From eacd9606308da0d62b485f3b4c55b6ea15293163 Mon Sep 17 00:00:00 2001 From: Nikita Pivkin Date: Tue, 27 Aug 2024 17:34:14 +0600 Subject: [PATCH] chore(checks): deprecate some checks Signed-off-by: Nikita Pivkin --- checks/cloud/aws/iam/no_policy_wildcards.go | 3 ++- checks/cloud/aws/iam/require_support_role.go | 3 ++- checks/cloud/aws/sam/no_function_policy_wildcards.go | 3 ++- checks/cloud/aws/sam/no_state_machine_policy_wildcards.go | 3 ++- checks/cloud/aws/ssm/avoid_leaks_via_http.go | 3 ++- 5 files changed, 10 insertions(+), 5 deletions(-) diff --git a/checks/cloud/aws/iam/no_policy_wildcards.go b/checks/cloud/aws/iam/no_policy_wildcards.go index 7019e6a0..af9ee4dc 100755 --- a/checks/cloud/aws/iam/no_policy_wildcards.go +++ b/checks/cloud/aws/iam/no_policy_wildcards.go @@ -49,7 +49,8 @@ var CheckNoPolicyWildcards = rules.Register( Links: cloudFormationNoPolicyWildcardsLinks, RemediationMarkdown: cloudFormationNoPolicyWildcardsRemediationMarkdown, }, - Severity: severity.High, + Severity: severity.High, + Deprecated: true, }, func(s *state.State) (results scan.Results) { for _, policy := range s.AWS.IAM.Policies { diff --git a/checks/cloud/aws/iam/require_support_role.go b/checks/cloud/aws/iam/require_support_role.go index bb41ccc9..5bb56051 100644 --- a/checks/cloud/aws/iam/require_support_role.go +++ b/checks/cloud/aws/iam/require_support_role.go @@ -34,7 +34,8 @@ IAM Policy to allow Support Center Access in order to manage Incidents with AWS Links: []string{ "https://console.aws.amazon.com/iam/", }, - Severity: severity.Low, + Severity: severity.Low, + Deprecated: true, }, func(s *state.State) (results scan.Results) { diff --git a/checks/cloud/aws/sam/no_function_policy_wildcards.go b/checks/cloud/aws/sam/no_function_policy_wildcards.go index 6ebdb7cd..237da643 100755 --- a/checks/cloud/aws/sam/no_function_policy_wildcards.go +++ b/checks/cloud/aws/sam/no_function_policy_wildcards.go @@ -36,7 +36,8 @@ var CheckNoFunctionPolicyWildcards = rules.Register( Links: cloudFormationNoFunctionPolicyWildcardsLinks, RemediationMarkdown: cloudFormationNoFunctionPolicyWildcardsRemediationMarkdown, }, - Severity: severity.High, + Severity: severity.High, + Deprecated: true, }, func(s *state.State) (results scan.Results) { diff --git a/checks/cloud/aws/sam/no_state_machine_policy_wildcards.go b/checks/cloud/aws/sam/no_state_machine_policy_wildcards.go index 5cfe490e..f89c494f 100755 --- a/checks/cloud/aws/sam/no_state_machine_policy_wildcards.go +++ b/checks/cloud/aws/sam/no_state_machine_policy_wildcards.go @@ -27,7 +27,8 @@ var CheckNoStateMachinePolicyWildcards = rules.Register( Links: cloudFormationNoStateMachinePolicyWildcardsLinks, RemediationMarkdown: cloudFormationNoStateMachinePolicyWildcardsRemediationMarkdown, }, - Severity: severity.High, + Severity: severity.High, + Deprecated: true, }, func(s *state.State) (results scan.Results) { diff --git a/checks/cloud/aws/ssm/avoid_leaks_via_http.go b/checks/cloud/aws/ssm/avoid_leaks_via_http.go index 6a121ea0..02b98b90 100644 --- a/checks/cloud/aws/ssm/avoid_leaks_via_http.go +++ b/checks/cloud/aws/ssm/avoid_leaks_via_http.go @@ -45,7 +45,8 @@ var AvoidLeaksViaHTTP = rules.Register( }, }, }, - Severity: severity.Critical, + Severity: severity.Critical, + Deprecated: true, }, nil, )