Getting Started
Any terraform
command must include the github_token
variable for now.
terraform plan -var 'github_token=<github_token>'
Issues
-
IAM Policies are too permissive, need to be more granular
-
Need to add
buildspec_ci.yml
environment variables i.e. GithubRepo, GithubOwner, Environment etc. -
Add static security check TFSEC
-
Add Static Code Analysis using checkov
-
Use Github CI Account Token
NOTE: Because we don't have parameters in buildspec
, the buildspec is hardcoded to use a specific github public repo from a public organization for demo purposes.