LICENSE
README.md
setup.py
bin/checkov
bin/checkov.cmd
checkov/__init__.py
checkov/logging_init.py
checkov/main.py
checkov/runner_filter.py
checkov/version.py
checkov.egg-info/PKG-INFO
checkov.egg-info/SOURCES.txt
checkov.egg-info/dependency_links.txt
checkov.egg-info/requires.txt
checkov.egg-info/top_level.txt
checkov/arm/__init__.py
checkov/arm/base_parameter_check.py
checkov/arm/base_registry.py
checkov/arm/base_resource_check.py
checkov/arm/base_resource_value_check.py
checkov/arm/context_parser.py
checkov/arm/registry.py
checkov/arm/runner.py
checkov/arm/checks/__init__.py
checkov/arm/checks/parameter/SecureStringParameterNoHardcodedValue.py
checkov/arm/checks/parameter/__init__.py
checkov/arm/checks/resource/AKSApiServerAuthorizedIpRanges.py
checkov/arm/checks/resource/AKSDashboardDisabled.py
checkov/arm/checks/resource/AKSLoggingEnabled.py
checkov/arm/checks/resource/AKSNetworkPolicy.py
checkov/arm/checks/resource/AKSRbacEnabled.py
checkov/arm/checks/resource/AppServiceAuthentication.py
checkov/arm/checks/resource/AppServiceClientCertificate.py
checkov/arm/checks/resource/AppServiceHTTPSOnly.py
checkov/arm/checks/resource/AppServiceHttps20Enabled.py
checkov/arm/checks/resource/AppServiceIdentity.py
checkov/arm/checks/resource/AppServiceMinTLSVersion.py
checkov/arm/checks/resource/AzureInstancePassword.py
checkov/arm/checks/resource/AzureManagedDiscEncryption.py
checkov/arm/checks/resource/CosmosDBDisableAccessKeyWrite.py
checkov/arm/checks/resource/CustomRoleDefinitionSubscriptionOwner.py
checkov/arm/checks/resource/KeyvaultRecoveryEnabled.py
checkov/arm/checks/resource/MonitorLogProfileCategories.py
checkov/arm/checks/resource/MonitorLogProfileRetentionDays.py
checkov/arm/checks/resource/MySQLServerSSLEnforcementEnabled.py
checkov/arm/checks/resource/NSGRulePortAccessRestricted.py
checkov/arm/checks/resource/NSGRuleRDPAccessRestricted.py
checkov/arm/checks/resource/NSGRuleSSHAccessRestricted.py
checkov/arm/checks/resource/NetworkWatcherFlowLogPeriod.py
checkov/arm/checks/resource/PostgreSQLServerConnectionThrottlingEnabled.py
checkov/arm/checks/resource/PostgreSQLServerLogCheckpointsEnabled.py
checkov/arm/checks/resource/PostgreSQLServerLogConnectionsEnabled.py
checkov/arm/checks/resource/PostgreSQLServerSSLEnforcementEnabled.py
checkov/arm/checks/resource/SQLServerAuditingEnabled.py
checkov/arm/checks/resource/SQLServerAuditingRetention90Days.py
checkov/arm/checks/resource/SQLServerEmailAlertsEnabled.py
checkov/arm/checks/resource/SQLServerEmailAlertsToAdminsEnabled.py
checkov/arm/checks/resource/SQLServerNoPublicAccess.py
checkov/arm/checks/resource/SQLServerThreatDetectionTypes.py
checkov/arm/checks/resource/SecretExpirationDate.py
checkov/arm/checks/resource/SecurityCenterContactEmailAlert.py
checkov/arm/checks/resource/SecurityCenterContactEmailAlertAdmins.py
checkov/arm/checks/resource/SecurityCenterContactPhone.py
checkov/arm/checks/resource/SecurityCenterStandardPricing.py
checkov/arm/checks/resource/StorageAccountAzureServicesAccessEnabled.py
checkov/arm/checks/resource/StorageAccountDefaultNetworkAccessDeny.py
checkov/arm/checks/resource/StorageAccountLoggingQueueServiceEnabled.py
checkov/arm/checks/resource/StorageAccountsTransportEncryption.py
checkov/arm/checks/resource/StorageBlobServiceContainerPrivateAccess.py
checkov/arm/checks/resource/__init__.py
checkov/arm/parser/__init__.py
checkov/arm/parser/cfn_yaml.py
checkov/cloudformation/__init__.py
checkov/cloudformation/cfn_utils.py
checkov/cloudformation/context_parser.py
checkov/cloudformation/graph_manager.py
checkov/cloudformation/runner.py
checkov/cloudformation/checks/__init__.py
checkov/cloudformation/checks/graph_checks/__init__.py
checkov/cloudformation/checks/resource/BaseCloudsplainingIAMCheck.py
checkov/cloudformation/checks/resource/__init__.py
checkov/cloudformation/checks/resource/base_registry.py
checkov/cloudformation/checks/resource/base_resource_check.py
checkov/cloudformation/checks/resource/base_resource_negative_value_check.py
checkov/cloudformation/checks/resource/base_resource_value_check.py
checkov/cloudformation/checks/resource/registry.py
checkov/cloudformation/checks/resource/aws/ALBDropHttpHeaders.py
checkov/cloudformation/checks/resource/aws/ALBListenerHTTPS.py
checkov/cloudformation/checks/resource/aws/APIGatewayAccessLogging.py
checkov/cloudformation/checks/resource/aws/APIGatewayAuthorization.py
checkov/cloudformation/checks/resource/aws/APIGatewayCacheEnable.py
checkov/cloudformation/checks/resource/aws/APIGatewayV2AccessLogging.py
checkov/cloudformation/checks/resource/aws/APIGatewayXray.py
checkov/cloudformation/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.py
checkov/cloudformation/checks/resource/aws/AmazonMQBrokerPublicAccess.py
checkov/cloudformation/checks/resource/aws/AthenaWorkgroupConfiguration.py
checkov/cloudformation/checks/resource/aws/AuroraEncryption.py
checkov/cloudformation/checks/resource/aws/BackupVaultEncrypted.py
checkov/cloudformation/checks/resource/aws/CloudWatchLogGroupKMSKey.py
checkov/cloudformation/checks/resource/aws/CloudWatchLogGroupRetention.py
checkov/cloudformation/checks/resource/aws/CloudfrontDistributionEncryption.py
checkov/cloudformation/checks/resource/aws/CloudfrontDistributionLogging.py
checkov/cloudformation/checks/resource/aws/CloudtrailEncryption.py
checkov/cloudformation/checks/resource/aws/CloudtrailLogValidation.py
checkov/cloudformation/checks/resource/aws/CloudtrailMultiRegion.py
checkov/cloudformation/checks/resource/aws/CodeBuildProjectEncryption.py
checkov/cloudformation/checks/resource/aws/DAXEncryption.py
checkov/cloudformation/checks/resource/aws/DMSReplicationInstancePubliclyAccessible.py
checkov/cloudformation/checks/resource/aws/DocDBAuditLogs.py
checkov/cloudformation/checks/resource/aws/DocDBEncryption.py
checkov/cloudformation/checks/resource/aws/DocDBLogging.py
checkov/cloudformation/checks/resource/aws/DocDBTLS.py
checkov/cloudformation/checks/resource/aws/DynamoDBTablesEncrypted.py
checkov/cloudformation/checks/resource/aws/DynamodbGlobalTableRecovery.py
checkov/cloudformation/checks/resource/aws/DynamodbRecovery.py
checkov/cloudformation/checks/resource/aws/EBSDefaultEncryption.py
checkov/cloudformation/checks/resource/aws/EBSEncryption.py
checkov/cloudformation/checks/resource/aws/EC2Credentials.py
checkov/cloudformation/checks/resource/aws/EC2PublicIP.py
checkov/cloudformation/checks/resource/aws/ECRImageScanning.py
checkov/cloudformation/checks/resource/aws/ECRImmutableTags.py
checkov/cloudformation/checks/resource/aws/ECRPolicy.py
checkov/cloudformation/checks/resource/aws/ECRRepositoryEncrypted.py
checkov/cloudformation/checks/resource/aws/ECSClusterContainerInsights.py
checkov/cloudformation/checks/resource/aws/ECSTaskDefinitionEFSVolumeEncryption.py
checkov/cloudformation/checks/resource/aws/EFSEncryptionEnabled.py
checkov/cloudformation/checks/resource/aws/EKSControlPlaneLogging.py
checkov/cloudformation/checks/resource/aws/EKSNodeGroupRemoteAccess.py
checkov/cloudformation/checks/resource/aws/EKSPublicAccess.py
checkov/cloudformation/checks/resource/aws/EKSPublicAccessCIDR.py
checkov/cloudformation/checks/resource/aws/EKSSecretsEncryption.py
checkov/cloudformation/checks/resource/aws/ELBAccessLogs.py
checkov/cloudformation/checks/resource/aws/ELBv2AccessLogs.py
checkov/cloudformation/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtRest.py
checkov/cloudformation/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransit.py
checkov/cloudformation/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransitAuthToken.py
checkov/cloudformation/checks/resource/aws/ElasticsearchDomainEnforceHTTPS.py
checkov/cloudformation/checks/resource/aws/ElasticsearchDomainLogging.py
checkov/cloudformation/checks/resource/aws/ElasticsearchEncryption.py
checkov/cloudformation/checks/resource/aws/ElasticsearchNodeToNodeEncryption.py
checkov/cloudformation/checks/resource/aws/GlobalAcceleratorAcceleratorFlowLogs.py
checkov/cloudformation/checks/resource/aws/GlueDataCatalogEncryption.py
checkov/cloudformation/checks/resource/aws/GlueSecurityConfiguration.py
checkov/cloudformation/checks/resource/aws/IAMAdminPolicyDocument.py
checkov/cloudformation/checks/resource/aws/IAMCredentialsExposure.py
checkov/cloudformation/checks/resource/aws/IAMDataExfiltration.py
checkov/cloudformation/checks/resource/aws/IAMPermissionsManagement.py
checkov/cloudformation/checks/resource/aws/IAMPolicyAttachedToGroupOrRoles.py
checkov/cloudformation/checks/resource/aws/IAMPrivilegeEscalation.py
checkov/cloudformation/checks/resource/aws/IAMRoleAllowAssumeFromAccount.py
checkov/cloudformation/checks/resource/aws/IAMRoleAllowsPublicAssume.py
checkov/cloudformation/checks/resource/aws/IAMStarActionPolicyDocument.py
checkov/cloudformation/checks/resource/aws/IAMWriteAccess.py
checkov/cloudformation/checks/resource/aws/IMDSv1Disabled.py
checkov/cloudformation/checks/resource/aws/KMSKeyWildCardPrincipal.py
checkov/cloudformation/checks/resource/aws/KMSRotation.py
checkov/cloudformation/checks/resource/aws/KinesisStreamEncryptionType.py
checkov/cloudformation/checks/resource/aws/LambdaDLQConfigured.py
checkov/cloudformation/checks/resource/aws/LambdaEnvironmentCredentials.py
checkov/cloudformation/checks/resource/aws/LambdaEnvironmentEncryptionSettings.py
checkov/cloudformation/checks/resource/aws/LaunchConfigurationEBSEncryption.py
checkov/cloudformation/checks/resource/aws/NeptuneClusterLogging.py
checkov/cloudformation/checks/resource/aws/NeptuneClusterStorageEncrypted.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyExpiration.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyLength.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyLowercaseLetter.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyNumber.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyReuse.py
checkov/cloudformation/checks/resource/aws/PasswordPolicySymbol.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyUppercaseLetter.py
checkov/cloudformation/checks/resource/aws/QLDBLedgerDeletionProtection.py
checkov/cloudformation/checks/resource/aws/QLDBLedgerPermissionsMode.py
checkov/cloudformation/checks/resource/aws/RDSClusterIAMAuthentication.py
checkov/cloudformation/checks/resource/aws/RDSEncryption.py
checkov/cloudformation/checks/resource/aws/RDSIAMAuthentication.py
checkov/cloudformation/checks/resource/aws/RDSMultiAZEnabled.py
checkov/cloudformation/checks/resource/aws/RDSPubliclyAccessible.py
checkov/cloudformation/checks/resource/aws/RedShiftSSL.py
checkov/cloudformation/checks/resource/aws/RedshiftClusterEncryption.py
checkov/cloudformation/checks/resource/aws/RedshiftClusterLogging.py
checkov/cloudformation/checks/resource/aws/RedshiftClusterPubliclyAccessible.py
checkov/cloudformation/checks/resource/aws/RedshiftInEc2ClassicMode.py
checkov/cloudformation/checks/resource/aws/S3AccessLogs.py
checkov/cloudformation/checks/resource/aws/S3BlockPublicACLs.py
checkov/cloudformation/checks/resource/aws/S3BlockPublicPolicy.py
checkov/cloudformation/checks/resource/aws/S3Encryption.py
checkov/cloudformation/checks/resource/aws/S3IgnorePublicACLs.py
checkov/cloudformation/checks/resource/aws/S3PublicACLRead.py
checkov/cloudformation/checks/resource/aws/S3PublicACLWrite.py
checkov/cloudformation/checks/resource/aws/S3RestrictPublicBuckets.py
checkov/cloudformation/checks/resource/aws/S3Versioning.py
checkov/cloudformation/checks/resource/aws/SNSTopicEncryption.py
checkov/cloudformation/checks/resource/aws/SQSQueueEncryption.py
checkov/cloudformation/checks/resource/aws/SecurityGroupRuleDescription.py
checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress22.py
checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.py
checkov/cloudformation/checks/resource/aws/TimestreamDatabaseKMSKey.py
checkov/cloudformation/checks/resource/aws/TransferServerIsPublic.py
checkov/cloudformation/checks/resource/aws/VPCEndpointAcceptanceConfigured.py
checkov/cloudformation/checks/resource/aws/WAFEnabled.py
checkov/cloudformation/checks/resource/aws/WorkspaceRootVolumeEncrypted.py
checkov/cloudformation/checks/resource/aws/WorkspaceUserVolumeEncrypted.py
checkov/cloudformation/checks/resource/aws/__init__.py
checkov/cloudformation/checks/utils/__init__.py
checkov/cloudformation/checks/utils/iam_cloudformation_document_to_policy_converter.py
checkov/cloudformation/graph_builder/__init__.py
checkov/cloudformation/graph_builder/graph_to_definitions.py
checkov/cloudformation/graph_builder/local_graph.py
checkov/cloudformation/graph_builder/utils.py
checkov/cloudformation/graph_builder/graph_components/__init__.py
checkov/cloudformation/graph_builder/graph_components/block_types.py
checkov/cloudformation/graph_builder/graph_components/blocks.py
checkov/cloudformation/graph_builder/variable_rendering/__init__.py
checkov/cloudformation/graph_builder/variable_rendering/renderer.py
checkov/cloudformation/graph_builder/variable_rendering/vertex_reference.py
checkov/cloudformation/parser/__init__.py
checkov/cloudformation/parser/cfn_keywords.py
checkov/cloudformation/parser/cfn_yaml.py
checkov/common/__init__.py
checkov/common/multi_signature.py
checkov/common/typing.py
checkov/common/version_manager.py
checkov/common/bridgecrew/__init__.py
checkov/common/bridgecrew/bc_source.py
checkov/common/bridgecrew/ci_variables.py
checkov/common/bridgecrew/platform_errors.py
checkov/common/bridgecrew/platform_integration.py
checkov/common/bridgecrew/platform_key.py
checkov/common/bridgecrew/wrapper.py
checkov/common/bridgecrew/image_scanning/__init__.py
checkov/common/bridgecrew/image_scanning/docker_image_scanning_integration.py
checkov/common/bridgecrew/image_scanning/image_scanner.py
checkov/common/bridgecrew/integration_features/__init__.py
checkov/common/bridgecrew/integration_features/base_integration_feature.py
checkov/common/bridgecrew/integration_features/integration_feature_registry.py
checkov/common/bridgecrew/integration_features/features/__init__.py
checkov/common/bridgecrew/integration_features/features/custom_policies_integration.py
checkov/common/bridgecrew/integration_features/features/fixes_integration.py
checkov/common/bridgecrew/integration_features/features/suppressions_integration.py
checkov/common/checks/__init__.py
checkov/common/checks/base_check.py
checkov/common/checks/base_check_registry.py
checkov/common/checks_infra/__init__.py
checkov/common/checks_infra/checks_parser.py
checkov/common/checks_infra/registry.py
checkov/common/checks_infra/resources_types.py
checkov/common/checks_infra/solvers/__init__.py
checkov/common/checks_infra/solvers/attribute_solvers/__init__.py
checkov/common/checks_infra/solvers/attribute_solvers/any_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/base_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/contains_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/ending_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/exists_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/greater_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/greater_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/less_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/less_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_contains_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_ending_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_exists_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_regex_match_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_starting_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/regex_match_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/starting_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/within_attribute_solver.py
checkov/common/checks_infra/solvers/complex_solvers/__init__.py
checkov/common/checks_infra/solvers/complex_solvers/and_solver.py
checkov/common/checks_infra/solvers/complex_solvers/base_complex_solver.py
checkov/common/checks_infra/solvers/complex_solvers/or_solver.py
checkov/common/checks_infra/solvers/connections_solvers/__init__.py
checkov/common/checks_infra/solvers/connections_solvers/and_connection_solver.py
checkov/common/checks_infra/solvers/connections_solvers/base_connection_solver.py
checkov/common/checks_infra/solvers/connections_solvers/complex_connection_solver.py
checkov/common/checks_infra/solvers/connections_solvers/connection_exists_solver.py
checkov/common/checks_infra/solvers/connections_solvers/connection_not_exists_solver.py
checkov/common/checks_infra/solvers/connections_solvers/or_connection_solver.py
checkov/common/checks_infra/solvers/filter_solvers/__init__.py
checkov/common/checks_infra/solvers/filter_solvers/base_filter_solver.py
checkov/common/checks_infra/solvers/filter_solvers/within_filter_solver.py
checkov/common/comment/__init__.py
checkov/common/comment/enum.py
checkov/common/goget/__init__.py
checkov/common/goget/base_getter.py
checkov/common/goget/github/__init__.py
checkov/common/goget/github/get_git.py
checkov/common/graph/__init__.py
checkov/common/graph/graph_manager.py
checkov/common/graph/checks_infra/__init__.py
checkov/common/graph/checks_infra/base_check.py
checkov/common/graph/checks_infra/base_parser.py
checkov/common/graph/checks_infra/enums.py
checkov/common/graph/checks_infra/registry.py
checkov/common/graph/checks_infra/solvers/__init__.py
checkov/common/graph/checks_infra/solvers/base_solver.py
checkov/common/graph/db_connectors/__init__.py
checkov/common/graph/db_connectors/db_connector.py
checkov/common/graph/db_connectors/networkx/__init__.py
checkov/common/graph/db_connectors/networkx/networkx_db_connector.py
checkov/common/graph/graph_builder/__init__.py
checkov/common/graph/graph_builder/local_graph.py
checkov/common/graph/graph_builder/utils.py
checkov/common/graph/graph_builder/graph_components/__init__.py
checkov/common/graph/graph_builder/graph_components/attribute_names.py
checkov/common/graph/graph_builder/graph_components/block_types.py
checkov/common/graph/graph_builder/graph_components/blocks.py
checkov/common/graph/graph_builder/graph_components/edge.py
checkov/common/graph/graph_builder/variable_rendering/__init__.py
checkov/common/graph/graph_builder/variable_rendering/breadcrumb_metadata.py
checkov/common/graph/graph_builder/variable_rendering/renderer.py
checkov/common/graph/graph_builder/variable_rendering/vertex_reference.py
checkov/common/models/__init__.py
checkov/common/models/consts.py
checkov/common/models/enums.py
checkov/common/output/__init__.py
checkov/common/output/baseline.py
checkov/common/output/graph_record.py
checkov/common/output/record.py
checkov/common/output/report.py
checkov/common/parsers/__init__.py
checkov/common/parsers/node.py
checkov/common/parsers/json/__init__.py
checkov/common/parsers/json/decoder.py
checkov/common/parsers/json/errors.py
checkov/common/runners/__init__.py
checkov/common/runners/base_runner.py
checkov/common/runners/runner_registry.py
checkov/common/util/__init__.py
checkov/common/util/banner.py
checkov/common/util/config_utils.py
checkov/common/util/consts.py
checkov/common/util/data_structures_utils.py
checkov/common/util/docs_generator.py
checkov/common/util/ext_argument_parser.py
checkov/common/util/file_utils.py
checkov/common/util/http_utils.py
checkov/common/util/json_utils.py
checkov/common/util/runner_dependency_handler.py
checkov/common/util/secrets.py
checkov/common/util/type_forcers.py
checkov/common/variables/__init__.py
checkov/common/variables/context.py
checkov/dockerfile/__init__.py
checkov/dockerfile/base_dockerfile_check.py
checkov/dockerfile/base_registry.py
checkov/dockerfile/parser.py
checkov/dockerfile/registry.py
checkov/dockerfile/runner.py
checkov/dockerfile/checks/AddExists.py
checkov/dockerfile/checks/ExposePort22.py
checkov/dockerfile/checks/HealthcheckExists.py
checkov/dockerfile/checks/MaintainerExists.py
checkov/dockerfile/checks/ReferenceLatestTag.py
checkov/dockerfile/checks/RootUser.py
checkov/dockerfile/checks/UpdateNotAlone.py
checkov/dockerfile/checks/UserExists.py
checkov/dockerfile/checks/__init__.py
checkov/helm/__init__.py
checkov/helm/base_registry.py
checkov/helm/registry.py
checkov/helm/runner.py
checkov/json_doc/__init__.py
checkov/json_doc/base_json_check.py
checkov/json_doc/base_registry.py
checkov/json_doc/enums.py
checkov/json_doc/registry.py
checkov/json_doc/runner.py
checkov/kubernetes/__init__.py
checkov/kubernetes/base_registry.py
checkov/kubernetes/base_spec_check.py
checkov/kubernetes/base_spec_omitted_or_value_check.py
checkov/kubernetes/registry.py
checkov/kubernetes/runner.py
checkov/kubernetes/checks/AllowPrivilegeEscalation.py
checkov/kubernetes/checks/AllowPrivilegeEscalationPSP.py
checkov/kubernetes/checks/AllowedCapabilities.py
checkov/kubernetes/checks/AllowedCapabilitiesPSP.py
checkov/kubernetes/checks/AllowedCapabilitiesSysAdmin.py
checkov/kubernetes/checks/ApiServerAdmissionControlAlwaysAdmit.py
checkov/kubernetes/checks/ApiServerAdmissionControlEventRateLimit.py
checkov/kubernetes/checks/ApiServerAlwaysPullImagesPlugin.py
checkov/kubernetes/checks/ApiServerAnonymousAuth.py
checkov/kubernetes/checks/ApiServerAuditLog.py
checkov/kubernetes/checks/ApiServerAuditLogMaxAge.py
checkov/kubernetes/checks/ApiServerAuditLogMaxBackup.py
checkov/kubernetes/checks/ApiServerAuditLogMaxSize.py
checkov/kubernetes/checks/ApiServerAuthorizationModeNode.py
checkov/kubernetes/checks/ApiServerAuthorizationModeNotAlwaysAllow.py
checkov/kubernetes/checks/ApiServerAuthorizationModeRBAC.py
checkov/kubernetes/checks/ApiServerBasicAuthFile.py
checkov/kubernetes/checks/ApiServerEncryptionProviders.py
checkov/kubernetes/checks/ApiServerEtcdCaFile.py
checkov/kubernetes/checks/ApiServerEtcdCertAndKey.py
checkov/kubernetes/checks/ApiServerInsecureBindAddress.py
checkov/kubernetes/checks/ApiServerInsecurePort.py
checkov/kubernetes/checks/ApiServerKubeletClientCertAndKey.py
checkov/kubernetes/checks/ApiServerKubeletHttps.py
checkov/kubernetes/checks/ApiServerNamespaceLifecyclePlugin.py
checkov/kubernetes/checks/ApiServerNodeRestrictionPlugin.py
checkov/kubernetes/checks/ApiServerPodSecurityPolicyPlugin.py
checkov/kubernetes/checks/ApiServerProfiling.py
checkov/kubernetes/checks/ApiServerRequestTimeout.py
checkov/kubernetes/checks/ApiServerSecurePort.py
checkov/kubernetes/checks/ApiServerSecurityContextDenyPlugin.py
checkov/kubernetes/checks/ApiServerServiceAccountKeyFile.py
checkov/kubernetes/checks/ApiServerServiceAccountLookup.py
checkov/kubernetes/checks/ApiServerServiceAccountPlugin.py
checkov/kubernetes/checks/ApiServerStrongCryptographicCiphers.py
checkov/kubernetes/checks/ApiServerTlsCertAndKey.py
checkov/kubernetes/checks/ApiServerTokenAuthFile.py
checkov/kubernetes/checks/ApiServerkubeletCertificateAuthority.py
checkov/kubernetes/checks/CPULimits.py
checkov/kubernetes/checks/CPURequests.py
checkov/kubernetes/checks/ContainerSecurityContext.py
checkov/kubernetes/checks/ControllerManagerBindAddress.py
checkov/kubernetes/checks/DefaultNamespace.py
checkov/kubernetes/checks/DefaultServiceAccount.py
checkov/kubernetes/checks/DefaultServiceAccountBinding.py
checkov/kubernetes/checks/DockerSocketVolume.py
checkov/kubernetes/checks/DropCapabilities.py
checkov/kubernetes/checks/DropCapabilitiesPSP.py
checkov/kubernetes/checks/EtcdAutoTls.py
checkov/kubernetes/checks/EtcdCertAndKey.py
checkov/kubernetes/checks/EtcdClientCertAuth.py
checkov/kubernetes/checks/EtcdPeerFiles.py
checkov/kubernetes/checks/HostPort.py
checkov/kubernetes/checks/ImageDigest.py
checkov/kubernetes/checks/ImagePullPolicyAlways.py
checkov/kubernetes/checks/ImageTagFixed.py
checkov/kubernetes/checks/KubeControllerManagerBlockProfiles.py
checkov/kubernetes/checks/KubeControllerManagerRootCAFile.py
checkov/kubernetes/checks/KubeControllerManagerRotateKubeletServerCertificate.py
checkov/kubernetes/checks/KubeControllerManagerServiceAccountCredentials.py
checkov/kubernetes/checks/KubeControllerManagerServiceAccountPrivateKeyFile.py
checkov/kubernetes/checks/KubeControllerManagerTerminatedPods.py
checkov/kubernetes/checks/KubeletAnonymousAuth.py
checkov/kubernetes/checks/KubeletAuthorizationModeNotAlwaysAllow.py
checkov/kubernetes/checks/KubeletClientCa.py
checkov/kubernetes/checks/KubeletCryptographicCiphers.py
checkov/kubernetes/checks/KubeletHostnameOverride.py
checkov/kubernetes/checks/KubeletKeyFilesSetAppropriate.py
checkov/kubernetes/checks/KubeletMakeIptablesUtilChains.py
checkov/kubernetes/checks/KubeletProtectKernelDefaults.py
checkov/kubernetes/checks/KubeletReadOnlyPort.py
checkov/kubernetes/checks/KubeletStreamingConnectionIdleTimeout.py
checkov/kubernetes/checks/KubernetesDashboard.py
checkov/kubernetes/checks/KubletEventCapture.py
checkov/kubernetes/checks/KubletRotateCertificates.py
checkov/kubernetes/checks/KubletRotateKubeletServerCertificate.py
checkov/kubernetes/checks/LivenessProbe.py
checkov/kubernetes/checks/MemoryLimits.py
checkov/kubernetes/checks/MemoryRequests.py
checkov/kubernetes/checks/MinimizeCapabilities.py
checkov/kubernetes/checks/MinimizeCapabilitiesPSP.py
checkov/kubernetes/checks/PeerClientCertAuthTrue.py
checkov/kubernetes/checks/PodSecurityContext.py
checkov/kubernetes/checks/PrivilegedContainers.py
checkov/kubernetes/checks/PrivilegedContainersPSP.py
checkov/kubernetes/checks/ReadOnlyFilesystem.py
checkov/kubernetes/checks/ReadinessProbe.py
checkov/kubernetes/checks/RootContainers.py
checkov/kubernetes/checks/RootContainersHighUID.py
checkov/kubernetes/checks/RootContainersPSP.py
checkov/kubernetes/checks/SchedulerBindAddress.py
checkov/kubernetes/checks/SchedulerProfiling.py
checkov/kubernetes/checks/Seccomp.py
checkov/kubernetes/checks/SeccompPSP.py
checkov/kubernetes/checks/Secrets.py
checkov/kubernetes/checks/ServiceAccountTokens.py
checkov/kubernetes/checks/ShareHostIPC.py
checkov/kubernetes/checks/ShareHostIPCPSP.py
checkov/kubernetes/checks/ShareHostPID.py
checkov/kubernetes/checks/ShareHostPIDPSP.py
checkov/kubernetes/checks/SharedHostNetworkNamespace.py
checkov/kubernetes/checks/SharedHostNetworkNamespacePSP.py
checkov/kubernetes/checks/Tiller.py
checkov/kubernetes/checks/TillerDeploymentListener.py
checkov/kubernetes/checks/TillerService.py
checkov/kubernetes/checks/WildcardRoles.py
checkov/kubernetes/checks/__init__.py
checkov/kubernetes/checks/k8s_check_utils.py
checkov/kubernetes/parser/__init__.py
checkov/kubernetes/parser/k8_json.py
checkov/kubernetes/parser/k8_yaml.py
checkov/kubernetes/parser/parser.py
checkov/secrets/__init__.py
checkov/secrets/runner.py
checkov/secrets/plugins/__init__.py
checkov/secrets/plugins/entropy_keyword_combinator.py
checkov/serverless/__init__.py
checkov/serverless/base_registry.py
checkov/serverless/registry.py
checkov/serverless/runner.py
checkov/serverless/checks/__init__.py
checkov/serverless/checks/base_function_check.py
checkov/serverless/checks/complete/__init__.py
checkov/serverless/checks/complete/base_complete_check.py
checkov/serverless/checks/complete/registry.py
checkov/serverless/checks/custom/__init__.py
checkov/serverless/checks/custom/base_custom_check.py
checkov/serverless/checks/custom/registry.py
checkov/serverless/checks/function/__init__.py
checkov/serverless/checks/function/base_function_check.py
checkov/serverless/checks/function/registry.py
checkov/serverless/checks/function/aws/AWSCredentials.py
checkov/serverless/checks/function/aws/AdminPolicyDocument.py
checkov/serverless/checks/function/aws/StarActionPolicyDocument.py
checkov/serverless/checks/function/aws/__init__.py
checkov/serverless/checks/layer/__init__.py
checkov/serverless/checks/layer/base_layer_check.py
checkov/serverless/checks/layer/registry.py
checkov/serverless/checks/package/__init__.py
checkov/serverless/checks/package/base_package_check.py
checkov/serverless/checks/package/registry.py
checkov/serverless/checks/plugin/__init__.py
checkov/serverless/checks/plugin/base_plugin_check.py
checkov/serverless/checks/plugin/registry.py
checkov/serverless/checks/provider/__init__.py
checkov/serverless/checks/provider/base_provider_check.py
checkov/serverless/checks/provider/registry.py
checkov/serverless/checks/service/__init__.py
checkov/serverless/checks/service/base_service_check.py
checkov/serverless/checks/service/registry.py
checkov/serverless/parsers/__init__.py
checkov/serverless/parsers/context_parser.py
checkov/serverless/parsers/parser.py
checkov/terraform/__init__.py
checkov/terraform/graph_manager.py
checkov/terraform/parser.py
checkov/terraform/parser_functions.py
checkov/terraform/parser_utils.py
checkov/terraform/plan_parser.py
checkov/terraform/plan_runner.py
checkov/terraform/runner.py
checkov/terraform/checks/__init__.py
checkov/terraform/checks/data/BaseCloudsplainingIAMCheck.py
checkov/terraform/checks/data/__init__.py
checkov/terraform/checks/data/base_check.py
checkov/terraform/checks/data/base_registry.py
checkov/terraform/checks/data/registry.py
checkov/terraform/checks/data/aws/AdminPolicyDocument.py
checkov/terraform/checks/data/aws/IAMCredentialsExposure.py
checkov/terraform/checks/data/aws/IAMDataExfiltration.py
checkov/terraform/checks/data/aws/IAMPermissionsManagement.py
checkov/terraform/checks/data/aws/IAMPrivilegeEscalation.py
checkov/terraform/checks/data/aws/IAMWriteAccess.py
checkov/terraform/checks/data/aws/StarActionPolicyDocument.py
checkov/terraform/checks/data/aws/__init__.py
checkov/terraform/checks/graph_checks/__init__.py
checkov/terraform/checks/module/__init__.py
checkov/terraform/checks/module/base_module_check.py
checkov/terraform/checks/module/base_registry.py
checkov/terraform/checks/module/registry.py
checkov/terraform/checks/provider/__init__.py
checkov/terraform/checks/provider/base_check.py
checkov/terraform/checks/provider/base_registry.py
checkov/terraform/checks/provider/registry.py
checkov/terraform/checks/provider/aws/__init__.py
checkov/terraform/checks/provider/aws/credentials.py
checkov/terraform/checks/provider/bridgecrew/__init__.py
checkov/terraform/checks/provider/bridgecrew/credentials.py
checkov/terraform/checks/provider/linode/__init__.py
checkov/terraform/checks/provider/linode/credentials.py
checkov/terraform/checks/resource/__init__.py
checkov/terraform/checks/resource/base_registry.py
checkov/terraform/checks/resource/base_resource_check.py
checkov/terraform/checks/resource/base_resource_negative_value_check.py
checkov/terraform/checks/resource/base_resource_value_check.py
checkov/terraform/checks/resource/registry.py
checkov/terraform/checks/resource/aws/ALBDropHttpHeaders.py
checkov/terraform/checks/resource/aws/ALBListenerHTTPS.py
checkov/terraform/checks/resource/aws/APIGatewayAccessLogging.py
checkov/terraform/checks/resource/aws/APIGatewayAuthorization.py
checkov/terraform/checks/resource/aws/APIGatewayCacheEnable.py
checkov/terraform/checks/resource/aws/APIGatewayXray.py
checkov/terraform/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.py
checkov/terraform/checks/resource/aws/AppLoadBalancerTLS12.py
checkov/terraform/checks/resource/aws/AthenaDatabaseEncryption.py
checkov/terraform/checks/resource/aws/AthenaWorkgroupConfiguration.py
checkov/terraform/checks/resource/aws/AthenaWorkgroupEncryption.py
checkov/terraform/checks/resource/aws/AuroraEncryption.py
checkov/terraform/checks/resource/aws/AutoScalingTagging.py
checkov/terraform/checks/resource/aws/BackupVaultEncrypted.py
checkov/terraform/checks/resource/aws/CloudWatchLogGroupKMSKey.py
checkov/terraform/checks/resource/aws/CloudWatchLogGroupRetention.py
checkov/terraform/checks/resource/aws/CloudformationStackNotificationArns.py
checkov/terraform/checks/resource/aws/CloudfrontDistributionEncryption.py
checkov/terraform/checks/resource/aws/CloudfrontDistributionLogging.py
checkov/terraform/checks/resource/aws/CloudtrailEncryption.py
checkov/terraform/checks/resource/aws/CloudtrailLogValidation.py
checkov/terraform/checks/resource/aws/CloudtrailMultiRegion.py
checkov/terraform/checks/resource/aws/CodeBuildEncrypted.py
checkov/terraform/checks/resource/aws/CodeBuildProjectEncryption.py
checkov/terraform/checks/resource/aws/ConfigConfgurationAggregatorAllRegions.py
checkov/terraform/checks/resource/aws/DAXEncryption.py
checkov/terraform/checks/resource/aws/DBInstanceBackupRetentionPeriod.py
checkov/terraform/checks/resource/aws/DBInstanceLogging.py
checkov/terraform/checks/resource/aws/DMSReplicationInstancePubliclyAccessible.py
checkov/terraform/checks/resource/aws/DocDBAuditLogs.py
checkov/terraform/checks/resource/aws/DocDBEncryption.py
checkov/terraform/checks/resource/aws/DocDBLogging.py
checkov/terraform/checks/resource/aws/DocDBTLS.py
checkov/terraform/checks/resource/aws/DynamoDBGlobalTableRecovery.py
checkov/terraform/checks/resource/aws/DynamoDBTablesEncrypted.py
checkov/terraform/checks/resource/aws/DynamodbRecovery.py
checkov/terraform/checks/resource/aws/EBSDefaultEncryption.py
checkov/terraform/checks/resource/aws/EBSEncryption.py
checkov/terraform/checks/resource/aws/EC2Credentials.py
checkov/terraform/checks/resource/aws/EC2DetailedMonitoringEnabled.py
checkov/terraform/checks/resource/aws/EC2EBSOptimized.py
checkov/terraform/checks/resource/aws/EC2PublicIP.py
checkov/terraform/checks/resource/aws/ECRImageScanning.py
checkov/terraform/checks/resource/aws/ECRImmutableTags.py
checkov/terraform/checks/resource/aws/ECRPolicy.py
checkov/terraform/checks/resource/aws/ECRRepositoryEncrypted.py
checkov/terraform/checks/resource/aws/ECSClusterContainerInsights.py
checkov/terraform/checks/resource/aws/ECSTaskDefinitionEFSVolumeEncryption.py
checkov/terraform/checks/resource/aws/EFSEncryptionEnabled.py
checkov/terraform/checks/resource/aws/EKSControlPlaneLogging.py
checkov/terraform/checks/resource/aws/EKSNodeGroupRemoteAccess.py
checkov/terraform/checks/resource/aws/EKSPublicAccess.py
checkov/terraform/checks/resource/aws/EKSPublicAccessCIDR.py
checkov/terraform/checks/resource/aws/EKSSecretsEncryption.py
checkov/terraform/checks/resource/aws/ELBAccessLogs.py
checkov/terraform/checks/resource/aws/ELBCrossZoneEnable.py
checkov/terraform/checks/resource/aws/ELBUsesSSL.py
checkov/terraform/checks/resource/aws/ELBv2AccessLogs.py
checkov/terraform/checks/resource/aws/EMRClusterIsEncryptedKMS.py
checkov/terraform/checks/resource/aws/EMRClusterKerberosAttributes.py
checkov/terraform/checks/resource/aws/ElasticCacheAutomaticBackup.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtRest.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransit.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransitAuthToken.py
checkov/terraform/checks/resource/aws/ElasticsearchDomainEnforceHTTPS.py
checkov/terraform/checks/resource/aws/ElasticsearchDomainLogging.py
checkov/terraform/checks/resource/aws/ElasticsearchEncryption.py
checkov/terraform/checks/resource/aws/ElasticsearchInVPC.py
checkov/terraform/checks/resource/aws/ElasticsearchNodeToNodeEncryption.py
checkov/terraform/checks/resource/aws/GlacierVaultAnyPrincipal.py
checkov/terraform/checks/resource/aws/GlobalAcceleratorAcceleratorFlowLogs.py
checkov/terraform/checks/resource/aws/GlueDataCatalogEncryption.py
checkov/terraform/checks/resource/aws/GlueSecurityConfiguration.py
checkov/terraform/checks/resource/aws/IAMAdminPolicyDocument.py
checkov/terraform/checks/resource/aws/IAMPolicyAttachedToGroupOrRoles.py
checkov/terraform/checks/resource/aws/IAMRoleAllowAssumeFromAccount.py
checkov/terraform/checks/resource/aws/IAMRoleAllowsPublicAssume.py
checkov/terraform/checks/resource/aws/IAMStarActionPolicyDocument.py
checkov/terraform/checks/resource/aws/IMDSv1Disabled.py
checkov/terraform/checks/resource/aws/KMSKeyWildcardPrincipal.py
checkov/terraform/checks/resource/aws/KMSRotation.py
checkov/terraform/checks/resource/aws/KinesisStreamEncryptionType.py
checkov/terraform/checks/resource/aws/LBCrossZone.py
checkov/terraform/checks/resource/aws/LBDeletionProtection.py
checkov/terraform/checks/resource/aws/LambdaDLQConfigured.py
checkov/terraform/checks/resource/aws/LambdaEnvironmentCredentials.py
checkov/terraform/checks/resource/aws/LambdaEnvironmentEncryptionSettings.py
checkov/terraform/checks/resource/aws/LambdaFunctionLevelConcurrentExecutionLimit.py
checkov/terraform/checks/resource/aws/LambdaInVPC.py
checkov/terraform/checks/resource/aws/LambdaXrayEnabled.py
checkov/terraform/checks/resource/aws/LaunchConfigurationEBSEncryption.py
checkov/terraform/checks/resource/aws/MQBrokerLogging.py
checkov/terraform/checks/resource/aws/MQBrokerNotPubliclyExposed.py
checkov/terraform/checks/resource/aws/MSKClusterEncryption.py
checkov/terraform/checks/resource/aws/MSKClusterLogging.py
checkov/terraform/checks/resource/aws/NeptuneClusterInstancePublic.py
checkov/terraform/checks/resource/aws/NeptuneClusterLogging.py
checkov/terraform/checks/resource/aws/NeptuneClusterStorageEncrypted.py
checkov/terraform/checks/resource/aws/PasswordPolicyExpiration.py
checkov/terraform/checks/resource/aws/PasswordPolicyLength.py
checkov/terraform/checks/resource/aws/PasswordPolicyLowercaseLetter.py
checkov/terraform/checks/resource/aws/PasswordPolicyNumber.py
checkov/terraform/checks/resource/aws/PasswordPolicyReuse.py
checkov/terraform/checks/resource/aws/PasswordPolicySymbol.py
checkov/terraform/checks/resource/aws/PasswordPolicyUppercaseLetter.py
checkov/terraform/checks/resource/aws/QLDBLedgerDeletionProtection.py
checkov/terraform/checks/resource/aws/QLDBLedgerPermissionsMode.py
checkov/terraform/checks/resource/aws/RDSClusterEncrypted.py
checkov/terraform/checks/resource/aws/RDSClusterIAMAuthentication.py
checkov/terraform/checks/resource/aws/RDSClusterSnapshotEncrypted.py
checkov/terraform/checks/resource/aws/RDSDeletionProtection.py
checkov/terraform/checks/resource/aws/RDSEnableIAMAuthentication.py
checkov/terraform/checks/resource/aws/RDSEncryption.py
checkov/terraform/checks/resource/aws/RDSEnhancedMonitorEnabled.py
checkov/terraform/checks/resource/aws/RDSIAMAuthentication.py
checkov/terraform/checks/resource/aws/RDSMultiAZEnabled.py
checkov/terraform/checks/resource/aws/RDSPubliclyAccessible.py
checkov/terraform/checks/resource/aws/RedShiftSSL.py
checkov/terraform/checks/resource/aws/RedshiftClusterAllowVersionUpgrade.py
checkov/terraform/checks/resource/aws/RedshiftClusterEncryption.py
checkov/terraform/checks/resource/aws/RedshiftClusterKMSKey.py
checkov/terraform/checks/resource/aws/RedshiftClusterLogging.py
checkov/terraform/checks/resource/aws/RedshiftInEc2ClassicMode.py
checkov/terraform/checks/resource/aws/RedshitClusterPubliclyAvailable.py
checkov/terraform/checks/resource/aws/S3AccessLogs.py
checkov/terraform/checks/resource/aws/S3AllowsAnyPrincipal.py
checkov/terraform/checks/resource/aws/S3BlockPublicACLs.py
checkov/terraform/checks/resource/aws/S3BlockPublicPolicy.py
checkov/terraform/checks/resource/aws/S3BucketObjectLock.py
checkov/terraform/checks/resource/aws/S3BucketReplicationConfiguration.py
checkov/terraform/checks/resource/aws/S3Encryption.py
checkov/terraform/checks/resource/aws/S3IgnorePublicACLs.py
checkov/terraform/checks/resource/aws/S3KMSEncryptedByDefault.py
checkov/terraform/checks/resource/aws/S3ProtectAgainstPolicyLockout.py
checkov/terraform/checks/resource/aws/S3PublicACLRead.py
checkov/terraform/checks/resource/aws/S3PublicACLWRITE.py
checkov/terraform/checks/resource/aws/S3RestrictPublicBuckets.py
checkov/terraform/checks/resource/aws/S3Versioning.py
checkov/terraform/checks/resource/aws/SNSTopicEncryption.py
checkov/terraform/checks/resource/aws/SNSTopicPolicyAnyPrincipal.py
checkov/terraform/checks/resource/aws/SQSPolicy.py
checkov/terraform/checks/resource/aws/SQSQueueEncryption.py
checkov/terraform/checks/resource/aws/SQSQueuePolicyAnyPrincipal.py
checkov/terraform/checks/resource/aws/SSMSessionManagerDocumentEncryption.py
checkov/terraform/checks/resource/aws/SSMSessionManagerDocumentLogging.py
checkov/terraform/checks/resource/aws/SageMakerInternetAccessDisabled.py
checkov/terraform/checks/resource/aws/SagemakerEndpointConfigurationEncryption.py
checkov/terraform/checks/resource/aws/SagemakerNotebookEncryption.py
checkov/terraform/checks/resource/aws/SecretManagerSecretEncrypted.py
checkov/terraform/checks/resource/aws/SecurityGroupRuleDescription.py
checkov/terraform/checks/resource/aws/SecurityGroupUnrestrictedIngress22.py
checkov/terraform/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.py
checkov/terraform/checks/resource/aws/SubnetPublicIP.py
checkov/terraform/checks/resource/aws/TimestreamDatabaseKMSKey.py
checkov/terraform/checks/resource/aws/TransferServerIsPublic.py
checkov/terraform/checks/resource/aws/VPCDefaultNetwork.py
checkov/terraform/checks/resource/aws/VPCEndpointAcceptanceConfigured.py
checkov/terraform/checks/resource/aws/WAFEnabled.py
checkov/terraform/checks/resource/aws/WorkspaceRootVolumeEncrypted.py
checkov/terraform/checks/resource/aws/WorkspaceUserVolumeEncrypted.py
checkov/terraform/checks/resource/aws/__init__.py
checkov/terraform/checks/resource/azure/AKSApiServerAuthorizedIpRanges.py
checkov/terraform/checks/resource/azure/AKSDashboardDisabled.py
checkov/terraform/checks/resource/azure/AKSEnablesPrivateClusters.py
checkov/terraform/checks/resource/azure/AKSLoggingEnabled.py
checkov/terraform/checks/resource/azure/AKSNetworkPolicy.py
checkov/terraform/checks/resource/azure/AKSRbacEnabled.py
checkov/terraform/checks/resource/azure/AKSUsesAzurePoliciesAddon.py
checkov/terraform/checks/resource/azure/AKSUsesDiskEncryptionSet.py
checkov/terraform/checks/resource/azure/APIServicesUseVirtualNetwork.py
checkov/terraform/checks/resource/azure/ActiveDirectoryUsedAuthenticationServiceFabric.py
checkov/terraform/checks/resource/azure/AppGWUseWAFMode.py
checkov/terraform/checks/resource/azure/AppServiceAuthentication.py
checkov/terraform/checks/resource/azure/AppServiceDetailedErrorMessagesEnabled.py
checkov/terraform/checks/resource/azure/AppServiceDisallowCORS.py
checkov/terraform/checks/resource/azure/AppServiceDotnetFrameworkVersion.py
checkov/terraform/checks/resource/azure/AppServiceEnableFailedRequest.py
checkov/terraform/checks/resource/azure/AppServiceFTPSState.py
checkov/terraform/checks/resource/azure/AppServiceHTTPSOnly.py
checkov/terraform/checks/resource/azure/AppServiceHttpLoggingEnabled.py
checkov/terraform/checks/resource/azure/AppServiceHttps20Enabled.py
checkov/terraform/checks/resource/azure/AppServiceIdentityProviderEnabled.py
checkov/terraform/checks/resource/azure/AppServiceJavaVersion.py
checkov/terraform/checks/resource/azure/AppServiceMinTLSVersion.py
checkov/terraform/checks/resource/azure/AppServicePHPVersion.py
checkov/terraform/checks/resource/azure/AppServicePythonVersion.py
checkov/terraform/checks/resource/azure/AppServiceUsedAzureFiles.py
checkov/terraform/checks/resource/azure/AppServieClientCertificate.py
checkov/terraform/checks/resource/azure/AppServieIdentity.py
checkov/terraform/checks/resource/azure/ApplicationGatewayEnablesWAF.py
checkov/terraform/checks/resource/azure/AutomationEncrypted.py
checkov/terraform/checks/resource/azure/AzureBatchAccountUsesKeyVaultEncryption.py
checkov/terraform/checks/resource/azure/AzureContainerGroupDeployedIntoVirtualNetwork.py
checkov/terraform/checks/resource/azure/AzureDataExplorerDoubleEncryptionEnabled.py
checkov/terraform/checks/resource/azure/AzureDefenderOnAppServices.py
checkov/terraform/checks/resource/azure/AzureDefenderOnContainerRegistry.py
checkov/terraform/checks/resource/azure/AzureDefenderOnKeyVaults.py
checkov/terraform/checks/resource/azure/AzureDefenderOnKubernetes.py
checkov/terraform/checks/resource/azure/AzureDefenderOnServers.py
checkov/terraform/checks/resource/azure/AzureDefenderOnSqlServerVMS.py
checkov/terraform/checks/resource/azure/AzureDefenderOnSqlServers.py
checkov/terraform/checks/resource/azure/AzureDefenderOnStorage.py
checkov/terraform/checks/resource/azure/AzureFrontDoorEnablesWAF.py
checkov/terraform/checks/resource/azure/AzureInstanceExtensions.py
checkov/terraform/checks/resource/azure/AzureInstancePassword.py
checkov/terraform/checks/resource/azure/AzureManagedDiskEncryption.py
checkov/terraform/checks/resource/azure/AzureManagedDiskEncryptionSet.py
checkov/terraform/checks/resource/azure/AzureScaleSetPassword.py
checkov/terraform/checks/resource/azure/AzureSearchPublicNetworkAccessDisabled.py
checkov/terraform/checks/resource/azure/AzureServiceFabricClusterProtectionLevel.py
checkov/terraform/checks/resource/azure/CosmosDBAccountsRestrictedAccess.py
checkov/terraform/checks/resource/azure/CosmosDBDisableAccessKeyWrite.py
checkov/terraform/checks/resource/azure/CosmosDBDisablesPublicNetwork.py
checkov/terraform/checks/resource/azure/CosmosDBHaveCMK.py
checkov/terraform/checks/resource/azure/CutsomRoleDefinitionSubscriptionOwner.py
checkov/terraform/checks/resource/azure/DataExplorerUsesDiskEncryption.py
checkov/terraform/checks/resource/azure/DataFactoryNoPublicNetworkAccess.py
checkov/terraform/checks/resource/azure/DataFactoryUsesGitRepository.py
checkov/terraform/checks/resource/azure/DataLakeStoreEncryption.py
checkov/terraform/checks/resource/azure/EventgridDomainNetworkAccess.py
checkov/terraform/checks/resource/azure/FrontdoorUseWAFMode.py
checkov/terraform/checks/resource/azure/FunctionAppDisallowCORS.py
checkov/terraform/checks/resource/azure/FunctionAppHttpVersionLatest.py
checkov/terraform/checks/resource/azure/FunctionAppsAccessibleOverHttps.py
checkov/terraform/checks/resource/azure/FunctionAppsEnableAuthentication.py
checkov/terraform/checks/resource/azure/IoTNoPublicNetworkAccess.py
checkov/terraform/checks/resource/azure/KeyBackedByHSM.py
checkov/terraform/checks/resource/azure/KeyExpirationDate.py
checkov/terraform/checks/resource/azure/KeyVaultEnablesFirewallRulesSettings.py
checkov/terraform/checks/resource/azure/KeyVaultEnablesPurgeProtection.py
checkov/terraform/checks/resource/azure/KeyVaultEnablesSoftDelete.py
checkov/terraform/checks/resource/azure/KeyvaultRecoveryEnabled.py
checkov/terraform/checks/resource/azure/MSSQLServerMinTLSVersion.py
checkov/terraform/checks/resource/azure/MariaDBGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/MariaDBPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/MariaDBSSLEnforcementEnabled.py
checkov/terraform/checks/resource/azure/MonitorLogProfileCategories.py
checkov/terraform/checks/resource/azure/MonitorLogProfileRetentionDays.py
checkov/terraform/checks/resource/azure/MySQLEncryptionEnaled.py
checkov/terraform/checks/resource/azure/MySQLGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/MySQLPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/MySQLServerMinTLSVersion.py
checkov/terraform/checks/resource/azure/MySQLServerPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/MySQLServerSSLEnforcementEnabled.py
checkov/terraform/checks/resource/azure/MySQLTreatDetectionEnabled.py
checkov/terraform/checks/resource/azure/NSGRulePortAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRuleRDPAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRuleSSHAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRuleUDPAccessRestricted.py
checkov/terraform/checks/resource/azure/NetworkInterfaceEnableIPForwarding.py
checkov/terraform/checks/resource/azure/NetworkInterfacePublicIPAddressId.py
checkov/terraform/checks/resource/azure/NetworkWatcherFlowLogPeriod.py
checkov/terraform/checks/resource/azure/PostgersSQLEncryptionEnaled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerConnectionThrottlingEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerLogCheckpointsEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerLogConnectionsEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerSSLEnforcementEnabled.py
checkov/terraform/checks/resource/azure/PostgresSQLTreatDetectionEnabled.py
checkov/terraform/checks/resource/azure/PostgressSQLGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/RedisCacheEnableNonSSLPort.py
checkov/terraform/checks/resource/azure/RedisCachePublicNetworkAccessEnabled.py
checkov/terraform/checks/resource/azure/RemoteDebggingNotEnabled.py
checkov/terraform/checks/resource/azure/SQLServerAuditPolicyRetentionPeriod.py
checkov/terraform/checks/resource/azure/SQLServerAuditingEnabled.py
checkov/terraform/checks/resource/azure/SQLServerAuditingRetention90Days.py
checkov/terraform/checks/resource/azure/SQLServerEmailAlertsEnabled.py
checkov/terraform/checks/resource/azure/SQLServerEmailAlertsToAdminsEnabled.py
checkov/terraform/checks/resource/azure/SQLServerNoPublicAccess.py
checkov/terraform/checks/resource/azure/SQLServerPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/SQLServerThreatDetectionTypes.py
checkov/terraform/checks/resource/azure/SecretContentType.py
checkov/terraform/checks/resource/azure/SecretExpirationDate.py
checkov/terraform/checks/resource/azure/SecurityCenterContactEmailAlert.py
checkov/terraform/checks/resource/azure/SecurityCenterContactEmailAlertAdmins.py
checkov/terraform/checks/resource/azure/SecurityCenterContactEmails.py
checkov/terraform/checks/resource/azure/SecurityCenterContactPhone.py
checkov/terraform/checks/resource/azure/SecurityCenterStandardPricing.py
checkov/terraform/checks/resource/azure/StorageAccountAzureServicesAccessEnabled.py
checkov/terraform/checks/resource/azure/StorageAccountDefaultNetworkAccessDeny.py
checkov/terraform/checks/resource/azure/StorageAccountDisablePublicAccess.py
checkov/terraform/checks/resource/azure/StorageAccountEnablesSecureTransfer.py
checkov/terraform/checks/resource/azure/StorageAccountLoggingQueueServiceEnabled.py
checkov/terraform/checks/resource/azure/StorageAccountMinimumTlsVersion.py
checkov/terraform/checks/resource/azure/StorageAccountName.py
checkov/terraform/checks/resource/azure/StorageAccountsTransportEncryption.py
checkov/terraform/checks/resource/azure/StorageBlobServiceContainerPrivateAccess.py
checkov/terraform/checks/resource/azure/StorageSyncPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/SynapseWorkspaceEnablesManagedVirtualNetworks.py
checkov/terraform/checks/resource/azure/VMCredsInCustomData.py
checkov/terraform/checks/resource/azure/VMEncryptionAtHostEnabled.py
checkov/terraform/checks/resource/azure/VMScaleSetsAutoOSImagePatchingEnabled.py
checkov/terraform/checks/resource/azure/VMStorageOsDisk.py
checkov/terraform/checks/resource/azure/__init__.py
checkov/terraform/checks/resource/gcp/AbsGoogleComputeFirewallUnrestrictedIngress.py
checkov/terraform/checks/resource/gcp/AbsGoogleIAMMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/AbsGoogleImpersonationRoles.py
checkov/terraform/checks/resource/gcp/CloudStorageLogging.py
checkov/terraform/checks/resource/gcp/CloudStorageSelfLogging.py
checkov/terraform/checks/resource/gcp/GKEAliasIpEnabled.py
checkov/terraform/checks/resource/gcp/GKEBasicAuth.py
checkov/terraform/checks/resource/gcp/GKEBinaryAuthorization.py
checkov/terraform/checks/resource/gcp/GKEClientCertificateEnabled.py
checkov/terraform/checks/resource/gcp/GKEClusterLogging.py
checkov/terraform/checks/resource/gcp/GKEDisableLegacyAuth.py
checkov/terraform/checks/resource/gcp/GKEEnableShieldedNodes.py
checkov/terraform/checks/resource/gcp/GKEEnableVPCFlowLogs.py
checkov/terraform/checks/resource/gcp/GKEEnsureIntegrityMonitoring.py
checkov/terraform/checks/resource/gcp/GKEHasLabels.py
checkov/terraform/checks/resource/gcp/GKEKubernetesRBACGoogleGroups.py
checkov/terraform/checks/resource/gcp/GKELegacyInstanceMetadataDisabled.py
checkov/terraform/checks/resource/gcp/GKEMasterAuthorizedNetworksEnabled.py
checkov/terraform/checks/resource/gcp/GKEMetadataServerisEnabled.py
checkov/terraform/checks/resource/gcp/GKEMonitoringEnabled.py
checkov/terraform/checks/resource/gcp/GKENetworkPolicyEnabled.py
checkov/terraform/checks/resource/gcp/GKENodePoolAutoRepairEnabled.py
checkov/terraform/checks/resource/gcp/GKENodePoolAutoUpgradeEnabled.py
checkov/terraform/checks/resource/gcp/GKEPodSecurityPolicyEnabled.py
checkov/terraform/checks/resource/gcp/GKEPrivateClusterConfig.py
checkov/terraform/checks/resource/gcp/GKEPrivateNodes.py
checkov/terraform/checks/resource/gcp/GKEPublicControlPlane.py
checkov/terraform/checks/resource/gcp/GKEReleaseChannel.py
checkov/terraform/checks/resource/gcp/GKESecureBootforShieldedNodes.py
checkov/terraform/checks/resource/gcp/GKEUseCosImage.py
checkov/terraform/checks/resource/gcp/GoogleBigQueryDatasetPublicACL.py
checkov/terraform/checks/resource/gcp/GoogleCloudDNSKeySpecsRSASHA1.py
checkov/terraform/checks/resource/gcp/GoogleCloudDNSSECEnabled.py
checkov/terraform/checks/resource/gcp/GoogleCloudMySqlLocalInfileOff.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogCheckpoints.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogConnection.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogDisconnection.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogLockWaits.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogMinDuration.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogMinMessage.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogTemp.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlBackupConfiguration.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlDatabasePublicallyAccessible.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlDatabaseRequireSsl.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlServerContainedDBAuthentication.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlServerCrossDBOwnershipChaining.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlServerNoPublicIP.py
checkov/terraform/checks/resource/gcp/GoogleComputeBlockProjectSSH.py
checkov/terraform/checks/resource/gcp/GoogleComputeBootDiskEncryption.py
checkov/terraform/checks/resource/gcp/GoogleComputeDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleComputeDefaultServiceAccountFullAccess.py
checkov/terraform/checks/resource/gcp/GoogleComputeDiskEncryption.py
checkov/terraform/checks/resource/gcp/GoogleComputeExternalIP.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress22.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress3389.py
checkov/terraform/checks/resource/gcp/GoogleComputeIPForward.py
checkov/terraform/checks/resource/gcp/GoogleComputeInstanceOSLogin.py
checkov/terraform/checks/resource/gcp/GoogleComputeProjectOSLogin.py
checkov/terraform/checks/resource/gcp/GoogleComputeSSLPolicy.py
checkov/terraform/checks/resource/gcp/GoogleComputeSerialPorts.py
checkov/terraform/checks/resource/gcp/GoogleComputeShieldedVM.py
checkov/terraform/checks/resource/gcp/GoogleFolderImpersonationRole.py
checkov/terraform/checks/resource/gcp/GoogleFolderMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleKMSRotationPeriod.py
checkov/terraform/checks/resource/gcp/GoogleOrgImpersonationRole.py
checkov/terraform/checks/resource/gcp/GoogleOrgMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleProjectAdminServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleProjectDefaultNetwork.py
checkov/terraform/checks/resource/gcp/GoogleProjectImpersonationRole.py
checkov/terraform/checks/resource/gcp/GoogleProjectMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleRoleServiceAccountUser.py
checkov/terraform/checks/resource/gcp/GoogleStorageBucketNotPublic.py
checkov/terraform/checks/resource/gcp/GoogleStorageBucketUniformAccess.py
checkov/terraform/checks/resource/gcp/GoogleSubnetworkLoggingEnabled.py
checkov/terraform/checks/resource/gcp/__init__.py
checkov/terraform/checks/resource/github/PrivateRepo.py
checkov/terraform/checks/resource/github/__init__.py
checkov/terraform/checks/resource/linode/__init__.py
checkov/terraform/checks/resource/linode/authorized_keys.py
checkov/terraform/checks/utils/__init__.py
checkov/terraform/checks/utils/consts.py
checkov/terraform/checks/utils/dependency_path_handler.py
checkov/terraform/checks/utils/iam_terraform_document_to_policy_converter.py
checkov/terraform/context_parsers/__init__.py
checkov/terraform/context_parsers/base_parser.py
checkov/terraform/context_parsers/registry.py
checkov/terraform/context_parsers/parsers/__init__.py
checkov/terraform/context_parsers/parsers/data_context_parser.py
checkov/terraform/context_parsers/parsers/locals_context_parser.py
checkov/terraform/context_parsers/parsers/module_context_parser.py
checkov/terraform/context_parsers/parsers/provider_context_parser.py
checkov/terraform/context_parsers/parsers/resource_context_parser.py
checkov/terraform/context_parsers/parsers/variable_context_parser.py
checkov/terraform/context_parsers/tf_plan/__init__.py
checkov/terraform/evaluation/__init__.py
checkov/terraform/evaluation/base_variable_evaluation.py
checkov/terraform/graph_builder/__init__.py
checkov/terraform/graph_builder/graph_to_tf_definitions.py
checkov/terraform/graph_builder/local_graph.py
checkov/terraform/graph_builder/utils.py
checkov/terraform/graph_builder/graph_components/__init__.py
checkov/terraform/graph_builder/graph_components/attribute_names.py
checkov/terraform/graph_builder/graph_components/block_types.py
checkov/terraform/graph_builder/graph_components/blocks.py
checkov/terraform/graph_builder/graph_components/generic_resource_encryption.py
checkov/terraform/graph_builder/graph_components/module.py
checkov/terraform/graph_builder/variable_rendering/__init__.py
checkov/terraform/graph_builder/variable_rendering/evaluate_terraform.py
checkov/terraform/graph_builder/variable_rendering/renderer.py
checkov/terraform/graph_builder/variable_rendering/safe_eval_functions.py
checkov/terraform/graph_builder/variable_rendering/vertex_reference.py
checkov/terraform/module_loading/__init__.py
checkov/terraform/module_loading/content.py
checkov/terraform/module_loading/loader.py
checkov/terraform/module_loading/registry.py
checkov/terraform/module_loading/loaders/__init__.py
checkov/terraform/module_loading/loaders/bitbucket_loader.py
checkov/terraform/module_loading/loaders/git_loader.py
checkov/terraform/module_loading/loaders/github_loader.py
checkov/terraform/module_loading/loaders/local_path_loader.py
checkov/terraform/module_loading/loaders/registry_loader.py
checkov/terraform/module_loading/loaders/versions_parser.py
checkov/terraform/tag_providers/__init__.py
checkov/terraform/tag_providers/aws.py
checkov/terraform/tag_providers/azure.py
checkov/terraform/tag_providers/gcp.py