Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Skipping checks inside CloudFormation examples?
See original GitHub issueIs it possible to skip some checks in CloudFormation?
resource "aws_s3_bucket" "foo-bucket" {
region = var.region
#checkov:skip=CKV_AWS_20:The bucket is a public static content host
bucket = local.bucket_name
force_destroy = true
acl = "public-read"
}
is a Terraform example given in the docs.
Is it sufficient to just add #checkov:skip=CKV_AWS_20 inside CFN Resource? If so, it would be great to have that in the docs too.
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Suppressing and Skipping Policies - checkov
To skip a check on a given Terraform definition block or CloudFormation resource, apply the following comment pattern inside its scope: ...
Read more >Troubleshooting CloudFormation - AWS Documentation
After the rollback is complete, the state of the skipped resources will be inconsistent with the state of the resources in the stack...
Read more >[BUG] # in custom message skips that rule check #92 - GitHub
Describe the bug "#" in custom message skips that rule entirely. To Reproduce Please supply: An example rule set and template that results ......
Read more >How to check if specific resource already exists in ...
My question is how do I check if my S3 bucket exists first inside the cloudformation script, and if it does, then skip...
Read more >10 Solutions to Common CloudFormation Errors - Medium
Your options for utilizing either JSON or YAML templates can lead to these minor hiccups that are easily encountered when it's late in...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@tomaszdudek7 i see we have a UT for it here: https://github.com/bridgecrewio/checkov/blob/25388a34231e09ac17b266ad9db0b4c0e806e956/tests/cloudformation/parser/skip.yaml#L5
https://github.com/bridgecrewio/checkov/blob/0668a141e447bd0c50fd8db95930b0a523fa94b6/tests/cloudformation/parser/test_cfn_yaml.py#L15
i’m not sure what’s not working. can you paste here a sample of cfn that is not working for you?
done 😃 https://github.com/bridgecrewio/checkov/commit/9776a2ec02d3b0d550ca3a169c51ed557f7fea28