br/><sup><sub>f53f16d6-46a9-4277-9fbe-617b1e24cdca</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Elasticache<br/><sup><sub>54229498-850b-4f78-b3a7-218d24ef2c37</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS Kinesis<br/><sup><sub>0e59d33e-bba2-4037-8f88-9765647ca7ad</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MQ<br/><sup><sub>fcb1b388-f558-4b7f-9b6e-f4e98abb7380</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS MSK<br/><sup><sub>051f2063-2517-4295-ad8e-ba88c1bf5cfc</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS RDS<br/><sup><sub>12933609-c5bf-44b4-9a41-a6467c3b685b</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS S3 Buckets<br/><sup><sub>2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SNS<br/><sup><sub>eccc4d59-74b9-4974-86f1-74386e0c7f33</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - AWS SQS<br/><sup><sub>baecd2da-492a-4d59-b9dc-29540a1398e0</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
 
 ### AZURE
 Below are listed queries related to Terraform AZURE:
@@ -429,99 +429,99 @@ Below are listed queries related to Terraform AZURE:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>c2a3efb6-8a58-481c-82f2-bfddf34bb4b7</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account#ip_range_filter">Documentation</a><br/>|
-|Redis Entirely Accessible<br/><sup><sub>fd8da341-6760-4450-b26c-9f6d8850575e</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
-|Redis Publicly Accessible<br/><sup><sub>5089d055-53ff-421b-9482-a5267bdce629</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
-|SQLServer Ingress From Any IP<br/><sup><sub>25c0ea09-f1c5-4380-b055-3b83863f2bb8</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
-|Unrestricted SQL Server Access<br/><sup><sub>d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
-|Public Storage Account<br/><sup><sub>17f75827-0684-48f4-8747-61129c7e4198</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
-|Storage Container Is Publicly Accessible<br/><sup><sub>dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container#container_access_type">Documentation</a><br/>|
-|Azure Container Registry With No Locks<br/><sup><sub>a187ac47-8163-42ce-8a63-c115236be6fb</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry">Documentation</a><br/>|
-|Security Group is Not Configured<br/><sup><sub>5c822443-e1ea-46b8-84eb-758ec602e844</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azure/r/virtual_network.html">Documentation</a><br/>|
-|MariaDB Server Public Network Access Enabled<br/><sup><sub>7f0a8696-7159-4337-ad0d-8a3ab4a78195</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#public_network_access_enabled">Documentation</a><br/>|
-|MSSQL Server Public Network Access Enabled<br/><sup><sub>ade36cf4-329f-4830-a83d-9db72c800507</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server#public_network_access_enabled">Documentation</a><br/>|
-|MySQL Server Public Access Enabled<br/><sup><sub>f118890b-2468-42b1-9ce9-af35146b425b</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server#public_network_access_enabled">Documentation</a><br/>|
-|RDP Is Exposed To The Internet<br/><sup><sub>efbf6449-5ec5-4cfe-8f15-acc51e0d787c</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>594c198b-4d79-41b8-9b36-fde13348b619</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Admin User Enabled For Container Registry<br/><sup><sub>b897dfbf-322c-45a8-b67c-1e698beeaa51</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/container_registry.html">Documentation</a><br/>|
-|AKS RBAC Disabled<br/><sup><sub>86f92117-eed8-4614-9c6c-b26da20ff37f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#role_based_access_control">Documentation</a><br/>|
-|App Service Authentication Disabled<br/><sup><sub>c7fc1481-2899-4490-bbd8-544a3a61a2f3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#enabled">Documentation</a><br/>|
-|Function App Authentication Disabled<br/><sup><sub>e65a0733-94a0-4826-82f4-df529f4c593f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#auth_settings">Documentation</a><br/>|
-|Role Assignment Not Limit Guest User Permissions<br/><sup><sub>8e75e431-449f-49e9-b56a-c8f1378025cf</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment">Documentation</a><br/>|
-|Role Definition Allows Custom Role Creation<br/><sup><sub>3fa5900f-9aac-4982-96b2-a6143d9c99fb</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_definition#actions">Documentation</a><br/>|
-|Storage Share File Allows All ACL Permissions<br/><sup><sub>48bbe0fd-57e4-4678-a4a1-119e79c90fc3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_share_file">Documentation</a><br/>|
-|Storage Table Allows All ACL Permissions<br/><sup><sub>3ac3e75c-6374-4a32-8ba0-6ed69bda404e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table#permissions">Documentation</a><br/>|
-|Azure Instance Using Basic Authentication<br/><sup><sub>dafe30ec-325d-4516-85d1-e8e6776f012c</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#admin_ssh_key">Documentation</a><br/>|
-|Key Vault Secrets Content Type Undefined<br/><sup><sub>f8e08a38-fc6e-4915-abbe-a7aadf1d59ef</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type">Documentation</a><br/>|
-|Security Contact Email<br/><sup><sub>34664094-59e0-4524-b69f-deaa1a68cce3</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact#email">Documentation</a><br/>|
-|App Service Not Using Latest TLS Encryption Version<br/><sup><sub>b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version">Documentation</a><br/>|
-|Encryption On Managed Disk Disabled<br/><sup><sub>a99130ab-4c0e-43aa-97f8-78d4fcb30024</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk#encryption_settings">Documentation</a><br/>|
-|Function App Not Using Latest TLS Encryption Version<br/><sup><sub>45fc717a-bd86-415c-bdd8-677901be1aa6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#min_tls_version">Documentation</a><br/>|
-|MySQL SSL Connection Disabled<br/><sup><sub>73e42469-3a86-4f39-ad78-098f325b4e9f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server">Documentation</a><br/>|
-|SSL Enforce Disabled<br/><sup><sub>0437633b-daa6-4bbc-8526-c0d2443b946e</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
-|Storage Account Not Forcing HTTPS<br/><sup><sub>12944ec4-1fa0-47be-8b17-42a034f937c2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
-|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>8263f146-5e03-43e0-9cfe-db960d56d1e7</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
-|AD Admin Not Configured For SQL Server<br/><sup><sub>a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
-|AKS Private Cluster Disabled<br/><sup><sub>599318f2-6653-4569-9e21-041d06c63a89</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#private_cluster_enabled">Documentation</a><br/>|
-|App Service FTPS Enforce Disabled<br/><sup><sub>85da374f-b00f-4832-9d44-84a1ca1e89f8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#ftps_state">Documentation</a><br/>|
-|App Service HTTP2 Disabled<br/><sup><sub>525b53be-62ed-4244-b4df-41aecfcb4071</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled">Documentation</a><br/>|
-|Azure App Service Client Certificate Disabled<br/><sup><sub>a81573f9-3691-4d83-88a0-7d4af63e17a3</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled">Documentation</a><br/>|
-|Function App Client Certificates Unrequired<br/><sup><sub>9bb3c639-5edf-458c-8ee5-30c17c7d671d</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#client_cert_mode">Documentation</a><br/>|
-|Function App FTPS Enforce Disabled<br/><sup><sub>9dab0179-433d-4dff-af8f-0091025691df</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#ftps_state">Documentation</a><br/>|
-|Function App HTTP2 Disabled<br/><sup><sub>ace823d1-4432-4dee-945b-cdf11a5a6bd0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled">Documentation</a><br/>|
-|Function App Managed Identity Disabled<br/><sup><sub>c87749b3-ff10-41f5-9df2-c421e8151759</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#identity">Documentation</a><br/>|
-|Network Watcher Flow Disabled<br/><sup><sub>b90842e5-6779-44d4-9760-972f4c03ba1c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
-|Redis Cache Allows Non SSL Connections<br/><sup><sub>e29a75e6-aba3-4896-b42d-b87818c16b58</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache">Documentation</a><br/>|
-|Redis Not Updated Regularly<br/><sup><sub>b947809d-dd2f-4de9-b724-04d101c515aa</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache#patch_schedule">Documentation</a><br/>|
-|Security Center Pricing Tier Is Not Standard<br/><sup><sub>819d50fd-1cdf-45c3-9936-be408aaad93e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_subscription_pricing">Documentation</a><br/>|
-|Small Flow Logs Retention Period<br/><sup><sub>7750fcca-dd03-4d38-b663-4b70289bcfd4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
-|VM Not Attached To Network<br/><sup><sub>bbf6b3df-4b65-4f87-82cc-da9f30f8c033</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#network_interface_ids">Documentation</a><br/>|
-|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only">Documentation</a><br/>|
-|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>a5613650-32ec-4975-a305-31af783153ea</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action">Documentation</a><br/>|
-|Azure Cognitive Search Public Network Access Enabled<br/><sup><sub>4a9e0f00-0765-4f72-a0d4-d31110b78279</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/search_service#public_network_access_enabled">Documentation</a><br/>|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>a829b715-cf75-4e92-b645-54c9b739edfb</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
-|Network Interfaces IP Forwarding Enabled<br/><sup><sub>4216ebac-d74c-4423-b437-35025cb88af5</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#enable_ip_forwarding">Documentation</a><br/>|
-|Network Interfaces With Public IP<br/><sup><sub>c1573577-e494-4417-8854-7e119368dc8b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#public_ip_address_id">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e9dee01f-2505-4df2-b9bf-7804d1fd9082</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|SSH Is Exposed To The Internet<br/><sup><sub>3e3c175e-aadf-4e2b-a464-3fdac5748d24</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Trusted Microsoft Services Not Enabled<br/><sup><sub>5400f379-a347-4bdd-a032-446465fdcc6f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass">Documentation</a><br/>|
-|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2e48d91c-50e4-45c8-9312-27b625868a72</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway">Documentation</a><br/>|
-|Email Alerts Disabled<br/><sup><sub>9db38e87-f6aa-4b5e-a1ec-7266df259409</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact">Documentation</a><br/>|
-|Log Retention Is Not Set<br/><sup><sub>ffb02aca-0d12-475e-b77c-a726f7aeff4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|MSSQL Server Auditing Disabled<br/><sup><sub>609839ae-bd81-4375-9910-5bce72ae7b92</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
-|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>3790d386-be81-4dcf-9850-eaa7df6c10d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Log Connections Not Set<br/><sup><sub>c640d783-10c5-4071-b6c1-23507300d333</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Log Disconnections Not Set<br/><sup><sub>07f7134f-9f37-476e-8664-670c218e4702</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Log Duration Not Set<br/><sup><sub>16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|PostgreSQL Server Without Connection Throttling<br/><sup><sub>2b3c671f-1b76-4741-8789-ed1fe0785dc4</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|SQL Server Auditing Disabled<br/><sup><sub>f7e296b0-6660-4bc5-8f87-22ac4a815edf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
-|Vault Auditing Disabled<br/><sup><sub>38c71c00-c177-4cd7-8d36-cd1007cdb190</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/key_vault.html">Documentation</a><br/>|
-|PostgreSQL Server Threat Detection Policy Disabled<br/><sup><sub>c407c3cf-c409-4b29-b590-db5f4138d332</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#threat_detection_policy">Documentation</a><br/>|
-|SQL Database Audit Disabled<br/><sup><sub>83a229ba-483e-47c6-8db7-dc96969bce5a</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/sql_database.html">Documentation</a><br/>|
-|Key Expiration Not Set<br/><sup><sub>4d080822-5ee2-49a4-8984-68f3d4c890fc</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key">Documentation</a><br/>|
-|Secret Expiration Not Set<br/><sup><sub>dfa20ffa-f476-428f-a490-424b41e91c7f</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret">Documentation</a><br/>|
-|Azure Active Directory Authentication<br/><sup><sub>a21c8da9-41bf-40cf-941d-330cf0d11fc7</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_fabric_cluster#tenant_id">Documentation</a><br/>|
-|Virtual Network with DDoS Protection Plan disabled<br/><sup><sub>b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network#ddos_protection_plan">Documentation</a><br/>|
-|Geo Redundancy Is Disabled<br/><sup><sub>8b042c30-e441-453f-b162-7696982ebc58</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
-|MariaDB Server Geo-redundant Backup Disabled<br/><sup><sub>0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#geo_redundant_backup_enabled">Documentation</a><br/>|
-|AKS Uses Azure Policies Add-On Disabled<br/><sup><sub>43789711-161b-4708-b5bb-9d1c626f7492</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#azure_policy">Documentation</a><br/>|
-|App Service Without Latest PHP Version<br/><sup><sub>96fe318e-d631-4156-99fa-9080d57280ae</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#php_version">Documentation</a><br/>|
-|App Service Without Latest Python Version<br/><sup><sub>cc4aaa9d-1070-461a-b519-04e00f42db8a</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#python_version">Documentation</a><br/>|
-|SQL Server Predictable Active Directory Account Name<br/><sup><sub>bcd3fc01-5902-4f2a-b05a-227f9bbf5450</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
-|SQL Server Predictable Admin Account Name<br/><sup><sub>2ab6de9a-0136-415c-be92-79d2e4fd750f</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
-|Cosmos DB Account Without Tags<br/><sup><sub>56dad03e-e94f-4dd6-93a4-c253a03ff7a0</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account">Documentation</a><br/>|
-|AKS Disk Encryption Set ID Undefined<br/><sup><sub>b17d8bb8-4c08-4785-867e-cb9e62a622aa</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#disk_encryption_set_id">Documentation</a><br/>|
-|PostgreSQL Server Infrastructure Encryption Disabled<br/><sup><sub>6425c98b-ca4e-41fe-896a-c78772c131f8</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#infrastructure_encryption_enabled">Documentation</a><br/>|
-|AKS Network Policy Misconfigured<br/><sup><sub>f5342045-b935-402d-adf1-8dbbd09c0eef</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster">Documentation</a><br/>|
-|Dashboard Is Enabled<br/><sup><sub>61c3cb8b-0715-47e4-b788-86dde40dd2db</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster">Documentation</a><br/>|
-|Azure Front Door WAF Disabled<br/><sup><sub>835a4f2f-df43-437d-9943-545ccfc55961</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor#web_application_firewall_policy_link_id">Documentation</a><br/>|
-|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
-|Small Activity Log Retention Period<br/><sup><sub>2b856bf9-8e8c-4005-875f-303a8cba3918</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_log_profile">Documentation</a><br/>|
-|Small MSSQL Audit Retention Period<br/><sup><sub>9c301481-e6ec-44f7-8a49-8ec63e2969ea</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
-|Small MSSQL Server Audit Retention<br/><sup><sub>59acb56b-2b10-4c2c-ba38-f2223c3f5cfc</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
-|Small PostgreSQL DB Server Log Retention Period<br/><sup><sub>261a83f8-dd72-4e8c-b5e1-ebf06e8fe606</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
-|App Service Managed Identity Disabled<br/><sup><sub>b61cce4b-0cc4-472b-8096-15617a6d769b</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity">Documentation</a><br/>|
-|SQL Server Alert Email Disabled<br/><sup><sub>55975007-f6e7-4134-83c3-298f1fe4b519</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server_security_alert_policy#email_account_admins">Documentation</a><br/>|
+|CosmosDB Account IP Range Filter Not Set<br/><sup><sub>c2a3efb6-8a58-481c-82f2-bfddf34bb4b7</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account#ip_range_filter">Documentation</a><br/>|
+|Redis Entirely Accessible<br/><sup><sub>fd8da341-6760-4450-b26c-9f6d8850575e</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
+|Redis Publicly Accessible<br/><sup><sub>5089d055-53ff-421b-9482-a5267bdce629</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
+|SQLServer Ingress From Any IP<br/><sup><sub>25c0ea09-f1c5-4380-b055-3b83863f2bb8</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
+|Unrestricted SQL Server Access<br/><sup><sub>d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28</sub></sup>|<span style="color:#ff0000">Critical</span>|Networking and Firewall|<a href="../terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule">Documentation</a><br/>|
+|Public Storage Account<br/><sup><sub>17f75827-0684-48f4-8747-61129c7e4198</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
+|Storage Container Is Publicly Accessible<br/><sup><sub>dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container#container_access_type">Documentation</a><br/>|
+|Azure Container Registry With No Locks<br/><sup><sub>a187ac47-8163-42ce-8a63-c115236be6fb</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry">Documentation</a><br/>|
+|Security Group is Not Configured<br/><sup><sub>5c822443-e1ea-46b8-84eb-758ec602e844</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azure/r/virtual_network.html">Documentation</a><br/>|
+|MariaDB Server Public Network Access Enabled<br/><sup><sub>7f0a8696-7159-4337-ad0d-8a3ab4a78195</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#public_network_access_enabled">Documentation</a><br/>|
+|MSSQL Server Public Network Access Enabled<br/><sup><sub>ade36cf4-329f-4830-a83d-9db72c800507</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server#public_network_access_enabled">Documentation</a><br/>|
+|MySQL Server Public Access Enabled<br/><sup><sub>f118890b-2468-42b1-9ce9-af35146b425b</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server#public_network_access_enabled">Documentation</a><br/>|
+|RDP Is Exposed To The Internet<br/><sup><sub>efbf6449-5ec5-4cfe-8f15-acc51e0d787c</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Entire Network<br/><sup><sub>594c198b-4d79-41b8-9b36-fde13348b619</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Admin User Enabled For Container Registry<br/><sup><sub>b897dfbf-322c-45a8-b67c-1e698beeaa51</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/container_registry.html">Documentation</a><br/>|
+|AKS RBAC Disabled<br/><sup><sub>86f92117-eed8-4614-9c6c-b26da20ff37f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#role_based_access_control">Documentation</a><br/>|
+|App Service Authentication Disabled<br/><sup><sub>c7fc1481-2899-4490-bbd8-544a3a61a2f3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#enabled">Documentation</a><br/>|
+|Function App Authentication Disabled<br/><sup><sub>e65a0733-94a0-4826-82f4-df529f4c593f</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#auth_settings">Documentation</a><br/>|
+|Role Assignment Not Limit Guest User Permissions<br/><sup><sub>8e75e431-449f-49e9-b56a-c8f1378025cf</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment">Documentation</a><br/>|
+|Role Definition Allows Custom Role Creation<br/><sup><sub>3fa5900f-9aac-4982-96b2-a6143d9c99fb</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_definition#actions">Documentation</a><br/>|
+|Storage Share File Allows All ACL Permissions<br/><sup><sub>48bbe0fd-57e4-4678-a4a1-119e79c90fc3</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_share_file">Documentation</a><br/>|
+|Storage Table Allows All ACL Permissions<br/><sup><sub>3ac3e75c-6374-4a32-8ba0-6ed69bda404e</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table#permissions">Documentation</a><br/>|
+|Azure Instance Using Basic Authentication<br/><sup><sub>dafe30ec-325d-4516-85d1-e8e6776f012c</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#admin_ssh_key">Documentation</a><br/>|
+|Key Vault Secrets Content Type Undefined<br/><sup><sub>f8e08a38-fc6e-4915-abbe-a7aadf1d59ef</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type">Documentation</a><br/>|
+|Security Contact Email<br/><sup><sub>34664094-59e0-4524-b69f-deaa1a68cce3</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact#email">Documentation</a><br/>|
+|App Service Not Using Latest TLS Encryption Version<br/><sup><sub>b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version">Documentation</a><br/>|
+|Encryption On Managed Disk Disabled<br/><sup><sub>a99130ab-4c0e-43aa-97f8-78d4fcb30024</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk#encryption_settings">Documentation</a><br/>|
+|Function App Not Using Latest TLS Encryption Version<br/><sup><sub>45fc717a-bd86-415c-bdd8-677901be1aa6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#min_tls_version">Documentation</a><br/>|
+|MySQL SSL Connection Disabled<br/><sup><sub>73e42469-3a86-4f39-ad78-098f325b4e9f</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server">Documentation</a><br/>|
+|SSL Enforce Disabled<br/><sup><sub>0437633b-daa6-4bbc-8526-c0d2443b946e</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
+|Storage Account Not Forcing HTTPS<br/><sup><sub>12944ec4-1fa0-47be-8b17-42a034f937c2</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
+|Storage Account Not Using Latest TLS Encryption Version<br/><sup><sub>8263f146-5e03-43e0-9cfe-db960d56d1e7</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account">Documentation</a><br/>|
+|AD Admin Not Configured For SQL Server<br/><sup><sub>a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
+|AKS Private Cluster Disabled<br/><sup><sub>599318f2-6653-4569-9e21-041d06c63a89</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#private_cluster_enabled">Documentation</a><br/>|
+|App Service FTPS Enforce Disabled<br/><sup><sub>85da374f-b00f-4832-9d44-84a1ca1e89f8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#ftps_state">Documentation</a><br/>|
+|App Service HTTP2 Disabled<br/><sup><sub>525b53be-62ed-4244-b4df-41aecfcb4071</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled">Documentation</a><br/>|
+|Azure App Service Client Certificate Disabled<br/><sup><sub>a81573f9-3691-4d83-88a0-7d4af63e17a3</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled">Documentation</a><br/>|
+|Function App Client Certificates Unrequired<br/><sup><sub>9bb3c639-5edf-458c-8ee5-30c17c7d671d</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#client_cert_mode">Documentation</a><br/>|
+|Function App FTPS Enforce Disabled<br/><sup><sub>9dab0179-433d-4dff-af8f-0091025691df</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#ftps_state">Documentation</a><br/>|
+|Function App HTTP2 Disabled<br/><sup><sub>ace823d1-4432-4dee-945b-cdf11a5a6bd0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled">Documentation</a><br/>|
+|Function App Managed Identity Disabled<br/><sup><sub>c87749b3-ff10-41f5-9df2-c421e8151759</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#identity">Documentation</a><br/>|
+|Network Watcher Flow Disabled<br/><sup><sub>b90842e5-6779-44d4-9760-972f4c03ba1c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
+|Redis Cache Allows Non SSL Connections<br/><sup><sub>e29a75e6-aba3-4896-b42d-b87818c16b58</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache">Documentation</a><br/>|
+|Redis Not Updated Regularly<br/><sup><sub>b947809d-dd2f-4de9-b724-04d101c515aa</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache#patch_schedule">Documentation</a><br/>|
+|Security Center Pricing Tier Is Not Standard<br/><sup><sub>819d50fd-1cdf-45c3-9936-be408aaad93e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_subscription_pricing">Documentation</a><br/>|
+|Small Flow Logs Retention Period<br/><sup><sub>7750fcca-dd03-4d38-b663-4b70289bcfd4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log">Documentation</a><br/>|
+|VM Not Attached To Network<br/><sup><sub>bbf6b3df-4b65-4f87-82cc-da9f30f8c033</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#network_interface_ids">Documentation</a><br/>|
+|Web App Accepting Traffic Other Than HTTPS<br/><sup><sub>11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only">Documentation</a><br/>|
+|Default Azure Storage Account Network Access Is Too Permissive<br/><sup><sub>a5613650-32ec-4975-a305-31af783153ea</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action">Documentation</a><br/>|
+|Azure Cognitive Search Public Network Access Enabled<br/><sup><sub>4a9e0f00-0765-4f72-a0d4-d31110b78279</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/search_service#public_network_access_enabled">Documentation</a><br/>|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache<br/><sup><sub>a829b715-cf75-4e92-b645-54c9b739edfb</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_firewall_rule">Documentation</a><br/>|
+|Network Interfaces IP Forwarding Enabled<br/><sup><sub>4216ebac-d74c-4423-b437-35025cb88af5</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#enable_ip_forwarding">Documentation</a><br/>|
+|Network Interfaces With Public IP<br/><sup><sub>c1573577-e494-4417-8854-7e119368dc8b</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#public_ip_address_id">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Small Public Network<br/><sup><sub>e9dee01f-2505-4df2-b9bf-7804d1fd9082</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|SSH Is Exposed To The Internet<br/><sup><sub>3e3c175e-aadf-4e2b-a464-3fdac5748d24</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Trusted Microsoft Services Not Enabled<br/><sup><sub>5400f379-a347-4bdd-a032-446465fdcc6f</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass">Documentation</a><br/>|
+|WAF Is Disabled For Azure Application Gateway<br/><sup><sub>2e48d91c-50e4-45c8-9312-27b625868a72</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway">Documentation</a><br/>|
+|Email Alerts Disabled<br/><sup><sub>9db38e87-f6aa-4b5e-a1ec-7266df259409</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact">Documentation</a><br/>|
+|Log Retention Is Not Set<br/><sup><sub>ffb02aca-0d12-475e-b77c-a726f7aeff4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|MSSQL Server Auditing Disabled<br/><sup><sub>609839ae-bd81-4375-9910-5bce72ae7b92</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
+|PostgreSQL Log Checkpoints Disabled<br/><sup><sub>3790d386-be81-4dcf-9850-eaa7df6c10d9</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Log Connections Not Set<br/><sup><sub>c640d783-10c5-4071-b6c1-23507300d333</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Log Disconnections Not Set<br/><sup><sub>07f7134f-9f37-476e-8664-670c218e4702</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Log Duration Not Set<br/><sup><sub>16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|PostgreSQL Server Without Connection Throttling<br/><sup><sub>2b3c671f-1b76-4741-8789-ed1fe0785dc4</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|SQL Server Auditing Disabled<br/><sup><sub>f7e296b0-6660-4bc5-8f87-22ac4a815edf</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
+|Vault Auditing Disabled<br/><sup><sub>38c71c00-c177-4cd7-8d36-cd1007cdb190</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/key_vault.html">Documentation</a><br/>|
+|PostgreSQL Server Threat Detection Policy Disabled<br/><sup><sub>c407c3cf-c409-4b29-b590-db5f4138d332</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#threat_detection_policy">Documentation</a><br/>|
+|SQL Database Audit Disabled<br/><sup><sub>83a229ba-483e-47c6-8db7-dc96969bce5a</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a')">Query details</a><br><a href="https://www.terraform.io/docs/providers/azurerm/r/sql_database.html">Documentation</a><br/>|
+|Key Expiration Not Set<br/><sup><sub>4d080822-5ee2-49a4-8984-68f3d4c890fc</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key">Documentation</a><br/>|
+|Secret Expiration Not Set<br/><sup><sub>dfa20ffa-f476-428f-a490-424b41e91c7f</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret">Documentation</a><br/>|
+|Azure Active Directory Authentication<br/><sup><sub>a21c8da9-41bf-40cf-941d-330cf0d11fc7</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_fabric_cluster#tenant_id">Documentation</a><br/>|
+|Virtual Network with DDoS Protection Plan disabled<br/><sup><sub>b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network#ddos_protection_plan">Documentation</a><br/>|
+|Geo Redundancy Is Disabled<br/><sup><sub>8b042c30-e441-453f-b162-7696982ebc58</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server">Documentation</a><br/>|
+|MariaDB Server Geo-redundant Backup Disabled<br/><sup><sub>0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1</sub></sup>|<span style="color:#edd57e">Low</span>|Backup|<a href="../terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#geo_redundant_backup_enabled">Documentation</a><br/>|
+|AKS Uses Azure Policies Add-On Disabled<br/><sup><sub>43789711-161b-4708-b5bb-9d1c626f7492</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#azure_policy">Documentation</a><br/>|
+|App Service Without Latest PHP Version<br/><sup><sub>96fe318e-d631-4156-99fa-9080d57280ae</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#php_version">Documentation</a><br/>|
+|App Service Without Latest Python Version<br/><sup><sub>cc4aaa9d-1070-461a-b519-04e00f42db8a</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#python_version">Documentation</a><br/>|
+|SQL Server Predictable Active Directory Account Name<br/><sup><sub>bcd3fc01-5902-4f2a-b05a-227f9bbf5450</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator">Documentation</a><br/>|
+|SQL Server Predictable Admin Account Name<br/><sup><sub>2ab6de9a-0136-415c-be92-79d2e4fd750f</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
+|Cosmos DB Account Without Tags<br/><sup><sub>56dad03e-e94f-4dd6-93a4-c253a03ff7a0</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account">Documentation</a><br/>|
+|AKS Disk Encryption Set ID Undefined<br/><sup><sub>b17d8bb8-4c08-4785-867e-cb9e62a622aa</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#disk_encryption_set_id">Documentation</a><br/>|
+|PostgreSQL Server Infrastructure Encryption Disabled<br/><sup><sub>6425c98b-ca4e-41fe-896a-c78772c131f8</sub></sup>|<span style="color:#edd57e">Low</span>|Encryption|<a href="../terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#infrastructure_encryption_enabled">Documentation</a><br/>|
+|AKS Network Policy Misconfigured<br/><sup><sub>f5342045-b935-402d-adf1-8dbbd09c0eef</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster">Documentation</a><br/>|
+|Dashboard Is Enabled<br/><sup><sub>61c3cb8b-0715-47e4-b788-86dde40dd2db</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster">Documentation</a><br/>|
+|Azure Front Door WAF Disabled<br/><sup><sub>835a4f2f-df43-437d-9943-545ccfc55961</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor#web_application_firewall_policy_link_id">Documentation</a><br/>|
+|Sensitive Port Is Exposed To Wide Private Network<br/><sup><sub>c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule">Documentation</a><br/>|
+|Small Activity Log Retention Period<br/><sup><sub>2b856bf9-8e8c-4005-875f-303a8cba3918</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_log_profile">Documentation</a><br/>|
+|Small MSSQL Audit Retention Period<br/><sup><sub>9c301481-e6ec-44f7-8a49-8ec63e2969ea</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server">Documentation</a><br/>|
+|Small MSSQL Server Audit Retention<br/><sup><sub>59acb56b-2b10-4c2c-ba38-f2223c3f5cfc</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server">Documentation</a><br/>|
+|Small PostgreSQL DB Server Log Retention Period<br/><sup><sub>261a83f8-dd72-4e8c-b5e1-ebf06e8fe606</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration">Documentation</a><br/>|
+|App Service Managed Identity Disabled<br/><sup><sub>b61cce4b-0cc4-472b-8096-15617a6d769b</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity">Documentation</a><br/>|
+|SQL Server Alert Email Disabled<br/><sup><sub>55975007-f6e7-4134-83c3-298f1fe4b519</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519" onclick="newWindowOpenerSafe(event, '../terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server_security_alert_policy#email_account_admins">Documentation</a><br/>|
 
 ### DATABRICKS
 Below are listed queries related to Terraform DATABRICKS:
@@ -530,17 +530,17 @@ Below are listed queries related to Terraform DATABRICKS:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)<br/><sup><sub>a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permissions">Documentation</a><br/>|
-|(Beta) Unrestricted Databricks ACL<br/><sup><sub>2c4fe4a9-f44b-4c70-b09b-5b75cd251805</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/ip_access_list">Documentation</a><br/>|
-|(Beta) Job's Task is Legacy (spark_submit_task)<br/><sup><sub>375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/job#spark_submit_task-configuration-block">Documentation</a><br/>|
-|(Beta) Indefinitely Databricks OBO Token Lifetime<br/><sup><sub>23e1f5f0-12b7-4d7e-9087-f60f42ccd514</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/obo_token">Documentation</a><br/>|
-|(Beta) Indefinitely Databricks Token Lifetime<br/><sup><sub>7d05ca25-91b4-42ee-b6f6-b06611a87ce8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/token">Documentation</a><br/>|
-|(Beta) Databricks Autoscale Badly Setup<br/><sup><sub>953c0cc6-5f30-44cb-a803-bf4ef2571be8</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster">Documentation</a><br/>|
-|(Beta) Databricks Group Without User Or Instance Profile<br/><sup><sub>23c3067a-8cc9-480c-b645-7c1e0ad4bf60</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group">Documentation</a><br/>|
-|(Beta) Check Databricks Cluster AWS Attribute Best Practices<br/><sup><sub>b0749c53-e3ff-4d09-bbe4-dca94e2e7a38</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38" target="_blank">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
-|(Beta) Check Databricks Cluster Azure Attribute Best Practices<br/><sup><sub>38028698-e663-4ef7-aa92-773fef0ca86f</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f" target="_blank">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
-|(Beta) Check Databricks Cluster GCP Attribute Best Practices<br/><sup><sub>539e4557-d2b5-4d57-a001-cb01140a4e2d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d" target="_blank">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
-|(Beta) Check use no LTS Spark Version<br/><sup><sub>5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/spark_version">Documentation</a><br/>|
+|(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)<br/><sup><sub>a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5" onclick="newWindowOpenerSafe(event, '../terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permissions">Documentation</a><br/>|
+|(Beta) Unrestricted Databricks ACL<br/><sup><sub>2c4fe4a9-f44b-4c70-b09b-5b75cd251805</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805" onclick="newWindowOpenerSafe(event, '../terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/ip_access_list">Documentation</a><br/>|
+|(Beta) Job's Task is Legacy (spark_submit_task)<br/><sup><sub>375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7" onclick="newWindowOpenerSafe(event, '../terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/job#spark_submit_task-configuration-block">Documentation</a><br/>|
+|(Beta) Indefinitely Databricks OBO Token Lifetime<br/><sup><sub>23e1f5f0-12b7-4d7e-9087-f60f42ccd514</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514" onclick="newWindowOpenerSafe(event, '../terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/obo_token">Documentation</a><br/>|
+|(Beta) Indefinitely Databricks Token Lifetime<br/><sup><sub>7d05ca25-91b4-42ee-b6f6-b06611a87ce8</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8" onclick="newWindowOpenerSafe(event, '../terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/token">Documentation</a><br/>|
+|(Beta) Databricks Autoscale Badly Setup<br/><sup><sub>953c0cc6-5f30-44cb-a803-bf4ef2571be8</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8" onclick="newWindowOpenerSafe(event, '../terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster">Documentation</a><br/>|
+|(Beta) Databricks Group Without User Or Instance Profile<br/><sup><sub>23c3067a-8cc9-480c-b645-7c1e0ad4bf60</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60" onclick="newWindowOpenerSafe(event, '../terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group">Documentation</a><br/>|
+|(Beta) Check Databricks Cluster AWS Attribute Best Practices<br/><sup><sub>b0749c53-e3ff-4d09-bbe4-dca94e2e7a38</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38" onclick="newWindowOpenerSafe(event, '../terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38')">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
+|(Beta) Check Databricks Cluster Azure Attribute Best Practices<br/><sup><sub>38028698-e663-4ef7-aa92-773fef0ca86f</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f" onclick="newWindowOpenerSafe(event, '../terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f')">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
+|(Beta) Check Databricks Cluster GCP Attribute Best Practices<br/><sup><sub>539e4557-d2b5-4d57-a001-cb01140a4e2d</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d" onclick="newWindowOpenerSafe(event, '../terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d')">Query details</a><br><a href="https://docs.databricks.com/clusters/cluster-config-best-practices.html">Documentation</a><br/>|
+|(Beta) Check use no LTS Spark Version<br/><sup><sub>5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6" onclick="newWindowOpenerSafe(event, '../terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6')">Query details</a><br><a href="https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/spark_version">Documentation</a><br/>|
 
 ### GCP
 Below are listed queries related to Terraform GCP:
@@ -549,60 +549,60 @@ Below are listed queries related to Terraform GCP:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>a6cd52a1-3056-4910-96a5-894de9f3f3b3</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#google_storage_bucket_iam_binding">Documentation</a><br/>|
-|SQL DB Instance Publicly Accessible<br/><sup><sub>b187edca-b81e-4fdc-aff4-aab57db45edb</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
-|BigQuery Dataset Is Public<br/><sup><sub>e576ce44-dd03-4022-a8c0-3906acca2ab4</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/r/bigquery_dataset.html">Documentation</a><br/>|
-|Google Project IAM Binding Service Account has Token Creator or Account User Role<br/><sup><sub>617ef6ff-711e-4bd7-94ae-e965911b1b40</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
-|Google Project IAM Member Service Account Has Admin Role<br/><sup><sub>84d36481-fd63-48cb-838e-635c44806ec2</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
-|Google Project IAM Member Service Account has Token Creator or Account User Role<br/><sup><sub>c68b4e6d-4e01-4ca1-b256-1e18e875785c</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
-|KMS Crypto Key is Publicly Accessible<br/><sup><sub>16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_kms_crypto_key_iam#google_kms_crypto_key_iam_policy">Documentation</a><br/>|
-|SQL DB Instance With SSL Disabled<br/><sup><sub>02474449-71aa-40a1-87ae-e14497747b00</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#require_ssl">Documentation</a><br/>|
-|GKE Legacy Authorization Enabled<br/><sup><sub>5baa92d2-d8ee-4c75-88a4-52d9d8bb8067</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Google Storage Bucket Level Access Disabled<br/><sup><sub>bb0db090-5509-4853-a827-75ced0b3caa0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket">Documentation</a><br/>|
-|RDP Access Is Not Restricted<br/><sup><sub>678fd659-96f2-454a-a2a0-c2571f83a4a3</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
-|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>c010082c-76e0-4b91-91d9-6e8439e455dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#member/members">Documentation</a><br/>|
-|KMS Admin and CryptoKey Roles In Use<br/><sup><sub>92e4464a-4139-4d57-8742-b5acc0347680</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#policy_data">Documentation</a><br/>|
-|OSLogin Disabled<br/><sup><sub>32ecd6eb-0711-421f-9627-1a28d9eff217</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_project_metadata#metadata">Documentation</a><br/>|
-|VM With Full Cloud Access<br/><sup><sub>bc280331-27b9-4acb-a010-018e8098aa5d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#scopes">Documentation</a><br/>|
-|SQL DB Instance Backup Disabled<br/><sup><sub>cf3c7631-cd1e-42f3-8801-a561214a6e79</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
-|Disk Encryption Disabled<br/><sup><sub>b1d51728-7270-4991-ac2f-fc26e2695b38</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk">Documentation</a><br/>|
-|DNSSEC Using RSASHA1<br/><sup><sub>ccc3100c-0fdd-4a5e-9908-c10107291860</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone#algorithm">Documentation</a><br/>|
-|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>14a457f0-473d-4d1d-9e37-6d99b355b336</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_ssl_policy">Documentation</a><br/>|
-|Cloud DNS Without DNSSEC<br/><sup><sub>5ef61c88-bbb4-4725-b1df-55d23c9676bb</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/d/dns_managed_zone.html">Documentation</a><br/>|
-|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>acfdbec6-4a17-471f-b412-169d77553332</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool">Documentation</a><br/>|
-|Google Project Auto Create Network Disabled<br/><sup><sub>59571246-3f62-4965-a96f-c7d97e269351</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project">Documentation</a><br/>|
-|IP Aliasing Disabled<br/><sup><sub>c606ba1d-d736-43eb-ac24-e16108f3a9e0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Network Policy Disabled<br/><sup><sub>11e7550e-c4b6-472e-adff-c698f157cdd7</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|OSLogin Is Disabled For VM Instance<br/><sup><sub>d0b4d550-c001-46c3-bbdb-d5d75d33f05f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|Pod Security Policy Disabled<br/><sup><sub>9192e0f9-eca5-4056-9282-ae2a736a4088</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Private Cluster Disabled<br/><sup><sub>6ccb85d7-0420-4907-9380-50313f80946b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Shielded GKE Nodes Disabled<br/><sup><sub>579a0727-9c29-4d58-8195-fc5802a8bdb4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#enable_shielded_nodes">Documentation</a><br/>|
-|Shielded VM Disabled<br/><sup><sub>1b44e234-3d73-41a8-9954-0b154135280e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#shielded_instance_config">Documentation</a><br/>|
-|GKE Using Default Service Account<br/><sup><sub>1c8eef02-17b1-4a3e-b01d-dcc3292d2c38</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#node_config">Documentation</a><br/>|
-|Using Default Service Account<br/><sup><sub>3cb4af0b-056d-4fb1-8b95-fdc4593625ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|Google Compute Network Using Default Firewall Rule<br/><sup><sub>40abce54-95b1-478c-8e5f-ea0bf0bb0e33</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#name">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>22ef1d26-80f8-4a6c-8c15-f35aab3cac78</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
-|IP Forwarding Enabled<br/><sup><sub>f34c0c25-47b4-41eb-9c79-249b4dd47b89</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_instance">Documentation</a><br/>|
-|Serial Ports Are Enabled For VM Instances<br/><sup><sub>97fa667a-d05b-4f16-9071-58b939f34751</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|SSH Access Is Not Restricted<br/><sup><sub>c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
-|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>d6cabc3a-d57e-48c2-b341-bf3dd4f4a120</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#log_bucket">Documentation</a><br/>|
-|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>e7e961ac-d17e-4413-84bc-8a1fbe242944</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#enabled">Documentation</a><br/>|
-|Google Compute Subnetwork Logging Disabled<br/><sup><sub>40430747-442d-450a-a34f-dc57149f4609</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork">Documentation</a><br/>|
-|Stackdriver Logging Disabled<br/><sup><sub>4c7ebcb2-eae2-461e-bc83-456ee2d4f694</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#logging_service">Documentation</a><br/>|
-|Stackdriver Monitoring Disabled<br/><sup><sub>30e8dfd2-3591-4d19-8d11-79e93106c93d</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#monitoring_service">Documentation</a><br/>|
-|Node Auto Upgrade Disabled<br/><sup><sub>b139213e-7d24-49c2-8025-c18faa21ecaa</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#auto_upgrade">Documentation</a><br/>|
-|Service Account with Improper Privileges<br/><sup><sub>cefdad16-0dd5-4ac5-8ed2-a37502c78672</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
-|High Google KMS Crypto Key Rotation Period<br/><sup><sub>d8c57c4e-bf6f-4e32-a2bf-8643532de77b</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/kms_crypto_key">Documentation</a><br/>|
-|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>3e4d5ce6-3280-4027-8010-c26eeea1ec01</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
-|User with IAM Role<br/><sup><sub>704fcc44-a58f-4af5-82e2-93f2a58ef918</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
-|Outdated GKE Version<br/><sup><sub>128df7ec-f185-48bc-8913-ce756a3ccb85</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#master_version">Documentation</a><br/>|
-|Cluster Labels Disabled<br/><sup><sub>65c1bc7a-4835-4ac4-a2b6-13d310b0648d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|COS Node Image Not Used<br/><sup><sub>8a893e46-e267-485a-8690-51f39951de58</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#node_config">Documentation</a><br/>|
-|Legacy Client Certificate Auth Enabled<br/><sup><sub>73fb21a1-b19a-45b1-b648-b47b1678681e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
-|Not Proper Email Account In Use<br/><sup><sub>9356962e-4a4f-4d06-ac59-dc8008775eaa</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
-|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>e6f61c37-106b-449f-a5bb-81bfcaceb8b4</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
-|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>ee7b93c1-b3f8-4a3b-9588-146d481814f5</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork#private_ip_google_access">Documentation</a><br/>|
-|IAM Audit Not Properly Configured<br/><sup><sub>89fe890f-b480-460c-8b6b-7d8b1468adb4</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_audit_config">Documentation</a><br/>|
+|Cloud Storage Anonymous or Publicly Accessible<br/><sup><sub>a6cd52a1-3056-4910-96a5-894de9f3f3b3</sub></sup>|<span style="color:#ff0000">Critical</span>|Access Control|<a href="../terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#google_storage_bucket_iam_binding">Documentation</a><br/>|
+|SQL DB Instance Publicly Accessible<br/><sup><sub>b187edca-b81e-4fdc-aff4-aab57db45edb</sub></sup>|<span style="color:#ff0000">Critical</span>|Insecure Configurations|<a href="../terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
+|BigQuery Dataset Is Public<br/><sup><sub>e576ce44-dd03-4022-a8c0-3906acca2ab4</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4')">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/r/bigquery_dataset.html">Documentation</a><br/>|
+|Google Project IAM Binding Service Account has Token Creator or Account User Role<br/><sup><sub>617ef6ff-711e-4bd7-94ae-e965911b1b40</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
+|Google Project IAM Member Service Account Has Admin Role<br/><sup><sub>84d36481-fd63-48cb-838e-635c44806ec2</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
+|Google Project IAM Member Service Account has Token Creator or Account User Role<br/><sup><sub>c68b4e6d-4e01-4ca1-b256-1e18e875785c</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_member">Documentation</a><br/>|
+|KMS Crypto Key is Publicly Accessible<br/><sup><sub>16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_kms_crypto_key_iam#google_kms_crypto_key_iam_policy">Documentation</a><br/>|
+|SQL DB Instance With SSL Disabled<br/><sup><sub>02474449-71aa-40a1-87ae-e14497747b00</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#require_ssl">Documentation</a><br/>|
+|GKE Legacy Authorization Enabled<br/><sup><sub>5baa92d2-d8ee-4c75-88a4-52d9d8bb8067</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Google Storage Bucket Level Access Disabled<br/><sup><sub>bb0db090-5509-4853-a827-75ced0b3caa0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket">Documentation</a><br/>|
+|RDP Access Is Not Restricted<br/><sup><sub>678fd659-96f2-454a-a2a0-c2571f83a4a3</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
+|Cloud Storage Bucket Is Publicly Accessible<br/><sup><sub>c010082c-76e0-4b91-91d9-6e8439e455dd</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#member/members">Documentation</a><br/>|
+|KMS Admin and CryptoKey Roles In Use<br/><sup><sub>92e4464a-4139-4d57-8742-b5acc0347680</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#policy_data">Documentation</a><br/>|
+|OSLogin Disabled<br/><sup><sub>32ecd6eb-0711-421f-9627-1a28d9eff217</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_project_metadata#metadata">Documentation</a><br/>|
+|VM With Full Cloud Access<br/><sup><sub>bc280331-27b9-4acb-a010-018e8098aa5d</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#scopes">Documentation</a><br/>|
+|SQL DB Instance Backup Disabled<br/><sup><sub>cf3c7631-cd1e-42f3-8801-a561214a6e79</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance">Documentation</a><br/>|
+|Disk Encryption Disabled<br/><sup><sub>b1d51728-7270-4991-ac2f-fc26e2695b38</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk">Documentation</a><br/>|
+|DNSSEC Using RSASHA1<br/><sup><sub>ccc3100c-0fdd-4a5e-9908-c10107291860</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone#algorithm">Documentation</a><br/>|
+|Google Compute SSL Policy Weak Cipher In Use<br/><sup><sub>14a457f0-473d-4d1d-9e37-6d99b355b336</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_ssl_policy">Documentation</a><br/>|
+|Cloud DNS Without DNSSEC<br/><sup><sub>5ef61c88-bbb4-4725-b1df-55d23c9676bb</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb')">Query details</a><br><a href="https://www.terraform.io/docs/providers/google/d/dns_managed_zone.html">Documentation</a><br/>|
+|Google Container Node Pool Auto Repair Disabled<br/><sup><sub>acfdbec6-4a17-471f-b412-169d77553332</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool">Documentation</a><br/>|
+|Google Project Auto Create Network Disabled<br/><sup><sub>59571246-3f62-4965-a96f-c7d97e269351</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project">Documentation</a><br/>|
+|IP Aliasing Disabled<br/><sup><sub>c606ba1d-d736-43eb-ac24-e16108f3a9e0</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Network Policy Disabled<br/><sup><sub>11e7550e-c4b6-472e-adff-c698f157cdd7</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|OSLogin Is Disabled For VM Instance<br/><sup><sub>d0b4d550-c001-46c3-bbdb-d5d75d33f05f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|Pod Security Policy Disabled<br/><sup><sub>9192e0f9-eca5-4056-9282-ae2a736a4088</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Private Cluster Disabled<br/><sup><sub>6ccb85d7-0420-4907-9380-50313f80946b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Shielded GKE Nodes Disabled<br/><sup><sub>579a0727-9c29-4d58-8195-fc5802a8bdb4</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#enable_shielded_nodes">Documentation</a><br/>|
+|Shielded VM Disabled<br/><sup><sub>1b44e234-3d73-41a8-9954-0b154135280e</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#shielded_instance_config">Documentation</a><br/>|
+|GKE Using Default Service Account<br/><sup><sub>1c8eef02-17b1-4a3e-b01d-dcc3292d2c38</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#node_config">Documentation</a><br/>|
+|Using Default Service Account<br/><sup><sub>3cb4af0b-056d-4fb1-8b95-fdc4593625ff</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|Google Compute Network Using Default Firewall Rule<br/><sup><sub>40abce54-95b1-478c-8e5f-ea0bf0bb0e33</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#name">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows All Ports<br/><sup><sub>22ef1d26-80f8-4a6c-8c15-f35aab3cac78</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
+|IP Forwarding Enabled<br/><sup><sub>f34c0c25-47b4-41eb-9c79-249b4dd47b89</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_instance">Documentation</a><br/>|
+|Serial Ports Are Enabled For VM Instances<br/><sup><sub>97fa667a-d05b-4f16-9071-58b939f34751</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|SSH Access Is Not Restricted<br/><sup><sub>c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall">Documentation</a><br/>|
+|Cloud Storage Bucket Logging Not Enabled<br/><sup><sub>d6cabc3a-d57e-48c2-b341-bf3dd4f4a120</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#log_bucket">Documentation</a><br/>|
+|Cloud Storage Bucket Versioning Disabled<br/><sup><sub>e7e961ac-d17e-4413-84bc-8a1fbe242944</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#enabled">Documentation</a><br/>|
+|Google Compute Subnetwork Logging Disabled<br/><sup><sub>40430747-442d-450a-a34f-dc57149f4609</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork">Documentation</a><br/>|
+|Stackdriver Logging Disabled<br/><sup><sub>4c7ebcb2-eae2-461e-bc83-456ee2d4f694</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#logging_service">Documentation</a><br/>|
+|Stackdriver Monitoring Disabled<br/><sup><sub>30e8dfd2-3591-4d19-8d11-79e93106c93d</sub></sup>|<span style="color:#ff7213">Medium</span>|Observability|<a href="../terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#monitoring_service">Documentation</a><br/>|
+|Node Auto Upgrade Disabled<br/><sup><sub>b139213e-7d24-49c2-8025-c18faa21ecaa</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#auto_upgrade">Documentation</a><br/>|
+|Service Account with Improper Privileges<br/><sup><sub>cefdad16-0dd5-4ac5-8ed2-a37502c78672</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
+|High Google KMS Crypto Key Rotation Period<br/><sup><sub>d8c57c4e-bf6f-4e32-a2bf-8643532de77b</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/kms_crypto_key">Documentation</a><br/>|
+|Project-wide SSH Keys Are Enabled In VM Instances<br/><sup><sub>3e4d5ce6-3280-4027-8010-c26eeea1ec01</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance">Documentation</a><br/>|
+|User with IAM Role<br/><sup><sub>704fcc44-a58f-4af5-82e2-93f2a58ef918</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/iam_policy#role">Documentation</a><br/>|
+|Outdated GKE Version<br/><sup><sub>128df7ec-f185-48bc-8913-ce756a3ccb85</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#master_version">Documentation</a><br/>|
+|Cluster Labels Disabled<br/><sup><sub>65c1bc7a-4835-4ac4-a2b6-13d310b0648d</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|COS Node Image Not Used<br/><sup><sub>8a893e46-e267-485a-8690-51f39951de58</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool#node_config">Documentation</a><br/>|
+|Legacy Client Certificate Auth Enabled<br/><sup><sub>73fb21a1-b19a-45b1-b648-b47b1678681e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster">Documentation</a><br/>|
+|Not Proper Email Account In Use<br/><sup><sub>9356962e-4a4f-4d06-ac59-dc8008775eaa</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_binding">Documentation</a><br/>|
+|Google Compute Network Using Firewall Rule that Allows Port Range<br/><sup><sub>e6f61c37-106b-449f-a5bb-81bfcaceb8b4</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#allow">Documentation</a><br/>|
+|Google Compute Subnetwork with Private Google Access Disabled<br/><sup><sub>ee7b93c1-b3f8-4a3b-9588-146d481814f5</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork#private_ip_google_access">Documentation</a><br/>|
+|IAM Audit Not Properly Configured<br/><sup><sub>89fe890f-b480-460c-8b6b-7d8b1468adb4</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#google_project_iam_audit_config">Documentation</a><br/>|
 
 ### GCP_BOM
 Below are listed queries related to Terraform GCP_BOM:
@@ -611,12 +611,12 @@ Below are listed queries related to Terraform GCP_BOM:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|BOM - GCP Dataflow<br/><sup><sub>895ed0d9-6fec-4567-8614-d7a74b599a53</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP FI<br/><sup><sub>c9d81239-c818-4869-9917-1570c62b81fd</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP PD<br/><sup><sub>dd7d70aa-a6ec-460d-b5d2-38b40253b16f</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP PST<br/><sup><sub>4b82202a-b18e-4891-a1eb-a0989850bbb3</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP Redis<br/><sup><sub>bc75ce52-a60a-4660-b533-bce837a5019b</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
-|BOM - GCP SB<br/><sup><sub>2f06d22c-56bd-4f73-8a51-db001fcf2150</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150" target="_blank">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP Dataflow<br/><sup><sub>895ed0d9-6fec-4567-8614-d7a74b599a53</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP FI<br/><sup><sub>c9d81239-c818-4869-9917-1570c62b81fd</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PD<br/><sup><sub>dd7d70aa-a6ec-460d-b5d2-38b40253b16f</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP PST<br/><sup><sub>4b82202a-b18e-4891-a1eb-a0989850bbb3</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP Redis<br/><sup><sub>bc75ce52-a60a-4660-b533-bce837a5019b</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
+|BOM - GCP SB<br/><sup><sub>2f06d22c-56bd-4f73-8a51-db001fcf2150</sub></sup>|<span style="color:#CCCCCC">Trace</span>|Bill Of Materials|<a href="../terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150" onclick="newWindowOpenerSafe(event, '../terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150')">Query details</a><br><a href="https://kics.io">Documentation</a><br/>|
 
 ### GITHUB
 Below are listed queries related to Terraform GITHUB:
@@ -625,8 +625,8 @@ Below are listed queries related to Terraform GITHUB:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Github Organization Webhook With SSL Disabled<br/><sup><sub>ce7c874e-1b88-450b-a5e4-cb76ada3c8a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/github/latest/docs/resources/organization_webhook">Documentation</a><br/>|
-|GitHub Repository Set To Public<br/><sup><sub>15d8a7fd-465a-4d15-a868-add86552f17b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/providers/github/r/repository.html">Documentation</a><br/>|
+|Github Organization Webhook With SSL Disabled<br/><sup><sub>ce7c874e-1b88-450b-a5e4-cb76ada3c8a9</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9" onclick="newWindowOpenerSafe(event, '../terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/github/latest/docs/resources/organization_webhook">Documentation</a><br/>|
+|GitHub Repository Set To Public<br/><sup><sub>15d8a7fd-465a-4d15-a868-add86552f17b</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b" onclick="newWindowOpenerSafe(event, '../terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b')">Query details</a><br><a href="https://www.terraform.io/docs/providers/github/r/repository.html">Documentation</a><br/>|
 
 ### KUBERNETES
 Below are listed queries related to Terraform KUBERNETES:
@@ -635,68 +635,68 @@ Below are listed queries related to Terraform KUBERNETES:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Non Kube System Pod With Host Mount<br/><sup><sub>86a947ea-f577-4efb-a8b0-5fc00257d521</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
-|Cluster Allows Unsafe Sysctls<br/><sup><sub>a9174d31-d526-4ad9-ace4-ce7ddbf52e03</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_unsafe_sysctls">Documentation</a><br/>|
-|Container Is Privileged<br/><sup><sub>87065ef8-de9b-40d8-9753-f4a4303e27a4</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
-|Container Runs Unmasked<br/><sup><sub>0ad60203-c050-4115-83b6-b94bde92541d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_proc_mount_types">Documentation</a><br/>|
-|Containers With Sys Admin Capabilities<br/><sup><sub>3f55386d-75cd-4e9a-ac47-167b26c04724</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
-|Privilege Escalation Allowed<br/><sup><sub>c878abb4-cca5-4724-92b9-289be68bd47c</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#allow_privilege_escalation">Documentation</a><br/>|
-|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>4950837c-0ce5-4e42-9bee-a25eae73740b</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_network">Documentation</a><br/>|
-|PSP Allows Privilege Escalation<br/><sup><sub>2bff9906-4e9b-4f71-9346-8ebedfdf43ef</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allow_privilege_escalation">Documentation</a><br/>|
-|PSP Allows Sharing Host IPC<br/><sup><sub>51bed0ac-a8ae-407a-895e-90c6cb0610ce</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_ipc">Documentation</a><br/>|
-|PSP Set To Privileged<br/><sup><sub>a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
-|PSP With Added Capabilities<br/><sup><sub>48388bd2-7201-4dcc-b56d-e8a9efa58fad</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_capabilities">Documentation</a><br/>|
-|Tiller (Helm v2) Is Deployed<br/><sup><sub>ca2fba76-c1a7-4afd-be67-5249f861cb0e</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
-|Workload Mounting With Sensitive OS Directory<br/><sup><sub>a737be28-37d8-4bff-aa6d-1be8aa0a0015</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
-|Volume Mount With OS Directory Write Permissions<br/><sup><sub>a62a99d1-8196-432f-8f80-3c100b05d62a</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#volume_mount">Documentation</a><br/>|
-|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>4e203a65-c8d8-49a2-b749-b124d43c9dc1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
-|Missing App Armor Config<br/><sup><sub>bd6bd46c-57db-4887-956d-d372f21291b6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
-|Permissive Access to Create Pods<br/><sup><sub>522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
-|RBAC Roles with Read Secrets Permissions<br/><sup><sub>826abb30-3cd5-4e0b-a93b-67729b4f7e63</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
-|Readiness Probe Is Not Configured<br/><sup><sub>8657197e-3f87-4694-892b-8144701d83c1</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/8657197e-3f87-4694-892b-8144701d83c1" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#readiness_probe">Documentation</a><br/>|
-|Root Containers Admitted<br/><sup><sub>4c415497-7410-4559-90e8-f2c8ac64ee38</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#run_as_user">Documentation</a><br/>|
-|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>26b047a9-0329-48fd-8fb7-05bbe5ba80ee</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
-|Container Host Pid Is True<br/><sup><sub>587d5d82-70cf-449b-9817-f60f9bccb88c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_pid">Documentation</a><br/>|
-|Container Resources Limits Undefined<br/><sup><sub>60af03ff-a421-45c8-b214-6741035476fa</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/60af03ff-a421-45c8-b214-6741035476fa" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
-|Containers With Added Capabilities<br/><sup><sub>fe771ff7-ba15-4f8f-ad7a-8aa232b49a28</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
-|Ingress Controller Exposes Workload<br/><sup><sub>e2c83c1f-84d7-4467-966c-ed41fd015bb9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress#http">Documentation</a><br/>|
-|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>9aa32890-ac1a-45ee-81ca-5164e2098556</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#required_drop_capabilities">Documentation</a><br/>|
-|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>e5587d53-a673-4a6b-b3f2-ba07ec274def</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
-|Seccomp Profile Is Not Configured<br/><sup><sub>455f2e0c-686d-4fcb-8b5f-3f953f12c43c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
-|Role Binding To Default Service Account<br/><sup><sub>3360c01e-c8c0-4812-96a2-a6329b9b7f9f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
-|Service Account Name Undefined Or Empty<br/><sup><sub>24b132df-5cc7-4823-8029-f898e1c50b72</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
-|Service Account Token Automount Not Disabled<br/><sup><sub>a9a13d4f-f17a-491b-b074-f54bffffcb4a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#automount_service_account_token">Documentation</a><br/>|
-|Service With External Load Balancer<br/><sup><sub>2a52567c-abb8-4651-a038-52fa27c77aed</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service">Documentation</a><br/>|
-|Memory Limits Not Defined<br/><sup><sub>fd097ed0-7fe6-4f58-8b71-fef9f0820a21</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
-|Memory Requests Not Defined<br/><sup><sub>21719347-d02b-497d-bda4-04a03c8e5b61</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
-|Shared Host IPC Namespace<br/><sup><sub>e94d3121-c2d1-4e34-a295-139bfeb73ea3</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_ipc">Documentation</a><br/>|
-|Shared Host Network Namespace<br/><sup><sub>ac1564a3-c324-4747-9fa1-9dfc234dace0</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_network">Documentation</a><br/>|
-|Service Account Allows Access Secrets<br/><sup><sub>07fc3413-e572-42f7-9877-5c8fc6fccfb5</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
-|Shared Service Account<br/><sup><sub>f74b9c43-161a-4799-bc95-0b0ec81801b9</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
-|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>17172bc2-56fb-4f17-916f-a014147706cd</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding#name">Documentation</a><br/>|
-|Deployment Without PodDisruptionBudget<br/><sup><sub>a05331ee-1653-45cb-91e6-13637a76e4f0</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#selector">Documentation</a><br/>|
-|HPA Targets Invalid Object<br/><sup><sub>17e52ca3-ddd0-4610-9d56-ce107442e110</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/horizontal_pod_autoscaler#metric">Documentation</a><br/>|
-|StatefulSet Without PodDisruptionBudget<br/><sup><sub>7249e3b0-9231-4af3-bc5f-5daf4988ecbf</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
-|StatefulSet Without Service Name<br/><sup><sub>420e6360-47bb-46f6-9072-b20ed22c842d</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
-|Metadata Label Is Invalid<br/><sup><sub>bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#labels">Documentation</a><br/>|
-|No Drop Capabilities for Containers<br/><sup><sub>21cef75f-289f-470e-8038-c7cee0664164</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/21cef75f-289f-470e-8038-c7cee0664164" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
-|Root Container Not Mounted As Read-only<br/><sup><sub>d532566b-8d9d-4f3b-80bd-361fe802f9c2</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#read_only_root_filesystem">Documentation</a><br/>|
-|StatefulSet Requests Storage<br/><sup><sub>fcc2612a-1dfe-46e4-8ce6-0320959f0040</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
-|Default Service Account In Use<br/><sup><sub>737a0dd9-0aaa-4145-8118-f01778262b8a</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account#automount_service_account_token">Documentation</a><br/>|
-|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>aa737abf-6b1d-4aba-95aa-5c160bd7f96e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image_pull_policy">Documentation</a><br/>|
-|Image Without Digest<br/><sup><sub>228c4c19-feeb-4c18-848c-800ac70fdfb7</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
-|Pod or Container Without Security Context<br/><sup><sub>ad69e38a-d92e-4357-a8da-f2f29d545883</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#security_context">Documentation</a><br/>|
-|Using Default Namespace<br/><sup><sub>abcb818b-5af7-4d72-aba9-6dd84956b451</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#namespace">Documentation</a><br/>|
-|Network Policy Is Not Targeting Any Pod<br/><sup><sub>b80b14c6-aaa2-4876-b651-8a48b6c32fbf</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/network_policy#match_labels">Documentation</a><br/>|
-|Service Type is NodePort<br/><sup><sub>5c281bf8-d9bb-47f2-b909-3f6bb11874ad</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service#type">Documentation</a><br/>|
-|Workload Host Port Not Specified<br/><sup><sub>4e74cf4f-ff65-4c1a-885c-67ab608206ce</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_port">Documentation</a><br/>|
-|CPU Limits Not Set<br/><sup><sub>5f4735ce-b9ba-4d95-a089-a37a767b716f</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
-|CPU Requests Not Set<br/><sup><sub>577ac19c-6a77-46d7-9f14-e049cdd15ec2</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
-|CronJob Deadline Not Configured<br/><sup><sub>58876b44-a690-4e9f-9214-7735fa0dd15d</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cron_job#starting_deadline_seconds">Documentation</a><br/>|
-|Deployment Has No PodAntiAffinity<br/><sup><sub>461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#affinity">Documentation</a><br/>|
-|Secrets As Environment Variables<br/><sup><sub>6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#secret_key_ref">Documentation</a><br/>|
-|Invalid Image<br/><sup><sub>e76cca7c-c3f9-4fc9-884c-b2831168ebd8</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
-|Liveness Probe Is Not Defined<br/><sup><sub>5b6d53dd-3ba3-4269-b4d7-f82e880e43c3</sub></sup>|<span style="color:#5bc0de">Info</span>|Availability|<a href="../terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#liveness_probe">Documentation</a><br/>|
+|Non Kube System Pod With Host Mount<br/><sup><sub>86a947ea-f577-4efb-a8b0-5fc00257d521</sub></sup>|<span style="color:#bb2124">High</span>|Access Control|<a href="../terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521" onclick="newWindowOpenerSafe(event, '../terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
+|Cluster Allows Unsafe Sysctls<br/><sup><sub>a9174d31-d526-4ad9-ace4-ce7ddbf52e03</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03" onclick="newWindowOpenerSafe(event, '../terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_unsafe_sysctls">Documentation</a><br/>|
+|Container Is Privileged<br/><sup><sub>87065ef8-de9b-40d8-9753-f4a4303e27a4</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4" onclick="newWindowOpenerSafe(event, '../terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
+|Container Runs Unmasked<br/><sup><sub>0ad60203-c050-4115-83b6-b94bde92541d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d" onclick="newWindowOpenerSafe(event, '../terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_proc_mount_types">Documentation</a><br/>|
+|Containers With Sys Admin Capabilities<br/><sup><sub>3f55386d-75cd-4e9a-ac47-167b26c04724</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724" onclick="newWindowOpenerSafe(event, '../terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
+|Privilege Escalation Allowed<br/><sup><sub>c878abb4-cca5-4724-92b9-289be68bd47c</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c" onclick="newWindowOpenerSafe(event, '../terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#allow_privilege_escalation">Documentation</a><br/>|
+|PSP Allows Containers To Share The Host Network Namespace<br/><sup><sub>4950837c-0ce5-4e42-9bee-a25eae73740b</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b" onclick="newWindowOpenerSafe(event, '../terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_network">Documentation</a><br/>|
+|PSP Allows Privilege Escalation<br/><sup><sub>2bff9906-4e9b-4f71-9346-8ebedfdf43ef</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef" onclick="newWindowOpenerSafe(event, '../terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allow_privilege_escalation">Documentation</a><br/>|
+|PSP Allows Sharing Host IPC<br/><sup><sub>51bed0ac-a8ae-407a-895e-90c6cb0610ce</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#host_ipc">Documentation</a><br/>|
+|PSP Set To Privileged<br/><sup><sub>a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9" onclick="newWindowOpenerSafe(event, '../terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#privileged">Documentation</a><br/>|
+|PSP With Added Capabilities<br/><sup><sub>48388bd2-7201-4dcc-b56d-e8a9efa58fad</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad" onclick="newWindowOpenerSafe(event, '../terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#allowed_capabilities">Documentation</a><br/>|
+|Tiller (Helm v2) Is Deployed<br/><sup><sub>ca2fba76-c1a7-4afd-be67-5249f861cb0e</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e" onclick="newWindowOpenerSafe(event, '../terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
+|Workload Mounting With Sensitive OS Directory<br/><sup><sub>a737be28-37d8-4bff-aa6d-1be8aa0a0015</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015" onclick="newWindowOpenerSafe(event, '../terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
+|Volume Mount With OS Directory Write Permissions<br/><sup><sub>a62a99d1-8196-432f-8f80-3c100b05d62a</sub></sup>|<span style="color:#bb2124">High</span>|Resource Management|<a href="../terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a" onclick="newWindowOpenerSafe(event, '../terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#volume_mount">Documentation</a><br/>|
+|Docker Daemon Socket is Exposed to Containers<br/><sup><sub>4e203a65-c8d8-49a2-b749-b124d43c9dc1</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1" onclick="newWindowOpenerSafe(event, '../terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_path">Documentation</a><br/>|
+|Missing App Armor Config<br/><sup><sub>bd6bd46c-57db-4887-956d-d372f21291b6</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6" onclick="newWindowOpenerSafe(event, '../terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
+|Permissive Access to Create Pods<br/><sup><sub>522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba" onclick="newWindowOpenerSafe(event, '../terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
+|RBAC Roles with Read Secrets Permissions<br/><sup><sub>826abb30-3cd5-4e0b-a93b-67729b4f7e63</sub></sup>|<span style="color:#ff7213">Medium</span>|Access Control|<a href="../terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63" onclick="newWindowOpenerSafe(event, '../terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule">Documentation</a><br/>|
+|Readiness Probe Is Not Configured<br/><sup><sub>8657197e-3f87-4694-892b-8144701d83c1</sub></sup>|<span style="color:#ff7213">Medium</span>|Availability|<a href="../terraform-queries/8657197e-3f87-4694-892b-8144701d83c1" onclick="newWindowOpenerSafe(event, '../terraform-queries/8657197e-3f87-4694-892b-8144701d83c1')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#readiness_probe">Documentation</a><br/>|
+|Root Containers Admitted<br/><sup><sub>4c415497-7410-4559-90e8-f2c8ac64ee38</sub></sup>|<span style="color:#ff7213">Medium</span>|Best Practices|<a href="../terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38" onclick="newWindowOpenerSafe(event, '../terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#run_as_user">Documentation</a><br/>|
+|Incorrect Volume Claim Access Mode ReadWriteOnce<br/><sup><sub>26b047a9-0329-48fd-8fb7-05bbe5ba80ee</sub></sup>|<span style="color:#ff7213">Medium</span>|Build Process|<a href="../terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee" onclick="newWindowOpenerSafe(event, '../terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
+|Container Host Pid Is True<br/><sup><sub>587d5d82-70cf-449b-9817-f60f9bccb88c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c" onclick="newWindowOpenerSafe(event, '../terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_pid">Documentation</a><br/>|
+|Container Resources Limits Undefined<br/><sup><sub>60af03ff-a421-45c8-b214-6741035476fa</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/60af03ff-a421-45c8-b214-6741035476fa" onclick="newWindowOpenerSafe(event, '../terraform-queries/60af03ff-a421-45c8-b214-6741035476fa')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod">Documentation</a><br/>|
+|Containers With Added Capabilities<br/><sup><sub>fe771ff7-ba15-4f8f-ad7a-8aa232b49a28</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28" onclick="newWindowOpenerSafe(event, '../terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#capabilities-1">Documentation</a><br/>|
+|Ingress Controller Exposes Workload<br/><sup><sub>e2c83c1f-84d7-4467-966c-ed41fd015bb9</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9" onclick="newWindowOpenerSafe(event, '../terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress#http">Documentation</a><br/>|
+|NET_RAW Capabilities Disabled for PSP<br/><sup><sub>9aa32890-ac1a-45ee-81ca-5164e2098556</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556" onclick="newWindowOpenerSafe(event, '../terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_security_policy#required_drop_capabilities">Documentation</a><br/>|
+|NET_RAW Capabilities Not Being Dropped<br/><sup><sub>e5587d53-a673-4a6b-b3f2-ba07ec274def</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def" onclick="newWindowOpenerSafe(event, '../terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
+|Seccomp Profile Is Not Configured<br/><sup><sub>455f2e0c-686d-4fcb-8b5f-3f953f12c43c</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c" onclick="newWindowOpenerSafe(event, '../terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#annotations">Documentation</a><br/>|
+|Role Binding To Default Service Account<br/><sup><sub>3360c01e-c8c0-4812-96a2-a6329b9b7f9f</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f" onclick="newWindowOpenerSafe(event, '../terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
+|Service Account Name Undefined Or Empty<br/><sup><sub>24b132df-5cc7-4823-8029-f898e1c50b72</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72" onclick="newWindowOpenerSafe(event, '../terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
+|Service Account Token Automount Not Disabled<br/><sup><sub>a9a13d4f-f17a-491b-b074-f54bffffcb4a</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Defaults|<a href="../terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a" onclick="newWindowOpenerSafe(event, '../terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#automount_service_account_token">Documentation</a><br/>|
+|Service With External Load Balancer<br/><sup><sub>2a52567c-abb8-4651-a038-52fa27c77aed</sub></sup>|<span style="color:#ff7213">Medium</span>|Networking and Firewall|<a href="../terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed" onclick="newWindowOpenerSafe(event, '../terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service">Documentation</a><br/>|
+|Memory Limits Not Defined<br/><sup><sub>fd097ed0-7fe6-4f58-8b71-fef9f0820a21</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21" onclick="newWindowOpenerSafe(event, '../terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
+|Memory Requests Not Defined<br/><sup><sub>21719347-d02b-497d-bda4-04a03c8e5b61</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61" onclick="newWindowOpenerSafe(event, '../terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
+|Shared Host IPC Namespace<br/><sup><sub>e94d3121-c2d1-4e34-a295-139bfeb73ea3</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3" onclick="newWindowOpenerSafe(event, '../terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_ipc">Documentation</a><br/>|
+|Shared Host Network Namespace<br/><sup><sub>ac1564a3-c324-4747-9fa1-9dfc234dace0</sub></sup>|<span style="color:#ff7213">Medium</span>|Resource Management|<a href="../terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0" onclick="newWindowOpenerSafe(event, '../terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_network">Documentation</a><br/>|
+|Service Account Allows Access Secrets<br/><sup><sub>07fc3413-e572-42f7-9877-5c8fc6fccfb5</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5" onclick="newWindowOpenerSafe(event, '../terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding#subject">Documentation</a><br/>|
+|Shared Service Account<br/><sup><sub>f74b9c43-161a-4799-bc95-0b0ec81801b9</sub></sup>|<span style="color:#ff7213">Medium</span>|Secret Management|<a href="../terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9" onclick="newWindowOpenerSafe(event, '../terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#service_account_name">Documentation</a><br/>|
+|Cluster Admin Rolebinding With Superuser Permissions<br/><sup><sub>17172bc2-56fb-4f17-916f-a014147706cd</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd" onclick="newWindowOpenerSafe(event, '../terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding#name">Documentation</a><br/>|
+|Deployment Without PodDisruptionBudget<br/><sup><sub>a05331ee-1653-45cb-91e6-13637a76e4f0</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#selector">Documentation</a><br/>|
+|HPA Targets Invalid Object<br/><sup><sub>17e52ca3-ddd0-4610-9d56-ce107442e110</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110" onclick="newWindowOpenerSafe(event, '../terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/horizontal_pod_autoscaler#metric">Documentation</a><br/>|
+|StatefulSet Without PodDisruptionBudget<br/><sup><sub>7249e3b0-9231-4af3-bc5f-5daf4988ecbf</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf" onclick="newWindowOpenerSafe(event, '../terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
+|StatefulSet Without Service Name<br/><sup><sub>420e6360-47bb-46f6-9072-b20ed22c842d</sub></sup>|<span style="color:#edd57e">Low</span>|Availability|<a href="../terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d" onclick="newWindowOpenerSafe(event, '../terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#selector">Documentation</a><br/>|
+|Metadata Label Is Invalid<br/><sup><sub>bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e" onclick="newWindowOpenerSafe(event, '../terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#labels">Documentation</a><br/>|
+|No Drop Capabilities for Containers<br/><sup><sub>21cef75f-289f-470e-8038-c7cee0664164</sub></sup>|<span style="color:#edd57e">Low</span>|Best Practices|<a href="../terraform-queries/21cef75f-289f-470e-8038-c7cee0664164" onclick="newWindowOpenerSafe(event, '../terraform-queries/21cef75f-289f-470e-8038-c7cee0664164')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#drop">Documentation</a><br/>|
+|Root Container Not Mounted As Read-only<br/><sup><sub>d532566b-8d9d-4f3b-80bd-361fe802f9c2</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2" onclick="newWindowOpenerSafe(event, '../terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#read_only_root_filesystem">Documentation</a><br/>|
+|StatefulSet Requests Storage<br/><sup><sub>fcc2612a-1dfe-46e4-8ce6-0320959f0040</sub></sup>|<span style="color:#edd57e">Low</span>|Build Process|<a href="../terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040" onclick="newWindowOpenerSafe(event, '../terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/stateful_set#volume_claim_template">Documentation</a><br/>|
+|Default Service Account In Use<br/><sup><sub>737a0dd9-0aaa-4145-8118-f01778262b8a</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a" onclick="newWindowOpenerSafe(event, '../terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account#automount_service_account_token">Documentation</a><br/>|
+|Image Pull Policy Of The Container Is Not Set To Always<br/><sup><sub>aa737abf-6b1d-4aba-95aa-5c160bd7f96e</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e" onclick="newWindowOpenerSafe(event, '../terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image_pull_policy">Documentation</a><br/>|
+|Image Without Digest<br/><sup><sub>228c4c19-feeb-4c18-848c-800ac70fdfb7</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7" onclick="newWindowOpenerSafe(event, '../terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
+|Pod or Container Without Security Context<br/><sup><sub>ad69e38a-d92e-4357-a8da-f2f29d545883</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883" onclick="newWindowOpenerSafe(event, '../terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#security_context">Documentation</a><br/>|
+|Using Default Namespace<br/><sup><sub>abcb818b-5af7-4d72-aba9-6dd84956b451</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451" onclick="newWindowOpenerSafe(event, '../terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#namespace">Documentation</a><br/>|
+|Network Policy Is Not Targeting Any Pod<br/><sup><sub>b80b14c6-aaa2-4876-b651-8a48b6c32fbf</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf" onclick="newWindowOpenerSafe(event, '../terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/network_policy#match_labels">Documentation</a><br/>|
+|Service Type is NodePort<br/><sup><sub>5c281bf8-d9bb-47f2-b909-3f6bb11874ad</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad" onclick="newWindowOpenerSafe(event, '../terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service#type">Documentation</a><br/>|
+|Workload Host Port Not Specified<br/><sup><sub>4e74cf4f-ff65-4c1a-885c-67ab608206ce</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce" onclick="newWindowOpenerSafe(event, '../terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_port">Documentation</a><br/>|
+|CPU Limits Not Set<br/><sup><sub>5f4735ce-b9ba-4d95-a089-a37a767b716f</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f" onclick="newWindowOpenerSafe(event, '../terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#limits">Documentation</a><br/>|
+|CPU Requests Not Set<br/><sup><sub>577ac19c-6a77-46d7-9f14-e049cdd15ec2</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2" onclick="newWindowOpenerSafe(event, '../terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#requests">Documentation</a><br/>|
+|CronJob Deadline Not Configured<br/><sup><sub>58876b44-a690-4e9f-9214-7735fa0dd15d</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d" onclick="newWindowOpenerSafe(event, '../terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cron_job#starting_deadline_seconds">Documentation</a><br/>|
+|Deployment Has No PodAntiAffinity<br/><sup><sub>461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3</sub></sup>|<span style="color:#edd57e">Low</span>|Resource Management|<a href="../terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3" onclick="newWindowOpenerSafe(event, '../terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#affinity">Documentation</a><br/>|
+|Secrets As Environment Variables<br/><sup><sub>6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8</sub></sup>|<span style="color:#edd57e">Low</span>|Secret Management|<a href="../terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8" onclick="newWindowOpenerSafe(event, '../terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#secret_key_ref">Documentation</a><br/>|
+|Invalid Image<br/><sup><sub>e76cca7c-c3f9-4fc9-884c-b2831168ebd8</sub></sup>|<span style="color:#edd57e">Low</span>|Supply-Chain|<a href="../terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8" onclick="newWindowOpenerSafe(event, '../terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#image">Documentation</a><br/>|
+|Liveness Probe Is Not Defined<br/><sup><sub>5b6d53dd-3ba3-4269-b4d7-f82e880e43c3</sub></sup>|<span style="color:#5bc0de">Info</span>|Availability|<a href="../terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3" onclick="newWindowOpenerSafe(event, '../terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3')">Query details</a><br><a href="https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#liveness_probe">Documentation</a><br/>|
 
 ### NIFCLOUD
 Below are listed queries related to Terraform NIFCLOUD:
@@ -705,30 +705,30 @@ Below are listed queries related to Terraform NIFCLOUD:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|(Beta) Nifcloud DNS Has Verified Record<br/><sup><sub>a1defcb6-55e8-4511-8c2a-30b615b0e057</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/dns_record#record">Documentation</a><br/>|
-|(Beta) Nifcloud ELB Listener Use HTTP Protocol<br/><sup><sub>afcb0771-4f94-44ed-ad4a-9f73f11ce6e0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb_listener#protocol">Documentation</a><br/>|
-|(Beta) Nifcloud ELB Use HTTP Protocol<br/><sup><sub>e2de2b80-2fc2-4502-a764-40930dfcc70a</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#protocol">Documentation</a><br/>|
-|(Beta) Nifcloud LB Listener Use HTTP Port<br/><sup><sub>9f751a80-31f0-43a3-926c-20772791a038</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer_listener#load_balancer_port">Documentation</a><br/>|
-|(Beta) Nifcloud LB Use HTTP Port<br/><sup><sub>94e47f3f-b90b-43a1-a36d-521580bae863</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#load_balancer_port">Documentation</a><br/>|
-|(Beta) Nifcloud LB Use Insecure TLS Policy ID<br/><sup><sub>944439c7-b4b8-476a-8f83-14641ea876ba</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_id">Documentation</a><br/>|
-|(Beta) Nifcloud LB Use Insecure TLS Policy Name<br/><sup><sub>675e8eaa-2754-42b7-bf33-bfa295d1601d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_name">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Has Public Ingress Security Group Rule<br/><sup><sub>b2ea2367-8dc9-4231-a035-d0b28bfa3dde</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Undefined Security Group To Instance<br/><sup><sub>89218b48-75c9-4cb3-aaba-5299e852e8bc</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#security_group">Documentation</a><br/>|
-|(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule<br/><sup><sub>8d7758a7-d9cd-499a-a83e-c9bdcbff728d</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#cidr_ip">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Public DB Access<br/><sup><sub>fb387023-e4bb-42a8-9a70-6708aa7ff21b</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule<br/><sup><sub>a0b846e8-815f-4f15-b660-bc4ab9fa1e1a</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#cidr_ip">Documentation</a><br/>|
-|(Beta) Nifcloud Router Undefined Security Group To Router<br/><sup><sub>e7dada38-af20-4899-8955-dabea84ab1f0</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#security_group">Documentation</a><br/>|
-|(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway<br/><sup><sub>b3535a48-910c-47f8-8b3b-14222f29ef80</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/vpn_gateway#security_group">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day<br/><sup><sub>e5071f76-cbe7-468d-bb2b-d10f02d2b713</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#backup_retention_period">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Has Common Private Network<br/><sup><sub>df58dd45-8009-43c2-90f7-c90eb9d53ed9</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Undefined Description To Security Group<br/><sup><sub>41c127a9-3a85-4bc3-a333-ed374eb9c3e4</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group#description">Documentation</a><br/>|
-|(Beta) Nifcloud Computing Undefined Description To Security Group Rule<br/><sup><sub>e4610872-0b1c-4fb7-ab57-d81c0afdb291</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#description">Documentation</a><br/>|
-|(Beta) Nifcloud ELB Has Common Private Network<br/><sup><sub>5061f84c-ab66-4660-90b9-680c9df346c0</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud NAS Has Common Private Network<br/><sup><sub>4b801c38-ebb4-4c81-984b-1ba525d43adf</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_instance#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud NAS Undefined Description To NAS Security Group<br/><sup><sub>e840c54a-7a4c-405f-b8c1-c49a54b87d11</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#description">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Has Common Private Network<br/><sup><sub>9bf57c23-fbab-4222-85f3-3f207a53c6a8</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#network_id">Documentation</a><br/>|
-|(Beta) Nifcloud RDB Undefined Description To DB Security Group<br/><sup><sub>940ddce2-26bd-4e31-a9b4-382714f73231</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#description">Documentation</a><br/>|
-|(Beta) Nifcloud Router Has Common Private Network<br/><sup><sub>30c2760c-740e-4672-9d7f-2c29e0cb385d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud DNS Has Verified Record<br/><sup><sub>a1defcb6-55e8-4511-8c2a-30b615b0e057</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/dns_record#record">Documentation</a><br/>|
+|(Beta) Nifcloud ELB Listener Use HTTP Protocol<br/><sup><sub>afcb0771-4f94-44ed-ad4a-9f73f11ce6e0</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb_listener#protocol">Documentation</a><br/>|
+|(Beta) Nifcloud ELB Use HTTP Protocol<br/><sup><sub>e2de2b80-2fc2-4502-a764-40930dfcc70a</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#protocol">Documentation</a><br/>|
+|(Beta) Nifcloud LB Listener Use HTTP Port<br/><sup><sub>9f751a80-31f0-43a3-926c-20772791a038</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer_listener#load_balancer_port">Documentation</a><br/>|
+|(Beta) Nifcloud LB Use HTTP Port<br/><sup><sub>94e47f3f-b90b-43a1-a36d-521580bae863</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#load_balancer_port">Documentation</a><br/>|
+|(Beta) Nifcloud LB Use Insecure TLS Policy ID<br/><sup><sub>944439c7-b4b8-476a-8f83-14641ea876ba</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_id">Documentation</a><br/>|
+|(Beta) Nifcloud LB Use Insecure TLS Policy Name<br/><sup><sub>675e8eaa-2754-42b7-bf33-bfa295d1601d</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_name">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Has Public Ingress Security Group Rule<br/><sup><sub>b2ea2367-8dc9-4231-a035-d0b28bfa3dde</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#cidr_ip">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Undefined Security Group To Instance<br/><sup><sub>89218b48-75c9-4cb3-aaba-5299e852e8bc</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#security_group">Documentation</a><br/>|
+|(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule<br/><sup><sub>8d7758a7-d9cd-499a-a83e-c9bdcbff728d</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#cidr_ip">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Public DB Access<br/><sup><sub>fb387023-e4bb-42a8-9a70-6708aa7ff21b</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#publicly_accessible">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule<br/><sup><sub>a0b846e8-815f-4f15-b660-bc4ab9fa1e1a</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#cidr_ip">Documentation</a><br/>|
+|(Beta) Nifcloud Router Undefined Security Group To Router<br/><sup><sub>e7dada38-af20-4899-8955-dabea84ab1f0</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#security_group">Documentation</a><br/>|
+|(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway<br/><sup><sub>b3535a48-910c-47f8-8b3b-14222f29ef80</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/vpn_gateway#security_group">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day<br/><sup><sub>e5071f76-cbe7-468d-bb2b-d10f02d2b713</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#backup_retention_period">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Has Common Private Network<br/><sup><sub>df58dd45-8009-43c2-90f7-c90eb9d53ed9</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/instance#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Undefined Description To Security Group<br/><sup><sub>41c127a9-3a85-4bc3-a333-ed374eb9c3e4</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group#description">Documentation</a><br/>|
+|(Beta) Nifcloud Computing Undefined Description To Security Group Rule<br/><sup><sub>e4610872-0b1c-4fb7-ab57-d81c0afdb291</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#description">Documentation</a><br/>|
+|(Beta) Nifcloud ELB Has Common Private Network<br/><sup><sub>5061f84c-ab66-4660-90b9-680c9df346c0</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud NAS Has Common Private Network<br/><sup><sub>4b801c38-ebb4-4c81-984b-1ba525d43adf</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_instance#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud NAS Undefined Description To NAS Security Group<br/><sup><sub>e840c54a-7a4c-405f-b8c1-c49a54b87d11</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#description">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Has Common Private Network<br/><sup><sub>9bf57c23-fbab-4222-85f3-3f207a53c6a8</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#network_id">Documentation</a><br/>|
+|(Beta) Nifcloud RDB Undefined Description To DB Security Group<br/><sup><sub>940ddce2-26bd-4e31-a9b4-382714f73231</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#description">Documentation</a><br/>|
+|(Beta) Nifcloud Router Has Common Private Network<br/><sup><sub>30c2760c-740e-4672-9d7f-2c29e0cb385d</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d" onclick="newWindowOpenerSafe(event, '../terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d')">Query details</a><br><a href="https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#network_id">Documentation</a><br/>|
 
 ### SHARED (V2/V3)
 Below are listed queries related to Terraform SHARED (V2/V3):
@@ -737,11 +737,11 @@ Below are listed queries related to Terraform SHARED (V2/V3):
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|Generic Git Module Without Revision<br/><sup><sub>3a81fc06-566f-492a-91dd-7448e409e2cd</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/modules/sources.html#selecting-a-revision">Documentation</a><br/>|
-|Name Is Not Snake Case<br/><sup><sub>1e434b25-8763-4b00-a5ca-ca03b7abbb66</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/extend/best-practices/naming.html#naming">Documentation</a><br/>|
-|Output Without Description<br/><sup><sub>59312e8a-a64e-41e7-a252-618533dd1ea8</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/values/outputs.html#description-output-value-documentation">Documentation</a><br/>|
-|Variable Without Description<br/><sup><sub>2a153952-2544-4687-bcc9-cc8fea814a9b</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
-|Variable Without Type<br/><sup><sub>fc5109bf-01fd-49fb-8bde-4492b543c34a</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a" target="_blank">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
+|Generic Git Module Without Revision<br/><sup><sub>3a81fc06-566f-492a-91dd-7448e409e2cd</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd" onclick="newWindowOpenerSafe(event, '../terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd')">Query details</a><br><a href="https://www.terraform.io/docs/language/modules/sources.html#selecting-a-revision">Documentation</a><br/>|
+|Name Is Not Snake Case<br/><sup><sub>1e434b25-8763-4b00-a5ca-ca03b7abbb66</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66" onclick="newWindowOpenerSafe(event, '../terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66')">Query details</a><br><a href="https://www.terraform.io/docs/extend/best-practices/naming.html#naming">Documentation</a><br/>|
+|Output Without Description<br/><sup><sub>59312e8a-a64e-41e7-a252-618533dd1ea8</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8" onclick="newWindowOpenerSafe(event, '../terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8')">Query details</a><br><a href="https://www.terraform.io/docs/language/values/outputs.html#description-output-value-documentation">Documentation</a><br/>|
+|Variable Without Description<br/><sup><sub>2a153952-2544-4687-bcc9-cc8fea814a9b</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b" onclick="newWindowOpenerSafe(event, '../terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b')">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
+|Variable Without Type<br/><sup><sub>fc5109bf-01fd-49fb-8bde-4492b543c34a</sub></sup>|<span style="color:#5bc0de">Info</span>|Best Practices|<a href="../terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a" onclick="newWindowOpenerSafe(event, '../terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a')">Query details</a><br><a href="https://www.terraform.io/docs/language/values/variables.html#input-variable-documentation">Documentation</a><br/>|
 
 ### TENCENTCLOUD
 Below are listed queries related to Terraform TENCENTCLOUD:
@@ -750,19 +750,19 @@ Below are listed queries related to Terraform TENCENTCLOUD:
 
 |            Query             |Severity|Category|More info|
 |------------------------------|--------|--------|-----------|
-|(Beta) CLB Listener Using Insecure Protocols<br/><sup><sub>fe08b81c-12e9-4b5e-9006-4218fca750fd</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_listener#protocol">Documentation</a><br/>|
-|(Beta) TKE Cluster Encryption Protection Disabled<br/><sup><sub>3ed47402-e322-465f-a0f0-8681135a17b0</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_encryption_protection">Documentation</a><br/>|
-|(Beta) CDB Instance Internet Service Enabled<br/><sup><sub>5d820574-4a60-4916-b049-0810b8629731</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#internet_service">Documentation</a><br/>|
-|(Beta) CVM Instance Has Public IP<br/><sup><sub>a74b4602-a62c-4a02-956a-e19f86ea24b5</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#allocate_public_ip">Documentation</a><br/>|
-|(Beta) Security Group Rule Set Accepts All Traffic<br/><sup><sub>d135a36e-c474-452f-b891-76db1e6d1cd5</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/security_group_rule_set#ingress">Documentation</a><br/>|
-|(Beta) CDB Instance Without Backup Policy<br/><sup><sub>ca94be07-7de3-4ae7-85ef-67e0462ec694</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_backup_policy">Documentation</a><br/>|
-|(Beta) CLB Instance Log Setting Disabled<br/><sup><sub>ada01ed1-b10c-4f2a-b110-b20fa4f9baa6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_instance#log_set_id">Documentation</a><br/>|
-|(Beta) Disk Encryption Disabled<br/><sup><sub>1ee0f202-31da-49ba-bbce-04a989912e4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/cbs_storage#encrypt">Documentation</a><br/>|
-|(Beta) TKE Cluster Has Public Access<br/><sup><sub>df6928ed-02f4-421f-9a67-a529860dd7e7</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#public_ip_assigned">Documentation</a><br/>|
-|(Beta) CVM Instance Using Default Security Group<br/><sup><sub>93bb2065-63ec-45a2-a466-f106b56f2e32</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#orderly_security_groups">Documentation</a><br/>|
-|(Beta) CVM Instance Using User Data<br/><sup><sub>5bb6fa08-5e84-4760-a54a-cdcd66626976</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#user_data">Documentation</a><br/>|
-|(Beta) CDB Instance Internet Using Default Intranet Port<br/><sup><sub>18d6aa4b-7570-4d95-9c75-90363ef1abd9</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#intranet_port">Documentation</a><br/>|
-|(Beta) CVM Instance Using Default VPC<br/><sup><sub>b4e75c5c-83d5-4568-90e3-57ed5ec4051b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#vpc_id">Documentation</a><br/>|
-|(Beta) TKE Cluster Log Agent Is Not Enabled<br/><sup><sub>fe405074-7e18-40f9-9aef-024aa1d0a889</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#log_agent">Documentation</a><br/>|
-|(Beta) VPC Flow Logs Disabled<br/><sup><sub>a3240001-40db-47b7-abb9-2bcd6a04c430</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/vpc_flow_log_config#enable">Documentation</a><br/>|
-|(Beta) CVM Instance Disable Monitor Service<br/><sup><sub>966ed4f7-b8a5-4e8d-b2bf-098657c98960</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960" target="_blank">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#disable_monitor_service">Documentation</a><br/>|
+|(Beta) CLB Listener Using Insecure Protocols<br/><sup><sub>fe08b81c-12e9-4b5e-9006-4218fca750fd</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_listener#protocol">Documentation</a><br/>|
+|(Beta) TKE Cluster Encryption Protection Disabled<br/><sup><sub>3ed47402-e322-465f-a0f0-8681135a17b0</sub></sup>|<span style="color:#bb2124">High</span>|Encryption|<a href="../terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_encryption_protection">Documentation</a><br/>|
+|(Beta) CDB Instance Internet Service Enabled<br/><sup><sub>5d820574-4a60-4916-b049-0810b8629731</sub></sup>|<span style="color:#bb2124">High</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#internet_service">Documentation</a><br/>|
+|(Beta) CVM Instance Has Public IP<br/><sup><sub>a74b4602-a62c-4a02-956a-e19f86ea24b5</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#allocate_public_ip">Documentation</a><br/>|
+|(Beta) Security Group Rule Set Accepts All Traffic<br/><sup><sub>d135a36e-c474-452f-b891-76db1e6d1cd5</sub></sup>|<span style="color:#bb2124">High</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/security_group_rule_set#ingress">Documentation</a><br/>|
+|(Beta) CDB Instance Without Backup Policy<br/><sup><sub>ca94be07-7de3-4ae7-85ef-67e0462ec694</sub></sup>|<span style="color:#ff7213">Medium</span>|Backup|<a href="../terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_backup_policy">Documentation</a><br/>|
+|(Beta) CLB Instance Log Setting Disabled<br/><sup><sub>ada01ed1-b10c-4f2a-b110-b20fa4f9baa6</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/clb_instance#log_set_id">Documentation</a><br/>|
+|(Beta) Disk Encryption Disabled<br/><sup><sub>1ee0f202-31da-49ba-bbce-04a989912e4b</sub></sup>|<span style="color:#ff7213">Medium</span>|Encryption|<a href="../terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/cbs_storage#encrypt">Documentation</a><br/>|
+|(Beta) TKE Cluster Has Public Access<br/><sup><sub>df6928ed-02f4-421f-9a67-a529860dd7e7</sub></sup>|<span style="color:#ff7213">Medium</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#public_ip_assigned">Documentation</a><br/>|
+|(Beta) CVM Instance Using Default Security Group<br/><sup><sub>93bb2065-63ec-45a2-a466-f106b56f2e32</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#orderly_security_groups">Documentation</a><br/>|
+|(Beta) CVM Instance Using User Data<br/><sup><sub>5bb6fa08-5e84-4760-a54a-cdcd66626976</sub></sup>|<span style="color:#edd57e">Low</span>|Access Control|<a href="../terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#user_data">Documentation</a><br/>|
+|(Beta) CDB Instance Internet Using Default Intranet Port<br/><sup><sub>18d6aa4b-7570-4d95-9c75-90363ef1abd9</sub></sup>|<span style="color:#edd57e">Low</span>|Insecure Configurations|<a href="../terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/mysql_instance#intranet_port">Documentation</a><br/>|
+|(Beta) CVM Instance Using Default VPC<br/><sup><sub>b4e75c5c-83d5-4568-90e3-57ed5ec4051b</sub></sup>|<span style="color:#edd57e">Low</span>|Networking and Firewall|<a href="../terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#vpc_id">Documentation</a><br/>|
+|(Beta) TKE Cluster Log Agent Is Not Enabled<br/><sup><sub>fe405074-7e18-40f9-9aef-024aa1d0a889</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/kubernetes_cluster#log_agent">Documentation</a><br/>|
+|(Beta) VPC Flow Logs Disabled<br/><sup><sub>a3240001-40db-47b7-abb9-2bcd6a04c430</sub></sup>|<span style="color:#edd57e">Low</span>|Observability|<a href="../terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/vpc_flow_log_config#enable">Documentation</a><br/>|
+|(Beta) CVM Instance Disable Monitor Service<br/><sup><sub>966ed4f7-b8a5-4e8d-b2bf-098657c98960</sub></sup>|<span style="color:#5bc0de">Info</span>|Observability|<a href="../terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960" onclick="newWindowOpenerSafe(event, '../terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960')">Query details</a><br><a href="https://registry.terraform.io/providers/tencentcloudstack/tencentcloud/latest/docs/resources/instance#disable_monitor_service">Documentation</a><br/>|