LICENSE
README.md
setup.py
bin/checkov
bin/checkov.cmd
checkov/__init__.py
checkov/contributor_metrics.py
checkov/logging_init.py
checkov/main.py
checkov/py.typed
checkov/runner_filter.py
checkov/version.py
checkov.egg-info/PKG-INFO
checkov.egg-info/SOURCES.txt
checkov.egg-info/dependency_links.txt
checkov.egg-info/requires.txt
checkov.egg-info/top_level.txt
checkov/argo_workflows/__init__.py
checkov/argo_workflows/runner.py
checkov/argo_workflows/checks/__init__.py
checkov/argo_workflows/checks/base_argo_workflows_check.py
checkov/argo_workflows/checks/registry.py
checkov/argo_workflows/checks/template/DefaultServiceAccount.py
checkov/argo_workflows/checks/template/RunAsNonRoot.py
checkov/argo_workflows/checks/template/__init__.py
checkov/argo_workflows/common/__init__.py
checkov/arm/__init__.py
checkov/arm/base_parameter_check.py
checkov/arm/base_registry.py
checkov/arm/base_resource_check.py
checkov/arm/base_resource_value_check.py
checkov/arm/context_parser.py
checkov/arm/registry.py
checkov/arm/runner.py
checkov/arm/checks/__init__.py
checkov/arm/checks/parameter/SecureStringParameterNoHardcodedValue.py
checkov/arm/checks/parameter/__init__.py
checkov/arm/checks/resource/AKSApiServerAuthorizedIpRanges.py
checkov/arm/checks/resource/AKSDashboardDisabled.py
checkov/arm/checks/resource/AKSLoggingEnabled.py
checkov/arm/checks/resource/AKSNetworkPolicy.py
checkov/arm/checks/resource/AKSRbacEnabled.py
checkov/arm/checks/resource/AppServiceAuthentication.py
checkov/arm/checks/resource/AppServiceClientCertificate.py
checkov/arm/checks/resource/AppServiceHTTPSOnly.py
checkov/arm/checks/resource/AppServiceHttps20Enabled.py
checkov/arm/checks/resource/AppServiceIdentity.py
checkov/arm/checks/resource/AppServiceMinTLSVersion.py
checkov/arm/checks/resource/AzureInstancePassword.py
checkov/arm/checks/resource/AzureManagedDiscEncryption.py
checkov/arm/checks/resource/AzureScaleSetPassword.py
checkov/arm/checks/resource/CosmosDBDisableAccessKeyWrite.py
checkov/arm/checks/resource/CustomRoleDefinitionSubscriptionOwner.py
checkov/arm/checks/resource/KeyvaultRecoveryEnabled.py
checkov/arm/checks/resource/MariaDBSSLEnforcementEnabled.py
checkov/arm/checks/resource/MonitorLogProfileCategories.py
checkov/arm/checks/resource/MonitorLogProfileRetentionDays.py
checkov/arm/checks/resource/MySQLServerSSLEnforcementEnabled.py
checkov/arm/checks/resource/NSGRulePortAccessRestricted.py
checkov/arm/checks/resource/NSGRuleRDPAccessRestricted.py
checkov/arm/checks/resource/NSGRuleSSHAccessRestricted.py
checkov/arm/checks/resource/NetworkWatcherFlowLogPeriod.py
checkov/arm/checks/resource/PostgreSQLServerConnectionThrottlingEnabled.py
checkov/arm/checks/resource/PostgreSQLServerLogCheckpointsEnabled.py
checkov/arm/checks/resource/PostgreSQLServerLogConnectionsEnabled.py
checkov/arm/checks/resource/PostgreSQLServerSSLEnforcementEnabled.py
checkov/arm/checks/resource/SQLServerAuditingEnabled.py
checkov/arm/checks/resource/SQLServerAuditingRetention90Days.py
checkov/arm/checks/resource/SQLServerEmailAlertsEnabled.py
checkov/arm/checks/resource/SQLServerEmailAlertsToAdminsEnabled.py
checkov/arm/checks/resource/SQLServerNoPublicAccess.py
checkov/arm/checks/resource/SQLServerThreatDetectionTypes.py
checkov/arm/checks/resource/SecretExpirationDate.py
checkov/arm/checks/resource/SecurityCenterContactEmailAlert.py
checkov/arm/checks/resource/SecurityCenterContactEmailAlertAdmins.py
checkov/arm/checks/resource/SecurityCenterContactPhone.py
checkov/arm/checks/resource/SecurityCenterStandardPricing.py
checkov/arm/checks/resource/StorageAccountAzureServicesAccessEnabled.py
checkov/arm/checks/resource/StorageAccountDefaultNetworkAccessDeny.py
checkov/arm/checks/resource/StorageAccountLoggingQueueServiceEnabled.py
checkov/arm/checks/resource/StorageAccountsTransportEncryption.py
checkov/arm/checks/resource/StorageBlobServiceContainerPrivateAccess.py
checkov/arm/checks/resource/__init__.py
checkov/arm/parser/__init__.py
checkov/arm/parser/cfn_yaml.py
checkov/azure_pipelines/__init__.py
checkov/azure_pipelines/runner.py
checkov/azure_pipelines/checks/__init__.py
checkov/azure_pipelines/checks/base_azure_pipelines_check.py
checkov/azure_pipelines/checks/registry.py
checkov/azure_pipelines/checks/job/ContainerDigest.py
checkov/azure_pipelines/checks/job/ContainerLatestTag.py
checkov/azure_pipelines/checks/job/SetSecretVariable.py
checkov/azure_pipelines/checks/job/__init__.py
checkov/bicep/__init__.py
checkov/bicep/graph_manager.py
checkov/bicep/parser.py
checkov/bicep/runner.py
checkov/bicep/utils.py
checkov/bicep/checks/__init__.py
checkov/bicep/checks/graph_checks/SQLServerAuditingEnabled.yaml
checkov/bicep/checks/graph_checks/__init__.py
checkov/bicep/checks/param/__init__.py
checkov/bicep/checks/param/base_param_check.py
checkov/bicep/checks/param/base_registry.py
checkov/bicep/checks/param/registry.py
checkov/bicep/checks/param/azure/SecureStringParameterNoHardcodedValue.py
checkov/bicep/checks/param/azure/__init__.py
checkov/bicep/checks/resource/__init__.py
checkov/bicep/checks/resource/base_registry.py
checkov/bicep/checks/resource/base_resource_check.py
checkov/bicep/checks/resource/base_resource_value_check.py
checkov/bicep/checks/resource/registry.py
checkov/bicep/checks/resource/azure/StorageAccountAzureServicesAccessEnabled.py
checkov/bicep/checks/resource/azure/StorageAccountDefaultNetworkAccessDeny.py
checkov/bicep/checks/resource/azure/StorageAccountsTransportEncryption.py
checkov/bicep/checks/resource/azure/__init__.py
checkov/bicep/graph_builder/__init__.py
checkov/bicep/graph_builder/context_definitions.py
checkov/bicep/graph_builder/graph_to_tf_definitions.py
checkov/bicep/graph_builder/local_graph.py
checkov/bicep/graph_builder/graph_components/__init__.py
checkov/bicep/graph_builder/graph_components/block_types.py
checkov/bicep/graph_builder/graph_components/blocks.py
checkov/bicep/graph_builder/variable_rendering/__init__.py
checkov/bicep/graph_builder/variable_rendering/renderer.py
checkov/bicep/image_referencer/__init__.py
checkov/bicep/image_referencer/base_provider.py
checkov/bicep/image_referencer/manager.py
checkov/bicep/image_referencer/provider/__init__.py
checkov/bicep/image_referencer/provider/azure.py
checkov/bitbucket/__init__.py
checkov/bitbucket/base_bitbucket_configuration_check.py
checkov/bitbucket/dal.py
checkov/bitbucket/registry.py
checkov/bitbucket/runner.py
checkov/bitbucket/checks/__init__.py
checkov/bitbucket/checks/merge_requests_approvals.py
checkov/bitbucket/schemas/__init__.py
checkov/bitbucket/schemas/branch_restrictions.py
checkov/bitbucket_pipelines/__init__.py
checkov/bitbucket_pipelines/base_bitbucket_pipelines_check.py
checkov/bitbucket_pipelines/registry.py
checkov/bitbucket_pipelines/runner.py
checkov/bitbucket_pipelines/checks/__init__.py
checkov/bitbucket_pipelines/checks/latest_image.py
checkov/circleci_pipelines/__init__.py
checkov/circleci_pipelines/base_circleci_pipelines_check.py
checkov/circleci_pipelines/registry.py
checkov/circleci_pipelines/runner.py
checkov/circleci_pipelines/checks/DetectImagesUsage.py
checkov/circleci_pipelines/checks/ReverseShellNetcat.py
checkov/circleci_pipelines/checks/ShellInjection.py
checkov/circleci_pipelines/checks/SuspectCurlInScript.py
checkov/circleci_pipelines/checks/__init__.py
checkov/circleci_pipelines/checks/image_version_not_hash.py
checkov/circleci_pipelines/checks/latest_image.py
checkov/circleci_pipelines/checks/prevent_development_orbs.py
checkov/circleci_pipelines/checks/prevent_volatile_orbs.py
checkov/circleci_pipelines/common/__init__.py
checkov/circleci_pipelines/common/shell_injection_list.py
checkov/circleci_pipelines/image_referencer/__init__.py
checkov/circleci_pipelines/image_referencer/manager.py
checkov/circleci_pipelines/image_referencer/provider.py
checkov/cloudformation/__init__.py
checkov/cloudformation/cfn_utils.py
checkov/cloudformation/context_parser.py
checkov/cloudformation/graph_manager.py
checkov/cloudformation/runner.py
checkov/cloudformation/checks/__init__.py
checkov/cloudformation/checks/graph_checks/__init__.py
checkov/cloudformation/checks/resource/BaseCloudsplainingIAMCheck.py
checkov/cloudformation/checks/resource/__init__.py
checkov/cloudformation/checks/resource/base_registry.py
checkov/cloudformation/checks/resource/base_resource_check.py
checkov/cloudformation/checks/resource/base_resource_negative_value_check.py
checkov/cloudformation/checks/resource/base_resource_value_check.py
checkov/cloudformation/checks/resource/registry.py
checkov/cloudformation/checks/resource/aws/ALBDropHttpHeaders.py
checkov/cloudformation/checks/resource/aws/ALBListenerHTTPS.py
checkov/cloudformation/checks/resource/aws/ALBListenerTLS12.py
checkov/cloudformation/checks/resource/aws/APIGatewayAccessLogging.py
checkov/cloudformation/checks/resource/aws/APIGatewayAuthorization.py
checkov/cloudformation/checks/resource/aws/APIGatewayCacheEnable.py
checkov/cloudformation/checks/resource/aws/APIGatewayV2AccessLogging.py
checkov/cloudformation/checks/resource/aws/APIGatewayXray.py
checkov/cloudformation/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.py
checkov/cloudformation/checks/resource/aws/AmazonMQBrokerPublicAccess.py
checkov/cloudformation/checks/resource/aws/AppSyncFieldLevelLogs.py
checkov/cloudformation/checks/resource/aws/AppSyncLogging.py
checkov/cloudformation/checks/resource/aws/AthenaWorkgroupConfiguration.py
checkov/cloudformation/checks/resource/aws/AuroraEncryption.py
checkov/cloudformation/checks/resource/aws/BackupVaultEncrypted.py
checkov/cloudformation/checks/resource/aws/CloudFrontTLS12.py
checkov/cloudformation/checks/resource/aws/CloudWatchLogGroupKMSKey.py
checkov/cloudformation/checks/resource/aws/CloudWatchLogGroupRetention.py
checkov/cloudformation/checks/resource/aws/CloudfrontDistributionEncryption.py
checkov/cloudformation/checks/resource/aws/CloudfrontDistributionLogging.py
checkov/cloudformation/checks/resource/aws/CloudtrailEncryption.py
checkov/cloudformation/checks/resource/aws/CloudtrailLogValidation.py
checkov/cloudformation/checks/resource/aws/CloudtrailMultiRegion.py
checkov/cloudformation/checks/resource/aws/CodeBuildProjectEncryption.py
checkov/cloudformation/checks/resource/aws/DAXEncryption.py
checkov/cloudformation/checks/resource/aws/DMSReplicationInstancePubliclyAccessible.py
checkov/cloudformation/checks/resource/aws/DocDBAuditLogs.py
checkov/cloudformation/checks/resource/aws/DocDBEncryption.py
checkov/cloudformation/checks/resource/aws/DocDBLogging.py
checkov/cloudformation/checks/resource/aws/DocDBTLS.py
checkov/cloudformation/checks/resource/aws/DynamoDBTablesEncrypted.py
checkov/cloudformation/checks/resource/aws/DynamodbGlobalTableRecovery.py
checkov/cloudformation/checks/resource/aws/DynamodbRecovery.py
checkov/cloudformation/checks/resource/aws/EBSDefaultEncryption.py
checkov/cloudformation/checks/resource/aws/EBSEncryption.py
checkov/cloudformation/checks/resource/aws/EC2Credentials.py
checkov/cloudformation/checks/resource/aws/EC2PublicIP.py
checkov/cloudformation/checks/resource/aws/ECRImageScanning.py
checkov/cloudformation/checks/resource/aws/ECRImmutableTags.py
checkov/cloudformation/checks/resource/aws/ECRPolicy.py
checkov/cloudformation/checks/resource/aws/ECRRepositoryEncrypted.py
checkov/cloudformation/checks/resource/aws/ECSClusterContainerInsights.py
checkov/cloudformation/checks/resource/aws/ECSTaskDefinitionEFSVolumeEncryption.py
checkov/cloudformation/checks/resource/aws/EFSEncryptionEnabled.py
checkov/cloudformation/checks/resource/aws/EKSControlPlaneLogging.py
checkov/cloudformation/checks/resource/aws/EKSNodeGroupRemoteAccess.py
checkov/cloudformation/checks/resource/aws/EKSPublicAccess.py
checkov/cloudformation/checks/resource/aws/EKSPublicAccessCIDR.py
checkov/cloudformation/checks/resource/aws/EKSSecretsEncryption.py
checkov/cloudformation/checks/resource/aws/ELBAccessLogs.py
checkov/cloudformation/checks/resource/aws/ELBv2AccessLogs.py
checkov/cloudformation/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtRest.py
checkov/cloudformation/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransit.py
checkov/cloudformation/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransitAuthToken.py
checkov/cloudformation/checks/resource/aws/ElasticsearchDomainEnforceHTTPS.py
checkov/cloudformation/checks/resource/aws/ElasticsearchDomainLogging.py
checkov/cloudformation/checks/resource/aws/ElasticsearchEncryption.py
checkov/cloudformation/checks/resource/aws/ElasticsearchNodeToNodeEncryption.py
checkov/cloudformation/checks/resource/aws/GlobalAcceleratorAcceleratorFlowLogs.py
checkov/cloudformation/checks/resource/aws/GlueDataCatalogEncryption.py
checkov/cloudformation/checks/resource/aws/GlueSecurityConfiguration.py
checkov/cloudformation/checks/resource/aws/GlueSecurityConfigurationEnabled.py
checkov/cloudformation/checks/resource/aws/IAMAdminPolicyDocument.py
checkov/cloudformation/checks/resource/aws/IAMCredentialsExposure.py
checkov/cloudformation/checks/resource/aws/IAMDataExfiltration.py
checkov/cloudformation/checks/resource/aws/IAMPermissionsManagement.py
checkov/cloudformation/checks/resource/aws/IAMPolicyAttachedToGroupOrRoles.py
checkov/cloudformation/checks/resource/aws/IAMPrivilegeEscalation.py
checkov/cloudformation/checks/resource/aws/IAMRoleAllowAssumeFromAccount.py
checkov/cloudformation/checks/resource/aws/IAMRoleAllowsPublicAssume.py
checkov/cloudformation/checks/resource/aws/IAMStarActionPolicyDocument.py
checkov/cloudformation/checks/resource/aws/IAMWriteAccess.py
checkov/cloudformation/checks/resource/aws/IMDSv1Disabled.py
checkov/cloudformation/checks/resource/aws/KMSKeyWildCardPrincipal.py
checkov/cloudformation/checks/resource/aws/KMSRotation.py
checkov/cloudformation/checks/resource/aws/KinesisStreamEncryptionType.py
checkov/cloudformation/checks/resource/aws/LambdaDLQConfigured.py
checkov/cloudformation/checks/resource/aws/LambdaEnvironmentCredentials.py
checkov/cloudformation/checks/resource/aws/LambdaEnvironmentEncryptionSettings.py
checkov/cloudformation/checks/resource/aws/LambdaFunctionLevelConcurrentExecutionLimit.py
checkov/cloudformation/checks/resource/aws/LambdaFunctionURLAuth.py
checkov/cloudformation/checks/resource/aws/LambdaInVPC.py
checkov/cloudformation/checks/resource/aws/LaunchConfigurationEBSEncryption.py
checkov/cloudformation/checks/resource/aws/MQBrokerAuditLogging.py
checkov/cloudformation/checks/resource/aws/NeptuneClusterInstancePublic.py
checkov/cloudformation/checks/resource/aws/NeptuneClusterLogging.py
checkov/cloudformation/checks/resource/aws/NeptuneClusterStorageEncrypted.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyExpiration.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyLength.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyLowercaseLetter.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyNumber.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyReuse.py
checkov/cloudformation/checks/resource/aws/PasswordPolicySymbol.py
checkov/cloudformation/checks/resource/aws/PasswordPolicyUppercaseLetter.py
checkov/cloudformation/checks/resource/aws/QLDBLedgerDeletionProtection.py
checkov/cloudformation/checks/resource/aws/QLDBLedgerPermissionsMode.py
checkov/cloudformation/checks/resource/aws/RDSClusterIAMAuthentication.py
checkov/cloudformation/checks/resource/aws/RDSEncryption.py
checkov/cloudformation/checks/resource/aws/RDSEnhancedMonitorEnabled.py
checkov/cloudformation/checks/resource/aws/RDSIAMAuthentication.py
checkov/cloudformation/checks/resource/aws/RDSMultiAZEnabled.py
checkov/cloudformation/checks/resource/aws/RDSPubliclyAccessible.py
checkov/cloudformation/checks/resource/aws/RedShiftSSL.py
checkov/cloudformation/checks/resource/aws/RedshiftClusterEncryption.py
checkov/cloudformation/checks/resource/aws/RedshiftClusterLogging.py
checkov/cloudformation/checks/resource/aws/RedshiftClusterPubliclyAccessible.py
checkov/cloudformation/checks/resource/aws/RedshiftInEc2ClassicMode.py
checkov/cloudformation/checks/resource/aws/S3AccessLogs.py
checkov/cloudformation/checks/resource/aws/S3BlockPublicACLs.py
checkov/cloudformation/checks/resource/aws/S3BlockPublicPolicy.py
checkov/cloudformation/checks/resource/aws/S3Encryption.py
checkov/cloudformation/checks/resource/aws/S3IgnorePublicACLs.py
checkov/cloudformation/checks/resource/aws/S3PublicACLRead.py
checkov/cloudformation/checks/resource/aws/S3PublicACLWrite.py
checkov/cloudformation/checks/resource/aws/S3RestrictPublicBuckets.py
checkov/cloudformation/checks/resource/aws/S3Versioning.py
checkov/cloudformation/checks/resource/aws/SNSTopicEncryption.py
checkov/cloudformation/checks/resource/aws/SQSQueueEncryption.py
checkov/cloudformation/checks/resource/aws/SecretManagerSecretEncrypted.py
checkov/cloudformation/checks/resource/aws/SecurityGroupRuleDescription.py
checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress22.py
checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.py
checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress80.py
checkov/cloudformation/checks/resource/aws/TimestreamDatabaseKMSKey.py
checkov/cloudformation/checks/resource/aws/TransferServerIsPublic.py
checkov/cloudformation/checks/resource/aws/VPCEndpointAcceptanceConfigured.py
checkov/cloudformation/checks/resource/aws/WAFACLCVE202144228.py
checkov/cloudformation/checks/resource/aws/WAFEnabled.py
checkov/cloudformation/checks/resource/aws/WorkspaceRootVolumeEncrypted.py
checkov/cloudformation/checks/resource/aws/WorkspaceUserVolumeEncrypted.py
checkov/cloudformation/checks/resource/aws/__init__.py
checkov/cloudformation/checks/utils/__init__.py
checkov/cloudformation/checks/utils/iam_cloudformation_document_to_policy_converter.py
checkov/cloudformation/graph_builder/__init__.py
checkov/cloudformation/graph_builder/graph_to_definitions.py
checkov/cloudformation/graph_builder/local_graph.py
checkov/cloudformation/graph_builder/utils.py
checkov/cloudformation/graph_builder/graph_components/__init__.py
checkov/cloudformation/graph_builder/graph_components/block_types.py
checkov/cloudformation/graph_builder/graph_components/blocks.py
checkov/cloudformation/graph_builder/graph_components/generic_resource_encryption.py
checkov/cloudformation/graph_builder/variable_rendering/__init__.py
checkov/cloudformation/graph_builder/variable_rendering/renderer.py
checkov/cloudformation/graph_builder/variable_rendering/vertex_reference.py
checkov/cloudformation/image_referencer/__init__.py
checkov/cloudformation/image_referencer/base_provider.py
checkov/cloudformation/image_referencer/manager.py
checkov/cloudformation/image_referencer/provider/__init__.py
checkov/cloudformation/image_referencer/provider/aws.py
checkov/cloudformation/parser/__init__.py
checkov/cloudformation/parser/cfn_keywords.py
checkov/cloudformation/parser/cfn_yaml.py
checkov/common/__init__.py
checkov/common/multi_signature.py
checkov/common/typing.py
checkov/common/version_manager.py
checkov/common/bridgecrew/__init__.py
checkov/common/bridgecrew/bc_source.py
checkov/common/bridgecrew/check_type.py
checkov/common/bridgecrew/code_categories.py
checkov/common/bridgecrew/licensing.py
checkov/common/bridgecrew/platform_errors.py
checkov/common/bridgecrew/platform_integration.py
checkov/common/bridgecrew/platform_key.py
checkov/common/bridgecrew/severities.py
checkov/common/bridgecrew/wrapper.py
checkov/common/bridgecrew/integration_features/__init__.py
checkov/common/bridgecrew/integration_features/base_integration_feature.py
checkov/common/bridgecrew/integration_features/integration_feature_registry.py
checkov/common/bridgecrew/integration_features/features/__init__.py
checkov/common/bridgecrew/integration_features/features/custom_policies_integration.py
checkov/common/bridgecrew/integration_features/features/fixes_integration.py
checkov/common/bridgecrew/integration_features/features/licensing_integration.py
checkov/common/bridgecrew/integration_features/features/policy_metadata_integration.py
checkov/common/bridgecrew/integration_features/features/repo_config_integration.py
checkov/common/bridgecrew/integration_features/features/suppressions_integration.py
checkov/common/bridgecrew/run_metadata/__init__.py
checkov/common/bridgecrew/run_metadata/abstract_run_metadata_extractor.py
checkov/common/bridgecrew/run_metadata/ci_variables.py
checkov/common/bridgecrew/run_metadata/registry.py
checkov/common/bridgecrew/run_metadata/extractors/__init__.py
checkov/common/bridgecrew/run_metadata/extractors/bitbucket.py
checkov/common/bridgecrew/run_metadata/extractors/default_extractor.py
checkov/common/bridgecrew/run_metadata/extractors/github_actions.py
checkov/common/bridgecrew/run_metadata/extractors/gitlab_ci.py
checkov/common/bridgecrew/run_metadata/extractors/jenkins.py
checkov/common/bridgecrew/vulnerability_scanning/__init__.py
checkov/common/bridgecrew/vulnerability_scanning/image_scanner.py
checkov/common/bridgecrew/vulnerability_scanning/report.py
checkov/common/bridgecrew/vulnerability_scanning/integrations/__init__.py
checkov/common/bridgecrew/vulnerability_scanning/integrations/docker_image_scanning.py
checkov/common/bridgecrew/vulnerability_scanning/integrations/package_scanning.py
checkov/common/bridgecrew/vulnerability_scanning/integrations/twistcli.py
checkov/common/checks/__init__.py
checkov/common/checks/base_check.py
checkov/common/checks/base_check_registry.py
checkov/common/checks/enums.py
checkov/common/checks/object_registry.py
checkov/common/checks_infra/__init__.py
checkov/common/checks_infra/checks_parser.py
checkov/common/checks_infra/registry.py
checkov/common/checks_infra/resources_types.py
checkov/common/checks_infra/solvers/__init__.py
checkov/common/checks_infra/solvers/attribute_solvers/__init__.py
checkov/common/checks_infra/solvers/attribute_solvers/any_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/base_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/base_number_of_words_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/contains_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/ending_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/equals_ignore_case_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/exists_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/greater_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/greater_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/intersects_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/is_empty_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/is_false_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/is_not_empty_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/is_true_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/length_equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/length_greater_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/length_greater_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/length_less_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/length_less_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/length_not_equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/less_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/less_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_contains_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_ending_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_equals_ignore_case_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_exists_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_intersects_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_regex_match_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_starting_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_subset_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/not_within_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/number_of_words_equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/number_of_words_greater_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/number_of_words_greater_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/number_of_words_less_than_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/number_of_words_less_than_or_equal_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/number_of_words_not_equals_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/range_includes_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/range_not_includes_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/regex_match_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/starting_with_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/subset_attribute_solver.py
checkov/common/checks_infra/solvers/attribute_solvers/within_attribute_solver.py
checkov/common/checks_infra/solvers/complex_solvers/__init__.py
checkov/common/checks_infra/solvers/complex_solvers/and_solver.py
checkov/common/checks_infra/solvers/complex_solvers/base_complex_solver.py
checkov/common/checks_infra/solvers/complex_solvers/not_solver.py
checkov/common/checks_infra/solvers/complex_solvers/or_solver.py
checkov/common/checks_infra/solvers/connections_solvers/__init__.py
checkov/common/checks_infra/solvers/connections_solvers/and_connection_solver.py
checkov/common/checks_infra/solvers/connections_solvers/base_connection_solver.py
checkov/common/checks_infra/solvers/connections_solvers/complex_connection_solver.py
checkov/common/checks_infra/solvers/connections_solvers/connection_exists_solver.py
checkov/common/checks_infra/solvers/connections_solvers/connection_not_exists_solver.py
checkov/common/checks_infra/solvers/connections_solvers/connection_one_exists_solver.py
checkov/common/checks_infra/solvers/connections_solvers/or_connection_solver.py
checkov/common/checks_infra/solvers/filter_solvers/__init__.py
checkov/common/checks_infra/solvers/filter_solvers/base_filter_solver.py
checkov/common/checks_infra/solvers/filter_solvers/within_filter_solver.py
checkov/common/comment/__init__.py
checkov/common/comment/enum.py
checkov/common/goget/__init__.py
checkov/common/goget/base_getter.py
checkov/common/goget/github/__init__.py
checkov/common/goget/github/get_git.py
checkov/common/goget/registry/__init__.py
checkov/common/goget/registry/get_registry.py
checkov/common/graph/__init__.py
checkov/common/graph/graph_manager.py
checkov/common/graph/checks_infra/__init__.py
checkov/common/graph/checks_infra/base_check.py
checkov/common/graph/checks_infra/base_parser.py
checkov/common/graph/checks_infra/enums.py
checkov/common/graph/checks_infra/registry.py
checkov/common/graph/checks_infra/solvers/__init__.py
checkov/common/graph/checks_infra/solvers/base_solver.py
checkov/common/graph/db_connectors/__init__.py
checkov/common/graph/db_connectors/db_connector.py
checkov/common/graph/db_connectors/networkx/__init__.py
checkov/common/graph/db_connectors/networkx/networkx_db_connector.py
checkov/common/graph/graph_builder/__init__.py
checkov/common/graph/graph_builder/graph_resources_encription_manager.py
checkov/common/graph/graph_builder/local_graph.py
checkov/common/graph/graph_builder/utils.py
checkov/common/graph/graph_builder/graph_components/__init__.py
checkov/common/graph/graph_builder/graph_components/attribute_names.py
checkov/common/graph/graph_builder/graph_components/block_types.py
checkov/common/graph/graph_builder/graph_components/blocks.py
checkov/common/graph/graph_builder/graph_components/edge.py
checkov/common/graph/graph_builder/graph_components/generic_resource_encryption_base.py
checkov/common/graph/graph_builder/variable_rendering/__init__.py
checkov/common/graph/graph_builder/variable_rendering/breadcrumb_metadata.py
checkov/common/graph/graph_builder/variable_rendering/renderer.py
checkov/common/graph/graph_builder/variable_rendering/vertex_reference.py
checkov/common/images/__init__.py
checkov/common/images/image_referencer.py
checkov/common/models/__init__.py
checkov/common/models/consts.py
checkov/common/models/enums.py
checkov/common/output/__init__.py
checkov/common/output/baseline.py
checkov/common/output/common.py
checkov/common/output/csv.py
checkov/common/output/cyclonedx.py
checkov/common/output/cyclonedx_consts.py
checkov/common/output/extra_resource.py
checkov/common/output/github_actions_record.py
checkov/common/output/graph_record.py
checkov/common/output/record.py
checkov/common/output/report.py
checkov/common/packaging/__init__.py
checkov/common/packaging/version.py
checkov/common/parallelizer/__init__.py
checkov/common/parallelizer/parallel_runner.py
checkov/common/parsers/__init__.py
checkov/common/parsers/node.py
checkov/common/parsers/json/__init__.py
checkov/common/parsers/json/decoder.py
checkov/common/parsers/json/errors.py
checkov/common/parsers/yaml/__init__.py
checkov/common/parsers/yaml/loader.py
checkov/common/parsers/yaml/parser.py
checkov/common/runners/__init__.py
checkov/common/runners/base_runner.py
checkov/common/runners/graph_manager.py
checkov/common/runners/object_runner.py
checkov/common/runners/runner_registry.py
checkov/common/runners/graph_builder/__init__.py
checkov/common/runners/graph_builder/local_graph.py
checkov/common/sca/__init__.py
checkov/common/sca/commons.py
checkov/common/sca/output.py
checkov/common/util/__init__.py
checkov/common/util/banner.py
checkov/common/util/config_utils.py
checkov/common/util/consts.py
checkov/common/util/data_structures_utils.py
checkov/common/util/dockerfile.py
checkov/common/util/docs_generator.py
checkov/common/util/ext_argument_parser.py
checkov/common/util/file_utils.py
checkov/common/util/http_utils.py
checkov/common/util/json_utils.py
checkov/common/util/parser_utils.py
checkov/common/util/prompt.py
checkov/common/util/runner_dependency_handler.py
checkov/common/util/secrets.py
checkov/common/util/secrets_omitter.py
checkov/common/util/str_utils.py
checkov/common/util/suppression.py
checkov/common/util/tqdm_utils.py
checkov/common/util/type_forcers.py
checkov/common/util/var_utils.py
checkov/common/util/templates/__init__.py
checkov/common/util/templates/data.jinja2
checkov/common/util/templates/init.jinja2
checkov/common/util/templates/provider.jinja2
checkov/common/util/templates/resource.jinja2
checkov/common/util/templates/unittest-python.jinja2
checkov/common/util/templates/unittest-terraform.jinja2
checkov/common/variables/__init__.py
checkov/common/variables/context.py
checkov/common/vcs/__init__.py
checkov/common/vcs/base_vcs_dal.py
checkov/common/vcs/vcs_schema.py
checkov/dockerfile/__init__.py
checkov/dockerfile/base_dockerfile_check.py
checkov/dockerfile/base_registry.py
checkov/dockerfile/graph_manager.py
checkov/dockerfile/parser.py
checkov/dockerfile/registry.py
checkov/dockerfile/runner.py
checkov/dockerfile/utils.py
checkov/dockerfile/checks/AddExists.py
checkov/dockerfile/checks/AliasIsUnique.py
checkov/dockerfile/checks/ExposePort22.py
checkov/dockerfile/checks/HealthcheckExists.py
checkov/dockerfile/checks/MaintainerExists.py
checkov/dockerfile/checks/ReferenceLatestTag.py
checkov/dockerfile/checks/RootUser.py
checkov/dockerfile/checks/RunUsingAPT.py
checkov/dockerfile/checks/UpdateNotAlone.py
checkov/dockerfile/checks/UserExists.py
checkov/dockerfile/checks/WorkdirIsAbsolute.py
checkov/dockerfile/checks/__init__.py
checkov/dockerfile/checks/graph_checks/RunUsingSudo.yaml
checkov/dockerfile/checks/graph_checks/__init__.py
checkov/dockerfile/graph_builder/__init__.py
checkov/dockerfile/graph_builder/local_graph.py
checkov/dockerfile/graph_builder/graph_components/__init__.py
checkov/dockerfile/graph_builder/graph_components/resource_types.py
checkov/dockerfile/image_referencer/__init__.py
checkov/dockerfile/image_referencer/manager.py
checkov/dockerfile/image_referencer/provider.py
checkov/example_runner/__init__.py
checkov/example_runner/runner.py
checkov/example_runner/checks/__init__.py
checkov/example_runner/checks/base_example_runner_check.py
checkov/example_runner/checks/base_example_runner_job_check.py
checkov/example_runner/checks/job_registry.py
checkov/example_runner/checks/job/ExampleCheckTrueFalse.py
checkov/example_runner/checks/job/__init__.py
checkov/example_runner/common/__init__.py
checkov/github/__init__.py
checkov/github/base_github_branch_security.py
checkov/github/base_github_configuration_check.py
checkov/github/base_github_negative_branch_security.py
checkov/github/base_github_org_check.py
checkov/github/base_github_org_security.py
checkov/github/dal.py
checkov/github/registry.py
checkov/github/runner.py
checkov/github/checks/2fa.py
checkov/github/checks/__init__.py
checkov/github/checks/disallow_branch_deletions.py
checkov/github/checks/disallow_force_pushes.py
checkov/github/checks/disallow_inactive_branch_60days.py
checkov/github/checks/dismiss_stale_reviews.py
checkov/github/checks/enforce_branch_protection_admins.py
checkov/github/checks/internal_repository_creation_is_limited.py
checkov/github/checks/ipallowlist.py
checkov/github/checks/minimum_admins_in_org.py
checkov/github/checks/private_repository_creation_is_limited.py
checkov/github/checks/public_repository_creation_is_limited.py
checkov/github/checks/repository_collaborators.py
checkov/github/checks/require_2approvals.py
checkov/github/checks/require_code_owner_reviews.py
checkov/github/checks/require_conversation_resolution.py
checkov/github/checks/require_linear_history.py
checkov/github/checks/require_push_restrictions.py
checkov/github/checks/require_signatures.py
checkov/github/checks/require_status_checks_pr.py
checkov/github/checks/require_strict_base_permissions_repository.py
checkov/github/checks/require_updated_branch_pr.py
checkov/github/checks/require_verified_organization.py
checkov/github/checks/restrict_pr_review_dismissal.py
checkov/github/checks/sso.py
checkov/github/checks/webhooks_https_orgs.py
checkov/github/checks/webhooks_https_repos.py
checkov/github/schemas/__init__.py
checkov/github/schemas/branch.py
checkov/github/schemas/branch_protection.py
checkov/github/schemas/no_branch_protection.py
checkov/github/schemas/org_members.py
checkov/github/schemas/org_security.py
checkov/github/schemas/org_webhooks.py
checkov/github/schemas/organization.py
checkov/github/schemas/repository_collaborators.py
checkov/github/schemas/repository_webhooks.py
checkov/github_actions/__init__.py
checkov/github_actions/runner.py
checkov/github_actions/schemas.py
checkov/github_actions/utils.py
checkov/github_actions/checks/__init__.py
checkov/github_actions/checks/base_github_action_check.py
checkov/github_actions/checks/registry.py
checkov/github_actions/checks/graph_checks/ReadOnlyTopLevelPermissions.yaml
checkov/github_actions/checks/graph_checks/__init__.py
checkov/github_actions/checks/job/AllowUnsecureCommandsOnJob.py
checkov/github_actions/checks/job/CosignArtifacts.py
checkov/github_actions/checks/job/CosignSBOM.py
checkov/github_actions/checks/job/EmptyWorkflowDispatch.py
checkov/github_actions/checks/job/ReverseShellNetcat.py
checkov/github_actions/checks/job/ShellInjection.py
checkov/github_actions/checks/job/SuspectCurlInScript.py
checkov/github_actions/checks/job/__init__.py
checkov/github_actions/common/__init__.py
checkov/github_actions/common/artifact_build.py
checkov/github_actions/common/build_actions.py
checkov/github_actions/common/shell_injection_list.py
checkov/github_actions/graph_builder/__init__.py
checkov/github_actions/graph_builder/local_graph.py
checkov/github_actions/graph_builder/graph_components/__init__.py
checkov/github_actions/graph_builder/graph_components/resource_types.py
checkov/github_actions/image_referencer/__init__.py
checkov/github_actions/image_referencer/manager.py
checkov/github_actions/image_referencer/provider.py
checkov/gitlab/__init__.py
checkov/gitlab/base_gitlab_configuration_check.py
checkov/gitlab/dal.py
checkov/gitlab/registry.py
checkov/gitlab/runner.py
checkov/gitlab/checks/__init__.py
checkov/gitlab/checks/merge_requests_approvals.py
checkov/gitlab/checks/two_factor_authentication.py
checkov/gitlab/schemas/__init__.py
checkov/gitlab/schemas/groups.py
checkov/gitlab/schemas/project_approvals.py
checkov/gitlab_ci/__init__.py
checkov/gitlab_ci/runner.py
checkov/gitlab_ci/checks/__init__.py
checkov/gitlab_ci/checks/base_gitlab_ci_check.py
checkov/gitlab_ci/checks/registry.py
checkov/gitlab_ci/checks/job/AvoidDoublePipelines.py
checkov/gitlab_ci/checks/job/DetectImagesUsage.py
checkov/gitlab_ci/checks/job/SuspectCurlInScript.py
checkov/gitlab_ci/checks/job/__init__.py
checkov/gitlab_ci/common/__init__.py
checkov/gitlab_ci/common/reserved.py
checkov/gitlab_ci/common/resource_id_utils.py
checkov/gitlab_ci/image_referencer/__init__.py
checkov/gitlab_ci/image_referencer/manager.py
checkov/gitlab_ci/image_referencer/provider.py
checkov/helm/__init__.py
checkov/helm/base_registry.py
checkov/helm/registry.py
checkov/helm/runner.py
checkov/json_doc/__init__.py
checkov/json_doc/base_json_check.py
checkov/json_doc/base_registry.py
checkov/json_doc/enums.py
checkov/json_doc/registry.py
checkov/json_doc/runner.py
checkov/kubernetes/__init__.py
checkov/kubernetes/graph_manager.py
checkov/kubernetes/kubernetes_graph_flags.py
checkov/kubernetes/kubernetes_utils.py
checkov/kubernetes/runner.py
checkov/kubernetes/checks/__init__.py
checkov/kubernetes/checks/graph_checks/ImpersonatePermissions.yaml
checkov/kubernetes/checks/graph_checks/ModifyServicesStatus.yaml
checkov/kubernetes/checks/graph_checks/NoCreateNodesProxyOrPodsExec.yaml
checkov/kubernetes/checks/graph_checks/ReadAllSecrets.yaml
checkov/kubernetes/checks/graph_checks/RoleBindingPE.yaml
checkov/kubernetes/checks/graph_checks/__init__.py
checkov/kubernetes/checks/resource/__init__.py
checkov/kubernetes/checks/resource/base_container_check.py
checkov/kubernetes/checks/resource/base_rbac_check.py
checkov/kubernetes/checks/resource/base_registry.py
checkov/kubernetes/checks/resource/base_root_container_check.py
checkov/kubernetes/checks/resource/base_spec_check.py
checkov/kubernetes/checks/resource/base_spec_omitted_or_value_check.py
checkov/kubernetes/checks/resource/registry.py
checkov/kubernetes/checks/resource/k8s/AllowPrivilegeEscalation.py
checkov/kubernetes/checks/resource/k8s/AllowPrivilegeEscalationPSP.py
checkov/kubernetes/checks/resource/k8s/AllowedCapabilities.py
checkov/kubernetes/checks/resource/k8s/AllowedCapabilitiesPSP.py
checkov/kubernetes/checks/resource/k8s/AllowedCapabilitiesSysAdmin.py
checkov/kubernetes/checks/resource/k8s/ApiServerAdmissionControlAlwaysAdmit.py
checkov/kubernetes/checks/resource/k8s/ApiServerAdmissionControlEventRateLimit.py
checkov/kubernetes/checks/resource/k8s/ApiServerAlwaysPullImagesPlugin.py
checkov/kubernetes/checks/resource/k8s/ApiServerAnonymousAuth.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuditLog.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuditLogMaxAge.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuditLogMaxBackup.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuditLogMaxSize.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuthorizationModeNode.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuthorizationModeNotAlwaysAllow.py
checkov/kubernetes/checks/resource/k8s/ApiServerAuthorizationModeRBAC.py
checkov/kubernetes/checks/resource/k8s/ApiServerBasicAuthFile.py
checkov/kubernetes/checks/resource/k8s/ApiServerEncryptionProviders.py
checkov/kubernetes/checks/resource/k8s/ApiServerEtcdCaFile.py
checkov/kubernetes/checks/resource/k8s/ApiServerEtcdCertAndKey.py
checkov/kubernetes/checks/resource/k8s/ApiServerInsecureBindAddress.py
checkov/kubernetes/checks/resource/k8s/ApiServerInsecurePort.py
checkov/kubernetes/checks/resource/k8s/ApiServerKubeletClientCertAndKey.py
checkov/kubernetes/checks/resource/k8s/ApiServerKubeletHttps.py
checkov/kubernetes/checks/resource/k8s/ApiServerNamespaceLifecyclePlugin.py
checkov/kubernetes/checks/resource/k8s/ApiServerNodeRestrictionPlugin.py
checkov/kubernetes/checks/resource/k8s/ApiServerPodSecurityPolicyPlugin.py
checkov/kubernetes/checks/resource/k8s/ApiServerProfiling.py
checkov/kubernetes/checks/resource/k8s/ApiServerRequestTimeout.py
checkov/kubernetes/checks/resource/k8s/ApiServerSecurePort.py
checkov/kubernetes/checks/resource/k8s/ApiServerSecurityContextDenyPlugin.py
checkov/kubernetes/checks/resource/k8s/ApiServerServiceAccountKeyFile.py
checkov/kubernetes/checks/resource/k8s/ApiServerServiceAccountLookup.py
checkov/kubernetes/checks/resource/k8s/ApiServerServiceAccountPlugin.py
checkov/kubernetes/checks/resource/k8s/ApiServerStrongCryptographicCiphers.py
checkov/kubernetes/checks/resource/k8s/ApiServerTlsCertAndKey.py
checkov/kubernetes/checks/resource/k8s/ApiServerTokenAuthFile.py
checkov/kubernetes/checks/resource/k8s/ApiServerkubeletCertificateAuthority.py
checkov/kubernetes/checks/resource/k8s/CPULimits.py
checkov/kubernetes/checks/resource/k8s/CPURequests.py
checkov/kubernetes/checks/resource/k8s/ContainerSecurityContext.py
checkov/kubernetes/checks/resource/k8s/ControllerManagerBindAddress.py
checkov/kubernetes/checks/resource/k8s/DefaultNamespace.py
checkov/kubernetes/checks/resource/k8s/DefaultServiceAccount.py
checkov/kubernetes/checks/resource/k8s/DefaultServiceAccountBinding.py
checkov/kubernetes/checks/resource/k8s/DockerSocketVolume.py
checkov/kubernetes/checks/resource/k8s/DropCapabilities.py
checkov/kubernetes/checks/resource/k8s/DropCapabilitiesPSP.py
checkov/kubernetes/checks/resource/k8s/EtcdAutoTls.py
checkov/kubernetes/checks/resource/k8s/EtcdCertAndKey.py
checkov/kubernetes/checks/resource/k8s/EtcdClientCertAuth.py
checkov/kubernetes/checks/resource/k8s/EtcdPeerFiles.py
checkov/kubernetes/checks/resource/k8s/HostPort.py
checkov/kubernetes/checks/resource/k8s/ImageDigest.py
checkov/kubernetes/checks/resource/k8s/ImagePullPolicyAlways.py
checkov/kubernetes/checks/resource/k8s/ImageTagFixed.py
checkov/kubernetes/checks/resource/k8s/KubeControllerManagerBlockProfiles.py
checkov/kubernetes/checks/resource/k8s/KubeControllerManagerRootCAFile.py
checkov/kubernetes/checks/resource/k8s/KubeControllerManagerServiceAccountCredentials.py
checkov/kubernetes/checks/resource/k8s/KubeControllerManagerServiceAccountPrivateKeyFile.py
checkov/kubernetes/checks/resource/k8s/KubeControllerManagerTerminatedPods.py
checkov/kubernetes/checks/resource/k8s/KubeletAnonymousAuth.py
checkov/kubernetes/checks/resource/k8s/KubeletAuthorizationModeNotAlwaysAllow.py
checkov/kubernetes/checks/resource/k8s/KubeletClientCa.py
checkov/kubernetes/checks/resource/k8s/KubeletCryptographicCiphers.py
checkov/kubernetes/checks/resource/k8s/KubeletHostnameOverride.py
checkov/kubernetes/checks/resource/k8s/KubeletKeyFilesSetAppropriate.py
checkov/kubernetes/checks/resource/k8s/KubeletMakeIptablesUtilChains.py
checkov/kubernetes/checks/resource/k8s/KubeletProtectKernelDefaults.py
checkov/kubernetes/checks/resource/k8s/KubeletReadOnlyPort.py
checkov/kubernetes/checks/resource/k8s/KubeletStreamingConnectionIdleTimeout.py
checkov/kubernetes/checks/resource/k8s/KubernetesDashboard.py
checkov/kubernetes/checks/resource/k8s/KubletEventCapture.py
checkov/kubernetes/checks/resource/k8s/KubletRotateCertificates.py
checkov/kubernetes/checks/resource/k8s/LivenessProbe.py
checkov/kubernetes/checks/resource/k8s/MemoryLimits.py
checkov/kubernetes/checks/resource/k8s/MemoryRequests.py
checkov/kubernetes/checks/resource/k8s/MinimizeCapabilities.py
checkov/kubernetes/checks/resource/k8s/MinimizeCapabilitiesPSP.py
checkov/kubernetes/checks/resource/k8s/NginxIngressCVE202125742Alias.py
checkov/kubernetes/checks/resource/k8s/NginxIngressCVE202125742AllSnippets.py
checkov/kubernetes/checks/resource/k8s/NginxIngressCVE202125742Lua.py
checkov/kubernetes/checks/resource/k8s/PeerClientCertAuthTrue.py
checkov/kubernetes/checks/resource/k8s/PodSecurityContext.py
checkov/kubernetes/checks/resource/k8s/PrivilegedContainers.py
checkov/kubernetes/checks/resource/k8s/PrivilegedContainersPSP.py
checkov/kubernetes/checks/resource/k8s/RbacApproveCertificateSigningRequests.py
checkov/kubernetes/checks/resource/k8s/RbacBindRoleBindings.py
checkov/kubernetes/checks/resource/k8s/RbacControlWebhooks.py
checkov/kubernetes/checks/resource/k8s/RbacEscalateRoles.py
checkov/kubernetes/checks/resource/k8s/ReadOnlyFilesystem.py
checkov/kubernetes/checks/resource/k8s/ReadinessProbe.py
checkov/kubernetes/checks/resource/k8s/RootContainers.py
checkov/kubernetes/checks/resource/k8s/RootContainersHighUID.py
checkov/kubernetes/checks/resource/k8s/RootContainersPSP.py
checkov/kubernetes/checks/resource/k8s/RotateKubeletServerCertificate.py
checkov/kubernetes/checks/resource/k8s/SchedulerBindAddress.py
checkov/kubernetes/checks/resource/k8s/SchedulerProfiling.py
checkov/kubernetes/checks/resource/k8s/Seccomp.py
checkov/kubernetes/checks/resource/k8s/SeccompPSP.py
checkov/kubernetes/checks/resource/k8s/Secrets.py
checkov/kubernetes/checks/resource/k8s/ServiceAccountTokens.py
checkov/kubernetes/checks/resource/k8s/ShareHostIPC.py
checkov/kubernetes/checks/resource/k8s/ShareHostIPCPSP.py
checkov/kubernetes/checks/resource/k8s/ShareHostPID.py
checkov/kubernetes/checks/resource/k8s/ShareHostPIDPSP.py
checkov/kubernetes/checks/resource/k8s/SharedHostNetworkNamespace.py
checkov/kubernetes/checks/resource/k8s/SharedHostNetworkNamespacePSP.py
checkov/kubernetes/checks/resource/k8s/Tiller.py
checkov/kubernetes/checks/resource/k8s/TillerDeploymentListener.py
checkov/kubernetes/checks/resource/k8s/TillerService.py
checkov/kubernetes/checks/resource/k8s/WildcardRoles.py
checkov/kubernetes/checks/resource/k8s/__init__.py
checkov/kubernetes/checks/resource/k8s/k8s_check_utils.py
checkov/kubernetes/graph_builder/__init__.py
checkov/kubernetes/graph_builder/local_graph.py
checkov/kubernetes/graph_builder/graph_components/ResourceKeywordIdentifier.py
checkov/kubernetes/graph_builder/graph_components/__init__.py
checkov/kubernetes/graph_builder/graph_components/blocks.py
checkov/kubernetes/graph_builder/graph_components/edge_builders/K8SEdgeBuilder.py
checkov/kubernetes/graph_builder/graph_components/edge_builders/KeywordEdgeBuilder.py
checkov/kubernetes/graph_builder/graph_components/edge_builders/LabelSelectorEdgeBuilder.py
checkov/kubernetes/graph_builder/graph_components/edge_builders/NetworkPolicyEdgeBuilder.py
checkov/kubernetes/graph_builder/graph_components/edge_builders/__init__.py
checkov/kubernetes/image_referencer/__init__.py
checkov/kubernetes/image_referencer/base_provider.py
checkov/kubernetes/image_referencer/manager.py
checkov/kubernetes/image_referencer/provider/__init__.py
checkov/kubernetes/image_referencer/provider/k8s.py
checkov/kubernetes/parser/__init__.py
checkov/kubernetes/parser/k8_json.py
checkov/kubernetes/parser/k8_yaml.py
checkov/kubernetes/parser/parser.py
checkov/kustomize/__init__.py
checkov/kustomize/runner.py
checkov/openapi/__init__.py
checkov/openapi/runner.py
checkov/openapi/checks/__init__.py
checkov/openapi/checks/base_openapi_check.py
checkov/openapi/checks/base_registry.py
checkov/openapi/checks/registry.py
checkov/openapi/checks/resource/__init__.py
checkov/openapi/checks/resource/generic/GlobalSecurityFieldIsEmpty.py
checkov/openapi/checks/resource/generic/SecurityOperations.py
checkov/openapi/checks/resource/generic/__init__.py
checkov/openapi/checks/resource/v2/BaseOpenapiCheckV2.py
checkov/openapi/checks/resource/v2/Oauth2SecurityRequirement.py
checkov/openapi/checks/resource/v2/PathSchemeDefineHTTP.py
checkov/openapi/checks/resource/v2/SecurityDefinitions.py
checkov/openapi/checks/resource/v2/SecurityRequirement.py
checkov/openapi/checks/resource/v2/__init__.py
checkov/openapi/checks/resource/v3/BaseOpenapiCheckV3.py
checkov/openapi/checks/resource/v3/CleartextOverUnencryptedChannel.py
checkov/openapi/checks/resource/v3/__init__.py
checkov/sca_image/__init__.py
checkov/sca_image/runner.py
checkov/sca_package/__init__.py
checkov/sca_package/output.py
checkov/sca_package/runner.py
checkov/sca_package/scanner.py
checkov/sca_package_2/__init__.py
checkov/sca_package_2/output.py
checkov/sca_package_2/runner.py
checkov/sca_package_2/scanner.py
checkov/secrets/__init__.py
checkov/secrets/runner.py
checkov/secrets/parsers/__init__.py
checkov/secrets/parsers/multiline_parser.py
checkov/secrets/parsers/single_line_parser.py
checkov/secrets/parsers/json/__init__.py
checkov/secrets/parsers/json/multiline_parser.py
checkov/secrets/parsers/terraform/__init__.py
checkov/secrets/parsers/terraform/multiline_parser.py
checkov/secrets/parsers/terraform/single_line_parser.py
checkov/secrets/parsers/yaml/__init__.py
checkov/secrets/parsers/yaml/multiline_parser.py
checkov/secrets/plugins/__init__.py
checkov/secrets/plugins/custom_regex_detector.py
checkov/secrets/plugins/entropy_keyword_combinator.py
checkov/serverless/__init__.py
checkov/serverless/base_registry.py
checkov/serverless/registry.py
checkov/serverless/runner.py
checkov/serverless/checks/__init__.py
checkov/serverless/checks/base_function_check.py
checkov/serverless/checks/complete/__init__.py
checkov/serverless/checks/complete/base_complete_check.py
checkov/serverless/checks/complete/registry.py
checkov/serverless/checks/custom/__init__.py
checkov/serverless/checks/custom/base_custom_check.py
checkov/serverless/checks/custom/registry.py
checkov/serverless/checks/function/__init__.py
checkov/serverless/checks/function/base_function_check.py
checkov/serverless/checks/function/registry.py
checkov/serverless/checks/function/aws/AWSCredentials.py
checkov/serverless/checks/function/aws/AdminPolicyDocument.py
checkov/serverless/checks/function/aws/StarActionPolicyDocument.py
checkov/serverless/checks/function/aws/__init__.py
checkov/serverless/checks/layer/__init__.py
checkov/serverless/checks/layer/base_layer_check.py
checkov/serverless/checks/layer/registry.py
checkov/serverless/checks/package/__init__.py
checkov/serverless/checks/package/base_package_check.py
checkov/serverless/checks/package/registry.py
checkov/serverless/checks/plugin/__init__.py
checkov/serverless/checks/plugin/base_plugin_check.py
checkov/serverless/checks/plugin/registry.py
checkov/serverless/checks/provider/__init__.py
checkov/serverless/checks/provider/base_provider_check.py
checkov/serverless/checks/provider/registry.py
checkov/serverless/checks/service/__init__.py
checkov/serverless/checks/service/base_service_check.py
checkov/serverless/checks/service/registry.py
checkov/serverless/parsers/__init__.py
checkov/serverless/parsers/context_parser.py
checkov/serverless/parsers/parser.py
checkov/terraform/__init__.py
checkov/terraform/deep_analysis_plan_graph_manager.py
checkov/terraform/graph_manager.py
checkov/terraform/parser.py
checkov/terraform/parser_functions.py
checkov/terraform/plan_parser.py
checkov/terraform/plan_runner.py
checkov/terraform/plan_utils.py
checkov/terraform/runner.py
checkov/terraform/checks/__init__.py
checkov/terraform/checks/data/BaseCloudsplainingIAMCheck.py
checkov/terraform/checks/data/__init__.py
checkov/terraform/checks/data/base_check.py
checkov/terraform/checks/data/base_registry.py
checkov/terraform/checks/data/registry.py
checkov/terraform/checks/data/aws/AdminPolicyDocument.py
checkov/terraform/checks/data/aws/IAMCredentialsExposure.py
checkov/terraform/checks/data/aws/IAMDataExfiltration.py
checkov/terraform/checks/data/aws/IAMManagedAdminPolicy.py
checkov/terraform/checks/data/aws/IAMPermissionsManagement.py
checkov/terraform/checks/data/aws/IAMPrivilegeEscalation.py
checkov/terraform/checks/data/aws/IAMPublichActionsPolicy.py
checkov/terraform/checks/data/aws/IAMWriteAccess.py
checkov/terraform/checks/data/aws/StarActionPolicyDocument.py
checkov/terraform/checks/data/aws/__init__.py
checkov/terraform/checks/data/external/__init__.py
checkov/terraform/checks/graph_checks/__init__.py
checkov/terraform/checks/graph_checks/aws/ALBProtectedByWAF.yaml
checkov/terraform/checks/graph_checks/aws/ALBRedirectsHTTPToHTTPS.yaml
checkov/terraform/checks/graph_checks/aws/AMRClustersNotOpenToInternet.yaml
checkov/terraform/checks/graph_checks/aws/APIGWLoggingLevelsDefinedProperly.yaml
checkov/terraform/checks/graph_checks/aws/APIProtectedByWAF.yaml
checkov/terraform/checks/graph_checks/aws/AWSConfigRecorderEnabled.yaml
checkov/terraform/checks/graph_checks/aws/AWSNATGatewaysshouldbeutilized.yaml
checkov/terraform/checks/graph_checks/aws/AWSSSMParameterShouldBeEncrypted.yaml
checkov/terraform/checks/graph_checks/aws/AppLoadBalancerTLS12.yaml
checkov/terraform/checks/graph_checks/aws/AppSyncProtectedByWAF.yaml
checkov/terraform/checks/graph_checks/aws/AutoScalingEnableOnDynamoDBTables.yaml
checkov/terraform/checks/graph_checks/aws/AutoScallingEnabledELB.yaml
checkov/terraform/checks/graph_checks/aws/CLoudFrontS3OriginConfigWithOAI.yaml
checkov/terraform/checks/graph_checks/aws/CloudFrontHasCustomSSLCertificate.yaml
checkov/terraform/checks/graph_checks/aws/CloudFrontHasResponseHeadersPolicy.yaml
checkov/terraform/checks/graph_checks/aws/CloudFrontWebACLConfiguredWIthLog4jVulnerability.yaml
checkov/terraform/checks/graph_checks/aws/CloudtrailHasCloudwatch.yaml
checkov/terraform/checks/graph_checks/aws/CodecommitApprovalRulesAttached.yaml
checkov/terraform/checks/graph_checks/aws/ConfigRecorderRecordsAllGlobalResources.yaml
checkov/terraform/checks/graph_checks/aws/DMSEndpointHaveSSLConfigured.yaml
checkov/terraform/checks/graph_checks/aws/EBSAddedBackup.yaml
checkov/terraform/checks/graph_checks/aws/EC2InstanceHasIAMRoleAttached.yaml
checkov/terraform/checks/graph_checks/aws/EFSAddedBackup.yaml
checkov/terraform/checks/graph_checks/aws/EIPAllocatedToVPCAttachedEC2.yaml
checkov/terraform/checks/graph_checks/aws/ElastiCacheRedisConfiguredAutomaticFailOver.yaml
checkov/terraform/checks/graph_checks/aws/EncryptedEBSVolumeOnlyConnectedToEC2s.yaml
checkov/terraform/checks/graph_checks/aws/GuardDutyIsEnabled.yaml
checkov/terraform/checks/graph_checks/aws/HTTPNotSendingPasswords.yaml
checkov/terraform/checks/graph_checks/aws/IAMGroupHasAtLeastOneUser.yaml
checkov/terraform/checks/graph_checks/aws/IAMPolicyNotAllowFullIAMAccess.yaml
checkov/terraform/checks/graph_checks/aws/IAMUserHasNoConsoleAccess.yaml
checkov/terraform/checks/graph_checks/aws/IAMUsersAreMembersAtLeastOneGroup.yaml
checkov/terraform/checks/graph_checks/aws/PostgresDBHasQueryLoggingEnabled.yaml
checkov/terraform/checks/graph_checks/aws/PostgresRDSHasQueryLoggingEnabled.yaml
checkov/terraform/checks/graph_checks/aws/RDSClusterHasBackupPlan.yaml
checkov/terraform/checks/graph_checks/aws/Route53ARecordAttachedResource.yaml
checkov/terraform/checks/graph_checks/aws/Route53ZoneEnableDNSSECSigning.yaml
checkov/terraform/checks/graph_checks/aws/Route53ZoneHasMatchingQueryLog.yaml
checkov/terraform/checks/graph_checks/aws/S3BucketEncryption.yaml
checkov/terraform/checks/graph_checks/aws/S3BucketHasPublicAccessBlock.yaml
checkov/terraform/checks/graph_checks/aws/S3BucketLogging.yaml
checkov/terraform/checks/graph_checks/aws/S3BucketReplicationConfiguration.yaml
checkov/terraform/checks/graph_checks/aws/S3BucketVersioning.yaml
checkov/terraform/checks/graph_checks/aws/S3KMSEncryptedByDefault.yaml
checkov/terraform/checks/graph_checks/aws/S3NotAllowAccessToAllAuthenticatedUsers.yaml
checkov/terraform/checks/graph_checks/aws/S3PublicACLRead.yaml
checkov/terraform/checks/graph_checks/aws/S3PublicACLWrite.yaml
checkov/terraform/checks/graph_checks/aws/SGAttachedToResource.yaml
checkov/terraform/checks/graph_checks/aws/SubnetHasACL.yaml
checkov/terraform/checks/graph_checks/aws/VPCHasFlowLog.yaml
checkov/terraform/checks/graph_checks/aws/VPCHasRestrictedSG.yaml
checkov/terraform/checks/graph_checks/aws/VPCPeeringRouteTableOverlyPermissive.yaml
checkov/terraform/checks/graph_checks/aws/WAF2HasLogs.yaml
checkov/terraform/checks/graph_checks/azure/AccessToPostgreSQLFromAzureServicesIsDisabled.yaml
checkov/terraform/checks/graph_checks/azure/ApplicationGatewayEnablesWAF.yaml
checkov/terraform/checks/graph_checks/azure/AzureActiveDirectoryAdminIsConfigured.yaml
checkov/terraform/checks/graph_checks/azure/AzureAntimalwareIsConfiguredWithAutoUpdatesForVMs.yaml
checkov/terraform/checks/graph_checks/azure/AzureDataFactoriesEncryptedWithCustomerManagedKey.yaml
checkov/terraform/checks/graph_checks/azure/AzureMSSQLServerHasSecurityAlertPolicy.yaml
checkov/terraform/checks/graph_checks/azure/AzureNetworkInterfacePublicIPAddressId.yaml
checkov/terraform/checks/graph_checks/azure/AzureStorageAccountsUseCustomerManagedKeyForEncryption.yaml
checkov/terraform/checks/graph_checks/azure/AzureSynapseWorkspacesHaveNoIPFirewallRulesAttached.yaml
checkov/terraform/checks/graph_checks/azure/AzureUnattachedDisksAreEncrypted.yaml
checkov/terraform/checks/graph_checks/azure/CognitiveServicesCustomerManagedKey.yaml
checkov/terraform/checks/graph_checks/azure/DataExplorerEncryptionUsesCustomKey.yaml
checkov/terraform/checks/graph_checks/azure/MSQLenablesCustomerManagedKey.yaml
checkov/terraform/checks/graph_checks/azure/PGSQLenablesCustomerManagedKey.yaml
checkov/terraform/checks/graph_checks/azure/SQLServerAuditingEnabled.yaml
checkov/terraform/checks/graph_checks/azure/SQLServerAuditingRetention90Days.yaml
checkov/terraform/checks/graph_checks/azure/StorageContainerActivityLogsNotPublic.yaml
checkov/terraform/checks/graph_checks/azure/StorageCriticalDataEncryptedCMK.yaml
checkov/terraform/checks/graph_checks/azure/StorageLoggingIsEnabledForBlobService.yaml
checkov/terraform/checks/graph_checks/azure/StorageLoggingIsEnabledForTableService.yaml
checkov/terraform/checks/graph_checks/azure/VAconfiguredToSendReports.yaml
checkov/terraform/checks/graph_checks/azure/VAconfiguredToSendReportsToAdmins.yaml
checkov/terraform/checks/graph_checks/azure/VAisEnabledInStorageAccount.yaml
checkov/terraform/checks/graph_checks/azure/VAsetPeriodicScansOnSQL.yaml
checkov/terraform/checks/graph_checks/azure/VMHasBackUpMachine.yaml
checkov/terraform/checks/graph_checks/azure/VirtualMachinesUtilizingManagedDisks.yaml
checkov/terraform/checks/graph_checks/gcp/CloudFunctionSecureHTTPTrigger.yaml
checkov/terraform/checks/graph_checks/gcp/DisableAccessToSqlDBInstanceForRootUsersWithoutPassword.yaml
checkov/terraform/checks/graph_checks/gcp/GCPAuditLogsConfiguredForAllServicesAndUsers.yaml
checkov/terraform/checks/graph_checks/gcp/GCPComputeFirewallOverlyPermissiveToAllTraffic.yaml
checkov/terraform/checks/graph_checks/gcp/GCPContainerRegistryReposAreNotPubliclyAccessible.yaml
checkov/terraform/checks/graph_checks/gcp/GCPKMSCryptoKeysAreNotPubliclyAccessible.yaml
checkov/terraform/checks/graph_checks/gcp/GCPKMSKeyRingsAreNotPubliclyAccessible.yaml
checkov/terraform/checks/graph_checks/gcp/GCPLogBucketsConfiguredUsingLock.yaml
checkov/terraform/checks/graph_checks/gcp/GCPProjectHasNoLegacyNetworks.yaml
checkov/terraform/checks/graph_checks/gcp/GCRContainerVulnerabilityScanningEnabled.yaml
checkov/terraform/checks/graph_checks/gcp/GKEClustersAreNotUsingDefaultServiceAccount.yaml
checkov/terraform/checks/graph_checks/gcp/ServiceAccountHasGCPmanagedKey.yaml
checkov/terraform/checks/module/__init__.py
checkov/terraform/checks/module/base_module_check.py
checkov/terraform/checks/module/base_registry.py
checkov/terraform/checks/module/registry.py
checkov/terraform/checks/provider/__init__.py
checkov/terraform/checks/provider/base_check.py
checkov/terraform/checks/provider/base_registry.py
checkov/terraform/checks/provider/registry.py
checkov/terraform/checks/provider/aws/__init__.py
checkov/terraform/checks/provider/aws/credentials.py
checkov/terraform/checks/provider/bridgecrew/__init__.py
checkov/terraform/checks/provider/bridgecrew/credentials.py
checkov/terraform/checks/provider/linode/__init__.py
checkov/terraform/checks/provider/linode/credentials.py
checkov/terraform/checks/provider/ncp/__init__.py
checkov/terraform/checks/provider/ncp/credentials.py
checkov/terraform/checks/provider/oci/__init__.py
checkov/terraform/checks/provider/oci/credentials.py
checkov/terraform/checks/provider/openstack/__init__.py
checkov/terraform/checks/provider/openstack/credentials.py
checkov/terraform/checks/provider/panos/__init__.py
checkov/terraform/checks/provider/panos/credentials.py
checkov/terraform/checks/resource/__init__.py
checkov/terraform/checks/resource/base_registry.py
checkov/terraform/checks/resource/base_resource_check.py
checkov/terraform/checks/resource/base_resource_negative_value_check.py
checkov/terraform/checks/resource/base_resource_value_check.py
checkov/terraform/checks/resource/registry.py
checkov/terraform/checks/resource/alicloud/ALBACLIsUnrestricted.py
checkov/terraform/checks/resource/alicloud/APIGatewayProtocolHTTPS.py
checkov/terraform/checks/resource/alicloud/AbsRDSParameter.py
checkov/terraform/checks/resource/alicloud/AbsSecurityGroupUnrestrictedIngress.py
checkov/terraform/checks/resource/alicloud/ActionTrailLogAllEvents.py
checkov/terraform/checks/resource/alicloud/ActionTrailLogAllRegions.py
checkov/terraform/checks/resource/alicloud/DiskEncryptedWithCMK.py
checkov/terraform/checks/resource/alicloud/DiskIsEncrypted.py
checkov/terraform/checks/resource/alicloud/K8sEnableNetworkPolicies.py
checkov/terraform/checks/resource/alicloud/K8sNodePoolAutoRepair.py
checkov/terraform/checks/resource/alicloud/KMSKeyIsEnabled.py
checkov/terraform/checks/resource/alicloud/KMSKeyRotationIsEnabled.py
checkov/terraform/checks/resource/alicloud/LaunchTemplateDisksAreEncrypted.py
checkov/terraform/checks/resource/alicloud/LogAuditRDSEnabled.py
checkov/terraform/checks/resource/alicloud/MongoDBInsideVPC.py
checkov/terraform/checks/resource/alicloud/MongoDBInstanceSSL.py
checkov/terraform/checks/resource/alicloud/MongoDBIsPublic.py
checkov/terraform/checks/resource/alicloud/MongoDBTransparentDataEncryptionEnabled.py
checkov/terraform/checks/resource/alicloud/OSSBucketAccessLogs.py
checkov/terraform/checks/resource/alicloud/OSSBucketEncryptedWithCMK.py
checkov/terraform/checks/resource/alicloud/OSSBucketPublic.py
checkov/terraform/checks/resource/alicloud/OSSBucketTransferAcceleration.py
checkov/terraform/checks/resource/alicloud/OSSBucketVersioning.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyExpiration.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyLength.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyLowercaseLetter.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyMaxLogin.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyNumber.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyReuse.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicySymbol.py
checkov/terraform/checks/resource/alicloud/RAMPasswordPolicyUppcaseLetter.py
checkov/terraform/checks/resource/alicloud/RAMSecurityEnforceMFA.py
checkov/terraform/checks/resource/alicloud/RDSInstanceAutoUpgrade.py
checkov/terraform/checks/resource/alicloud/RDSInstanceLogConnections.py
checkov/terraform/checks/resource/alicloud/RDSInstanceLogDisconnections.py
checkov/terraform/checks/resource/alicloud/RDSInstanceLogsEnabled.py
checkov/terraform/checks/resource/alicloud/RDSInstanceSSL.py
checkov/terraform/checks/resource/alicloud/RDSIsPublic.py
checkov/terraform/checks/resource/alicloud/RDSRetention.py
checkov/terraform/checks/resource/alicloud/RDSTransparentDataEncryptionEnabled.py
checkov/terraform/checks/resource/alicloud/SecurityGroupUnrestrictedIngress22.py
checkov/terraform/checks/resource/alicloud/SecurityGroupUnrestrictedIngress3389.py
checkov/terraform/checks/resource/alicloud/TLSPoliciesAreSecure.py
checkov/terraform/checks/resource/alicloud/__init__.py
checkov/terraform/checks/resource/aws/ACMCertCreateBeforeDestroy.py
checkov/terraform/checks/resource/aws/ACMCertSetLoggingPreference.py
checkov/terraform/checks/resource/aws/ALBDropHttpHeaders.py
checkov/terraform/checks/resource/aws/ALBListenerHTTPS.py
checkov/terraform/checks/resource/aws/AMICopyIsEncrypted.py
checkov/terraform/checks/resource/aws/AMICopyUsesCMK.py
checkov/terraform/checks/resource/aws/AMIEncryption.py
checkov/terraform/checks/resource/aws/AMILaunchIsShared.py
checkov/terraform/checks/resource/aws/APIGatewayAccessLogging.py
checkov/terraform/checks/resource/aws/APIGatewayAuthorization.py
checkov/terraform/checks/resource/aws/APIGatewayCacheEnable.py
checkov/terraform/checks/resource/aws/APIGatewayCreateBeforeDestroy.py
checkov/terraform/checks/resource/aws/APIGatewayDeploymentCreateBeforeDestroy.py
checkov/terraform/checks/resource/aws/APIGatewayDomainNameTLS.py
checkov/terraform/checks/resource/aws/APIGatewayMethodSettingsCacheEnabled.py
checkov/terraform/checks/resource/aws/APIGatewayMethodSettingsDataTrace.py
checkov/terraform/checks/resource/aws/APIGatewayXray.py
checkov/terraform/checks/resource/aws/AbsNACLUnrestrictedIngress.py
checkov/terraform/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.py
checkov/terraform/checks/resource/aws/AppFlowConnectorProfileUsesCMK.py
checkov/terraform/checks/resource/aws/AppFlowUsesCMK.py
checkov/terraform/checks/resource/aws/AppSyncFieldLevelLogs.py
checkov/terraform/checks/resource/aws/AppSyncLogging.py
checkov/terraform/checks/resource/aws/AppsyncAPICacheEncryptionAtRest.py
checkov/terraform/checks/resource/aws/AppsyncAPICacheEncryptionInTransit.py
checkov/terraform/checks/resource/aws/AthenaDatabaseEncryption.py
checkov/terraform/checks/resource/aws/AthenaWorkgroupConfiguration.py
checkov/terraform/checks/resource/aws/AthenaWorkgroupEncryption.py
checkov/terraform/checks/resource/aws/AuroraEncryption.py
checkov/terraform/checks/resource/aws/AutoScalingTagging.py
checkov/terraform/checks/resource/aws/BackupVaultEncrypted.py
checkov/terraform/checks/resource/aws/BatchJobIsNotPrivileged.py
checkov/terraform/checks/resource/aws/CloudFrontResponseHeaderStrictTransportSecurity.py
checkov/terraform/checks/resource/aws/CloudWatchLogGroupKMSKey.py
checkov/terraform/checks/resource/aws/CloudWatchLogGroupRetention.py
checkov/terraform/checks/resource/aws/CloudformationStackNotificationArns.py
checkov/terraform/checks/resource/aws/CloudfrontDistributionEnabled.py
checkov/terraform/checks/resource/aws/CloudfrontDistributionEncryption.py
checkov/terraform/checks/resource/aws/CloudfrontDistributionLogging.py
checkov/terraform/checks/resource/aws/CloudfrontTLS12.py
checkov/terraform/checks/resource/aws/CloudsearchDomainEnforceHttps.py
checkov/terraform/checks/resource/aws/CloudsearchDomainTLS.py
checkov/terraform/checks/resource/aws/CloudtrailDefinesSNSTopic.py
checkov/terraform/checks/resource/aws/CloudtrailEnableLogging.py
checkov/terraform/checks/resource/aws/CloudtrailEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/CloudtrailLogValidation.py
checkov/terraform/checks/resource/aws/CloudtrailMultiRegion.py
checkov/terraform/checks/resource/aws/CodeArtifactDomainEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/CodeBuildEncrypted.py
checkov/terraform/checks/resource/aws/CodeBuildProjectEncryption.py
checkov/terraform/checks/resource/aws/CodePipelineArtifactsEncrypted.py
checkov/terraform/checks/resource/aws/CodecommitApprovalsRulesRequireMin2.py
checkov/terraform/checks/resource/aws/ComprehendEntityRecognizerModelUsesCMK.py
checkov/terraform/checks/resource/aws/ComprehendEntityRecognizerVolumeUsesCMK.py
checkov/terraform/checks/resource/aws/ConfigConfgurationAggregatorAllRegions.py
checkov/terraform/checks/resource/aws/ConnectInstanceKinesisVideoStreamStorageConfigUsesCMK.py
checkov/terraform/checks/resource/aws/ConnectInstanceS3StorageConfigUsesCMK.py
checkov/terraform/checks/resource/aws/DAXEncryption.py
checkov/terraform/checks/resource/aws/DAXEndpointTLS.py
checkov/terraform/checks/resource/aws/DBInstanceBackupRetentionPeriod.py
checkov/terraform/checks/resource/aws/DBInstanceLogging.py
checkov/terraform/checks/resource/aws/DBInstanceMinorUpgrade.py
checkov/terraform/checks/resource/aws/DBSnapshotCopyUsesCMK.py
checkov/terraform/checks/resource/aws/DLMEventsCrossRegionEncryption.py
checkov/terraform/checks/resource/aws/DLMEventsCrossRegionEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/DLMScheduleCrossRegionEncryption.py
checkov/terraform/checks/resource/aws/DLMScheduleCrossRegionEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/DMSReplicationInstanceEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/DMSReplicationInstanceMinorUpgrade.py
checkov/terraform/checks/resource/aws/DMSReplicationInstancePubliclyAccessible.py
checkov/terraform/checks/resource/aws/DocDBAuditLogs.py
checkov/terraform/checks/resource/aws/DocDBEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/DocDBEncryption.py
checkov/terraform/checks/resource/aws/DocDBLogging.py
checkov/terraform/checks/resource/aws/DocDBTLS.py
checkov/terraform/checks/resource/aws/DynamoDBGlobalTableRecovery.py
checkov/terraform/checks/resource/aws/DynamoDBTableReplicaKMSUsesCMK.py
checkov/terraform/checks/resource/aws/DynamoDBTablesEncrypted.py
checkov/terraform/checks/resource/aws/DynamodbRecovery.py
checkov/terraform/checks/resource/aws/EBSDefaultEncryption.py
checkov/terraform/checks/resource/aws/EBSEncryption.py
checkov/terraform/checks/resource/aws/EBSSnapshotCopyEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/EBSVolumeEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/EC2Credentials.py
checkov/terraform/checks/resource/aws/EC2DetailedMonitoringEnabled.py
checkov/terraform/checks/resource/aws/EC2EBSOptimized.py
checkov/terraform/checks/resource/aws/EC2PublicIP.py
checkov/terraform/checks/resource/aws/ECRImageScanning.py
checkov/terraform/checks/resource/aws/ECRImmutableTags.py
checkov/terraform/checks/resource/aws/ECRPolicy.py
checkov/terraform/checks/resource/aws/ECRRepositoryEncrypted.py
checkov/terraform/checks/resource/aws/ECSClusterContainerInsights.py
checkov/terraform/checks/resource/aws/ECSClusterLoggingEnabled.py
checkov/terraform/checks/resource/aws/ECSClusterLoggingEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/ECSTaskDefinitionEFSVolumeEncryption.py
checkov/terraform/checks/resource/aws/ECSTaskDefinitionRoleCheck.py
checkov/terraform/checks/resource/aws/EFSEncryptionEnabled.py
checkov/terraform/checks/resource/aws/EFSFileSystemEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/EKSControlPlaneLogging.py
checkov/terraform/checks/resource/aws/EKSNodeGroupRemoteAccess.py
checkov/terraform/checks/resource/aws/EKSPublicAccess.py
checkov/terraform/checks/resource/aws/EKSPublicAccessCIDR.py
checkov/terraform/checks/resource/aws/EKSSecretsEncryption.py
checkov/terraform/checks/resource/aws/ELBAccessLogs.py
checkov/terraform/checks/resource/aws/ELBCrossZoneEnable.py
checkov/terraform/checks/resource/aws/ELBPolicyUsesSecureProtocols.py
checkov/terraform/checks/resource/aws/ELBUsesSSL.py
checkov/terraform/checks/resource/aws/ELBv2AccessLogs.py
checkov/terraform/checks/resource/aws/EMRClusterIsEncryptedKMS.py
checkov/terraform/checks/resource/aws/EMRClusterKerberosAttributes.py
checkov/terraform/checks/resource/aws/ElasticCacheAutomaticBackup.py
checkov/terraform/checks/resource/aws/ElasticacheHasSecurityGroup.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtRest.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransit.py
checkov/terraform/checks/resource/aws/ElasticacheReplicationGroupEncryptionAtTransitAuthToken.py
checkov/terraform/checks/resource/aws/ElasticsearchDefaultSG.py
checkov/terraform/checks/resource/aws/ElasticsearchDomainEnforceHTTPS.py
checkov/terraform/checks/resource/aws/ElasticsearchDomainLogging.py
checkov/terraform/checks/resource/aws/ElasticsearchEncryption.py
checkov/terraform/checks/resource/aws/ElasticsearchEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/ElasticsearchInVPC.py
checkov/terraform/checks/resource/aws/ElasticsearchNodeToNodeEncryption.py
checkov/terraform/checks/resource/aws/ElasticsearchTLSPolicy.py
checkov/terraform/checks/resource/aws/FSXOntapFSEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/FSXOpenZFSFileSystemEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/FSXWindowsFSEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/GlacierVaultAnyPrincipal.py
checkov/terraform/checks/resource/aws/GlobalAcceleratorAcceleratorFlowLogs.py
checkov/terraform/checks/resource/aws/GlueDataCatalogEncryption.py
checkov/terraform/checks/resource/aws/GlueSecurityConfiguration.py
checkov/terraform/checks/resource/aws/GlueSecurityConfigurationEnabled.py
checkov/terraform/checks/resource/aws/GuarddutyDetectorEnabled.py
checkov/terraform/checks/resource/aws/IAMAdminPolicyDocument.py
checkov/terraform/checks/resource/aws/IAMManagedAdminPolicy.py
checkov/terraform/checks/resource/aws/IAMPolicyAttachedToGroupOrRoles.py
checkov/terraform/checks/resource/aws/IAMRoleAllowAssumeFromAccount.py
checkov/terraform/checks/resource/aws/IAMRoleAllowsPublicAssume.py
checkov/terraform/checks/resource/aws/IAMStarActionPolicyDocument.py
checkov/terraform/checks/resource/aws/IAMUserNotUsedForAccess.py
checkov/terraform/checks/resource/aws/IMDSv1Disabled.py
checkov/terraform/checks/resource/aws/ImagebuilderComponentEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/ImagebuilderDistributionConfigurationEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/ImagebuilderImageRecipeEBSEncrypted.py
checkov/terraform/checks/resource/aws/KMSKeyIsEnabled.py
checkov/terraform/checks/resource/aws/KMSKeyWildcardPrincipal.py
checkov/terraform/checks/resource/aws/KMSRotation.py
checkov/terraform/checks/resource/aws/KendraIndexSSEUsesCMK.py
checkov/terraform/checks/resource/aws/KeyspacesTableUsesCMK.py
checkov/terraform/checks/resource/aws/KinesisFirehoseDeliveryStreamSSE.py
checkov/terraform/checks/resource/aws/KinesisFirehoseDeliveryStreamUsesCMK.py
checkov/terraform/checks/resource/aws/KinesisStreamEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/KinesisStreamEncryptionType.py
checkov/terraform/checks/resource/aws/KinesisVideoEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/LBCrossZone.py
checkov/terraform/checks/resource/aws/LBDeletionProtection.py
checkov/terraform/checks/resource/aws/LBTargetGroupsDefinesHealthcheck.py
checkov/terraform/checks/resource/aws/LambdaCodeSigningConfigured.py
checkov/terraform/checks/resource/aws/LambdaDLQConfigured.py
checkov/terraform/checks/resource/aws/LambdaEnvironmentCredentials.py
checkov/terraform/checks/resource/aws/LambdaEnvironmentEncryptionSettings.py
checkov/terraform/checks/resource/aws/LambdaFunctionLevelConcurrentExecutionLimit.py
checkov/terraform/checks/resource/aws/LambdaFunctionURLAuth.py
checkov/terraform/checks/resource/aws/LambdaInVPC.py
checkov/terraform/checks/resource/aws/LambdaXrayEnabled.py
checkov/terraform/checks/resource/aws/LaunchConfigurationEBSEncryption.py
checkov/terraform/checks/resource/aws/LustreFSEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/MQBrokerAuditLogging.py
checkov/terraform/checks/resource/aws/MQBrokerEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/MQBrokerLogging.py
checkov/terraform/checks/resource/aws/MQBrokerMinorAutoUpgrade.py
checkov/terraform/checks/resource/aws/MQBrokerNotPubliclyExposed.py
checkov/terraform/checks/resource/aws/MQBrokerVersion.py
checkov/terraform/checks/resource/aws/MSKClusterEncryption.py
checkov/terraform/checks/resource/aws/MSKClusterLogging.py
checkov/terraform/checks/resource/aws/MWAASchedulerLogsEnabled.py
checkov/terraform/checks/resource/aws/MWAAWebserverLogsEnabled.py
checkov/terraform/checks/resource/aws/MWAAWorkerLogsEnabled.py
checkov/terraform/checks/resource/aws/MemoryDBClusterIntransitEncryption.py
checkov/terraform/checks/resource/aws/MemoryDBEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/MemoryDBSnapshotEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/NeptuneClusterInstancePublic.py
checkov/terraform/checks/resource/aws/NeptuneClusterLogging.py
checkov/terraform/checks/resource/aws/NeptuneClusterSnapshotEncrypted.py
checkov/terraform/checks/resource/aws/NeptuneClusterSnapshotEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/NeptuneClusterStorageEncrypted.py
checkov/terraform/checks/resource/aws/NetworkACLUnrestrictedIngress20.py
checkov/terraform/checks/resource/aws/NetworkACLUnrestrictedIngress21.py
checkov/terraform/checks/resource/aws/NetworkACLUnrestrictedIngress22.py
checkov/terraform/checks/resource/aws/NetworkACLUnrestrictedIngress3389.py
checkov/terraform/checks/resource/aws/PasswordPolicyExpiration.py
checkov/terraform/checks/resource/aws/PasswordPolicyLength.py
checkov/terraform/checks/resource/aws/PasswordPolicyLowercaseLetter.py
checkov/terraform/checks/resource/aws/PasswordPolicyNumber.py
checkov/terraform/checks/resource/aws/PasswordPolicyReuse.py
checkov/terraform/checks/resource/aws/PasswordPolicySymbol.py
checkov/terraform/checks/resource/aws/PasswordPolicyUppercaseLetter.py
checkov/terraform/checks/resource/aws/QLDBLedgerDeletionProtection.py
checkov/terraform/checks/resource/aws/QLDBLedgerPermissionsMode.py
checkov/terraform/checks/resource/aws/RDSCACertIsRecent.py
checkov/terraform/checks/resource/aws/RDSClusterActivityStreamEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/RDSClusterEncrypted.py
checkov/terraform/checks/resource/aws/RDSClusterIAMAuthentication.py
checkov/terraform/checks/resource/aws/RDSClusterSnapshotEncrypted.py
checkov/terraform/checks/resource/aws/RDSDeletionProtection.py
checkov/terraform/checks/resource/aws/RDSEnableIAMAuthentication.py
checkov/terraform/checks/resource/aws/RDSEncryption.py
checkov/terraform/checks/resource/aws/RDSEnhancedMonitorEnabled.py
checkov/terraform/checks/resource/aws/RDSHasSecurityGroup.py
checkov/terraform/checks/resource/aws/RDSIAMAuthentication.py
checkov/terraform/checks/resource/aws/RDSInstanceAutoBackupEncryptionWithCMK.py
checkov/terraform/checks/resource/aws/RDSMultiAZEnabled.py
checkov/terraform/checks/resource/aws/RDSPostgreSQLLogFDWExtension.py
checkov/terraform/checks/resource/aws/RDSPubliclyAccessible.py
checkov/terraform/checks/resource/aws/RedShiftSSL.py
checkov/terraform/checks/resource/aws/RedshiftClusterAllowVersionUpgrade.py
checkov/terraform/checks/resource/aws/RedshiftClusterEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/RedshiftClusterEncryption.py
checkov/terraform/checks/resource/aws/RedshiftClusterKMSKey.py
checkov/terraform/checks/resource/aws/RedshiftClusterLogging.py
checkov/terraform/checks/resource/aws/RedshiftClusterSnapshotCopyGrantEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/RedshiftInEc2ClassicMode.py
checkov/terraform/checks/resource/aws/RedshiftServerlessNamespaceKMSKey.py
checkov/terraform/checks/resource/aws/RedshitClusterPubliclyAvailable.py
checkov/terraform/checks/resource/aws/S3AllowsAnyPrincipal.py
checkov/terraform/checks/resource/aws/S3BlockPublicACLs.py
checkov/terraform/checks/resource/aws/S3BlockPublicPolicy.py
checkov/terraform/checks/resource/aws/S3BucketObjectEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/S3BucketObjectLock.py
checkov/terraform/checks/resource/aws/S3IgnorePublicACLs.py
checkov/terraform/checks/resource/aws/S3ObjectCopyEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/S3ProtectAgainstPolicyLockout.py
checkov/terraform/checks/resource/aws/S3RestrictPublicBuckets.py
checkov/terraform/checks/resource/aws/SNSTopicEncryption.py
checkov/terraform/checks/resource/aws/SNSTopicPolicyAnyPrincipal.py
checkov/terraform/checks/resource/aws/SQSPolicy.py
checkov/terraform/checks/resource/aws/SQSQueueEncryption.py
checkov/terraform/checks/resource/aws/SQSQueuePolicyAnyPrincipal.py
checkov/terraform/checks/resource/aws/SSMSessionManagerDocumentEncryption.py
checkov/terraform/checks/resource/aws/SSMSessionManagerDocumentLogging.py
checkov/terraform/checks/resource/aws/SageMakerInternetAccessDisabled.py
checkov/terraform/checks/resource/aws/SagemakerDomainEncryptedWithCMK.py
checkov/terraform/checks/resource/aws/SagemakerEndpointConfigurationEncryption.py
checkov/terraform/checks/resource/aws/SagemakerNotebookEncryption.py
checkov/terraform/checks/resource/aws/SecretManagerSecretEncrypted.py
checkov/terraform/checks/resource/aws/SecurityGroupRuleDescription.py
checkov/terraform/checks/resource/aws/SecurityGroupUnrestrictedIngress22.py
checkov/terraform/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.py
checkov/terraform/checks/resource/aws/SecurityGroupUnrestrictedIngress80.py
checkov/terraform/checks/resource/aws/SecurityGroupUnrestrictedIngressAny.py
checkov/terraform/checks/resource/aws/SubnetPublicIP.py
checkov/terraform/checks/resource/aws/TimestreamDatabaseKMSKey.py
checkov/terraform/checks/resource/aws/TransferServerIsPublic.py
checkov/terraform/checks/resource/aws/VPCDefaultNetwork.py
checkov/terraform/checks/resource/aws/VPCEndpointAcceptanceConfigured.py
checkov/terraform/checks/resource/aws/WAFACLCVE202144228.py
checkov/terraform/checks/resource/aws/WAFEnabled.py
checkov/terraform/checks/resource/aws/WAFHasAnyRules.py
checkov/terraform/checks/resource/aws/WAFHasLogs.py
checkov/terraform/checks/resource/aws/WorkspaceRootVolumeEncrypted.py
checkov/terraform/checks/resource/aws/WorkspaceUserVolumeEncrypted.py
checkov/terraform/checks/resource/aws/__init__.py
checkov/terraform/checks/resource/azure/ACRAdminAccountDisabled.py
checkov/terraform/checks/resource/azure/ACRAnonymousPullDisabled.py
checkov/terraform/checks/resource/azure/ACRContainerScanEnabled.py
checkov/terraform/checks/resource/azure/ACREnableImageQuarantine.py
checkov/terraform/checks/resource/azure/ACREnableRetentionPolicy.py
checkov/terraform/checks/resource/azure/ACRGeoreplicated.py
checkov/terraform/checks/resource/azure/ACRPublicNetworkAccessDisabled.py
checkov/terraform/checks/resource/azure/ACRUseSignedImages.py
checkov/terraform/checks/resource/azure/AKSApiServerAuthorizedIpRanges.py
checkov/terraform/checks/resource/azure/AKSDashboardDisabled.py
checkov/terraform/checks/resource/azure/AKSEnablesPrivateClusters.py
checkov/terraform/checks/resource/azure/AKSIsPaidSku.py
checkov/terraform/checks/resource/azure/AKSLocalAdminDisabled.py
checkov/terraform/checks/resource/azure/AKSLoggingEnabled.py
checkov/terraform/checks/resource/azure/AKSMaxPodsMinimum.py
checkov/terraform/checks/resource/azure/AKSNetworkPolicy.py
checkov/terraform/checks/resource/azure/AKSNodePublicIpDisabled.py
checkov/terraform/checks/resource/azure/AKSPoolTypeIsScaleSet.py
checkov/terraform/checks/resource/azure/AKSRbacEnabled.py
checkov/terraform/checks/resource/azure/AKSSecretStoreRotation.py
checkov/terraform/checks/resource/azure/AKSUpgradeChannel.py
checkov/terraform/checks/resource/azure/AKSUsesAzurePoliciesAddon.py
checkov/terraform/checks/resource/azure/AKSUsesDiskEncryptionSet.py
checkov/terraform/checks/resource/azure/APIManagementCertsEnforced.py
checkov/terraform/checks/resource/azure/APIManagementMinTLS12.py
checkov/terraform/checks/resource/azure/APIManagementPublicAccess.py
checkov/terraform/checks/resource/azure/APIServicesUseVirtualNetwork.py
checkov/terraform/checks/resource/azure/ActiveDirectoryUsedAuthenticationServiceFabric.py
checkov/terraform/checks/resource/azure/AppConfigEncryption.py
checkov/terraform/checks/resource/azure/AppConfigLocalAuth.py
checkov/terraform/checks/resource/azure/AppConfigPublicAccess.py
checkov/terraform/checks/resource/azure/AppConfigPurgeProtection.py
checkov/terraform/checks/resource/azure/AppConfigSku.py
checkov/terraform/checks/resource/azure/AppGWUseWAFMode.py
checkov/terraform/checks/resource/azure/AppGatewayWAFACLCVE202144228.py
checkov/terraform/checks/resource/azure/AppServiceAuthentication.py
checkov/terraform/checks/resource/azure/AppServiceClientCertificate.py
checkov/terraform/checks/resource/azure/AppServiceDetailedErrorMessagesEnabled.py
checkov/terraform/checks/resource/azure/AppServiceDisallowCORS.py
checkov/terraform/checks/resource/azure/AppServiceDotnetFrameworkVersion.py
checkov/terraform/checks/resource/azure/AppServiceEnableFailedRequest.py
checkov/terraform/checks/resource/azure/AppServiceFTPSState.py
checkov/terraform/checks/resource/azure/AppServiceHTTPSOnly.py
checkov/terraform/checks/resource/azure/AppServiceHttpLoggingEnabled.py
checkov/terraform/checks/resource/azure/AppServiceHttps20Enabled.py
checkov/terraform/checks/resource/azure/AppServiceIdentity.py
checkov/terraform/checks/resource/azure/AppServiceIdentityProviderEnabled.py
checkov/terraform/checks/resource/azure/AppServiceJavaVersion.py
checkov/terraform/checks/resource/azure/AppServiceMinTLSVersion.py
checkov/terraform/checks/resource/azure/AppServicePHPVersion.py
checkov/terraform/checks/resource/azure/AppServicePythonVersion.py
checkov/terraform/checks/resource/azure/AppServiceSlotDebugDisabled.py
checkov/terraform/checks/resource/azure/AppServiceSlotHTTPSOnly.py
checkov/terraform/checks/resource/azure/AppServiceSlotMinTLS.py
checkov/terraform/checks/resource/azure/AppServiceUsedAzureFiles.py
checkov/terraform/checks/resource/azure/AutomationEncrypted.py
checkov/terraform/checks/resource/azure/AzureBatchAccountUsesKeyVaultEncryption.py
checkov/terraform/checks/resource/azure/AzureContainerGroupDeployedIntoVirtualNetwork.py
checkov/terraform/checks/resource/azure/AzureDataExplorerDoubleEncryptionEnabled.py
checkov/terraform/checks/resource/azure/AzureDefenderOnAppServices.py
checkov/terraform/checks/resource/azure/AzureDefenderOnContainerRegistry.py
checkov/terraform/checks/resource/azure/AzureDefenderOnKeyVaults.py
checkov/terraform/checks/resource/azure/AzureDefenderOnKubernetes.py
checkov/terraform/checks/resource/azure/AzureDefenderOnServers.py
checkov/terraform/checks/resource/azure/AzureDefenderOnSqlServerVMS.py
checkov/terraform/checks/resource/azure/AzureDefenderOnSqlServers.py
checkov/terraform/checks/resource/azure/AzureDefenderOnStorage.py
checkov/terraform/checks/resource/azure/AzureFrontDoorEnablesWAF.py
checkov/terraform/checks/resource/azure/AzureInstanceExtensions.py
checkov/terraform/checks/resource/azure/AzureInstancePassword.py
checkov/terraform/checks/resource/azure/AzureManagedDiskEncryption.py
checkov/terraform/checks/resource/azure/AzureManagedDiskEncryptionSet.py
checkov/terraform/checks/resource/azure/AzureScaleSetPassword.py
checkov/terraform/checks/resource/azure/AzureSearchPublicNetworkAccessDisabled.py
checkov/terraform/checks/resource/azure/AzureServiceFabricClusterProtectionLevel.py
checkov/terraform/checks/resource/azure/CognitiveServicesDisablesPublicNetwork.py
checkov/terraform/checks/resource/azure/CosmosDBAccountsRestrictedAccess.py
checkov/terraform/checks/resource/azure/CosmosDBDisableAccessKeyWrite.py
checkov/terraform/checks/resource/azure/CosmosDBDisablesPublicNetwork.py
checkov/terraform/checks/resource/azure/CosmosDBHaveCMK.py
checkov/terraform/checks/resource/azure/CosmosDBLocalAuthDisabled.py
checkov/terraform/checks/resource/azure/CutsomRoleDefinitionSubscriptionOwner.py
checkov/terraform/checks/resource/azure/DataExplorerSKUHasSLA.py
checkov/terraform/checks/resource/azure/DataExplorerServiceIdentity.py
checkov/terraform/checks/resource/azure/DataExplorerUsesDiskEncryption.py
checkov/terraform/checks/resource/azure/DataFactoryNoPublicNetworkAccess.py
checkov/terraform/checks/resource/azure/DataFactoryUsesGitRepository.py
checkov/terraform/checks/resource/azure/DataLakeStoreEncryption.py
checkov/terraform/checks/resource/azure/DatabricksWorkspaceIsNotPublic.py
checkov/terraform/checks/resource/azure/EventgridDomainNetworkAccess.py
checkov/terraform/checks/resource/azure/FrontDoorWAFACLCVE202144228.py
checkov/terraform/checks/resource/azure/FrontdoorUseWAFMode.py
checkov/terraform/checks/resource/azure/FunctionAppDisallowCORS.py
checkov/terraform/checks/resource/azure/FunctionAppEnableLogging.py
checkov/terraform/checks/resource/azure/FunctionAppHttpVersionLatest.py
checkov/terraform/checks/resource/azure/FunctionAppMinTLSVersion.py
checkov/terraform/checks/resource/azure/FunctionAppsAccessibleOverHttps.py
checkov/terraform/checks/resource/azure/FunctionAppsEnableAuthentication.py
checkov/terraform/checks/resource/azure/IoTNoPublicNetworkAccess.py
checkov/terraform/checks/resource/azure/KeyBackedByHSM.py
checkov/terraform/checks/resource/azure/KeyExpirationDate.py
checkov/terraform/checks/resource/azure/KeyVaultEnablesFirewallRulesSettings.py
checkov/terraform/checks/resource/azure/KeyVaultEnablesPurgeProtection.py
checkov/terraform/checks/resource/azure/KeyVaultEnablesSoftDelete.py
checkov/terraform/checks/resource/azure/KeyvaultRecoveryEnabled.py
checkov/terraform/checks/resource/azure/LinuxVMUsesSSH.py
checkov/terraform/checks/resource/azure/MLCCLADisabled.py
checkov/terraform/checks/resource/azure/MLComputeClusterMinNodes.py
checkov/terraform/checks/resource/azure/MLPublicAccess.py
checkov/terraform/checks/resource/azure/MSSQLServerAuditPolicyLogMonitor.py
checkov/terraform/checks/resource/azure/MSSQLServerMinTLSVersion.py
checkov/terraform/checks/resource/azure/MariaDBGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/MariaDBPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/MariaDBSSLEnforcementEnabled.py
checkov/terraform/checks/resource/azure/MonitorLogProfileCategories.py
checkov/terraform/checks/resource/azure/MonitorLogProfileRetentionDays.py
checkov/terraform/checks/resource/azure/MySQLEncryptionEnaled.py
checkov/terraform/checks/resource/azure/MySQLGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/MySQLPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/MySQLServerMinTLSVersion.py
checkov/terraform/checks/resource/azure/MySQLServerSSLEnforcementEnabled.py
checkov/terraform/checks/resource/azure/MySQLTreatDetectionEnabled.py
checkov/terraform/checks/resource/azure/NSGRuleHTTPAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRulePortAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRuleRDPAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRuleSSHAccessRestricted.py
checkov/terraform/checks/resource/azure/NSGRuleUDPAccessRestricted.py
checkov/terraform/checks/resource/azure/NetworkInterfaceEnableIPForwarding.py
checkov/terraform/checks/resource/azure/NetworkWatcherFlowLogPeriod.py
checkov/terraform/checks/resource/azure/PostgreSQLEncryptionEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLFlexiServerGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLMinTLSVersion.py
checkov/terraform/checks/resource/azure/PostgreSQLServerConnectionThrottlingEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerLogCheckpointsEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerLogConnectionsEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerLogRetentionEnabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/PostgreSQLServerSSLEnforcementEnabled.py
checkov/terraform/checks/resource/azure/PostgresSQLTreatDetectionEnabled.py
checkov/terraform/checks/resource/azure/PostgressSQLGeoBackupEnabled.py
checkov/terraform/checks/resource/azure/PubsubSKUSLA.py
checkov/terraform/checks/resource/azure/PubsubSpecifyIdentity.py
checkov/terraform/checks/resource/azure/RedisCacheEnableNonSSLPort.py
checkov/terraform/checks/resource/azure/RedisCacheMinTLSVersion.py
checkov/terraform/checks/resource/azure/RedisCachePublicNetworkAccessEnabled.py
checkov/terraform/checks/resource/azure/RemoteDebggingNotEnabled.py
checkov/terraform/checks/resource/azure/SQLServerEmailAlertsEnabled.py
checkov/terraform/checks/resource/azure/SQLServerEmailAlertsToAdminsEnabled.py
checkov/terraform/checks/resource/azure/SQLServerNoPublicAccess.py
checkov/terraform/checks/resource/azure/SQLServerPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/SQLServerThreatDetectionTypes.py
checkov/terraform/checks/resource/azure/SecretContentType.py
checkov/terraform/checks/resource/azure/SecretExpirationDate.py
checkov/terraform/checks/resource/azure/SecurityCenterContactEmailAlert.py
checkov/terraform/checks/resource/azure/SecurityCenterContactEmailAlertAdmins.py
checkov/terraform/checks/resource/azure/SecurityCenterContactEmails.py
checkov/terraform/checks/resource/azure/SecurityCenterContactPhone.py
checkov/terraform/checks/resource/azure/SecurityCenterStandardPricing.py
checkov/terraform/checks/resource/azure/SpringCloudAPIPortalHTTPSOnly.py
checkov/terraform/checks/resource/azure/SpringCloudAPIPortalPublicAccessIsDisabled.py
checkov/terraform/checks/resource/azure/StorageAccountAzureServicesAccessEnabled.py
checkov/terraform/checks/resource/azure/StorageAccountDefaultNetworkAccessDeny.py
checkov/terraform/checks/resource/azure/StorageAccountDisablePublicAccess.py
checkov/terraform/checks/resource/azure/StorageAccountLoggingQueueServiceEnabled.py
checkov/terraform/checks/resource/azure/StorageAccountMinimumTlsVersion.py
checkov/terraform/checks/resource/azure/StorageAccountName.py
checkov/terraform/checks/resource/azure/StorageAccountsTransportEncryption.py
checkov/terraform/checks/resource/azure/StorageBlobServiceContainerPrivateAccess.py
checkov/terraform/checks/resource/azure/StorageSyncPublicAccessDisabled.py
checkov/terraform/checks/resource/azure/SynapseWorkspaceEnablesDataExfilProtection.py
checkov/terraform/checks/resource/azure/SynapseWorkspaceEnablesManagedVirtualNetworks.py
checkov/terraform/checks/resource/azure/VMAgentIsInstalled.py
checkov/terraform/checks/resource/azure/VMCredsInCustomData.py
checkov/terraform/checks/resource/azure/VMDisablePasswordAuthentication.py
checkov/terraform/checks/resource/azure/VMEncryptionAtHostEnabled.py
checkov/terraform/checks/resource/azure/VMScaleSetsAutoOSImagePatchingEnabled.py
checkov/terraform/checks/resource/azure/VMStorageOsDisk.py
checkov/terraform/checks/resource/azure/VnetLocalDNS.py
checkov/terraform/checks/resource/azure/VnetSingleDNSServer.py
checkov/terraform/checks/resource/azure/WinVMAutomaticUpdates.py
checkov/terraform/checks/resource/azure/WinVMEncryptionAtHost.py
checkov/terraform/checks/resource/azure/__init__.py
checkov/terraform/checks/resource/digitalocean/DropletSSHKeys.py
checkov/terraform/checks/resource/digitalocean/FirewallIngressOpen.py
checkov/terraform/checks/resource/digitalocean/SpacesBucketPublicRead.py
checkov/terraform/checks/resource/digitalocean/SpacesBucketVersioning.py
checkov/terraform/checks/resource/digitalocean/__init__.py
checkov/terraform/checks/resource/gcp/AbsGoogleComputeFirewallUnrestrictedIngress.py
checkov/terraform/checks/resource/gcp/AbsGoogleIAMMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/AbsGoogleImpersonationRoles.py
checkov/terraform/checks/resource/gcp/AbsGooglePostgresqlDatabaseFlags.py
checkov/terraform/checks/resource/gcp/ArtifactRegistryPrivateRepo.py
checkov/terraform/checks/resource/gcp/ArtifactRegsitryEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/BigQueryDatasetEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/BigQueryPrivateTable.py
checkov/terraform/checks/resource/gcp/BigQueryTableEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/BigTableInstanceEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/CloudArmorWAFACLCVE202144228.py
checkov/terraform/checks/resource/gcp/CloudBuildWorkersArePrivate.py
checkov/terraform/checks/resource/gcp/CloudFunctionsShouldNotBePublic.py
checkov/terraform/checks/resource/gcp/CloudPubSubEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/CloudSqlMajorVersion.py
checkov/terraform/checks/resource/gcp/CloudStorageLogging.py
checkov/terraform/checks/resource/gcp/CloudStorageSelfLogging.py
checkov/terraform/checks/resource/gcp/CloudStorageVersioningEnabled.py
checkov/terraform/checks/resource/gcp/DataFusionPrivateInstance.py
checkov/terraform/checks/resource/gcp/DataFusionStackdriverLogs.py
checkov/terraform/checks/resource/gcp/DataFusionStackdriverMonitoring.py
checkov/terraform/checks/resource/gcp/DataflowJobEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/DataflowPrivateJob.py
checkov/terraform/checks/resource/gcp/DataprocClusterEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/DataprocPrivateCluster.py
checkov/terraform/checks/resource/gcp/DataprocPublicIpCluster.py
checkov/terraform/checks/resource/gcp/GCPCloudRunPrivateService.py
checkov/terraform/checks/resource/gcp/GKEAliasIpEnabled.py
checkov/terraform/checks/resource/gcp/GKEBasicAuth.py
checkov/terraform/checks/resource/gcp/GKEBinaryAuthorization.py
checkov/terraform/checks/resource/gcp/GKEClientCertificateDisabled.py
checkov/terraform/checks/resource/gcp/GKEClusterLogging.py
checkov/terraform/checks/resource/gcp/GKEDisableLegacyAuth.py
checkov/terraform/checks/resource/gcp/GKEEnableShieldedNodes.py
checkov/terraform/checks/resource/gcp/GKEEnableVPCFlowLogs.py
checkov/terraform/checks/resource/gcp/GKEEnsureIntegrityMonitoring.py
checkov/terraform/checks/resource/gcp/GKEHasLabels.py
checkov/terraform/checks/resource/gcp/GKEKubernetesRBACGoogleGroups.py
checkov/terraform/checks/resource/gcp/GKELegacyInstanceMetadataDisabled.py
checkov/terraform/checks/resource/gcp/GKEMasterAuthorizedNetworksEnabled.py
checkov/terraform/checks/resource/gcp/GKEMetadataServerIsEnabled.py
checkov/terraform/checks/resource/gcp/GKEMonitoringEnabled.py
checkov/terraform/checks/resource/gcp/GKENetworkPolicyEnabled.py
checkov/terraform/checks/resource/gcp/GKENodePoolAutoRepairEnabled.py
checkov/terraform/checks/resource/gcp/GKENodePoolAutoUpgradeEnabled.py
checkov/terraform/checks/resource/gcp/GKEPodSecurityPolicyEnabled.py
checkov/terraform/checks/resource/gcp/GKEPrivateClusterConfig.py
checkov/terraform/checks/resource/gcp/GKEPrivateNodes.py
checkov/terraform/checks/resource/gcp/GKEPublicControlPlane.py
checkov/terraform/checks/resource/gcp/GKEReleaseChannel.py
checkov/terraform/checks/resource/gcp/GKESecureBootforShieldedNodes.py
checkov/terraform/checks/resource/gcp/GKEUseCosImage.py
checkov/terraform/checks/resource/gcp/GoogleBigQueryDatasetPublicACL.py
checkov/terraform/checks/resource/gcp/GoogleCloudDNSKeySpecsRSASHA1.py
checkov/terraform/checks/resource/gcp/GoogleCloudDNSSECEnabled.py
checkov/terraform/checks/resource/gcp/GoogleCloudMySqlLocalInfileOff.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlEnablePgaudit.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogCheckpoints.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogConnection.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogDisconnection.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogHostname.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogLockWaits.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogMinDuration.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogMinErrorStatement.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogMinMessage.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogStatement.py
checkov/terraform/checks/resource/gcp/GoogleCloudPostgreSqlLogTemp.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlBackupConfiguration.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlDatabasePubliclyAccessible.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlDatabaseRequireSsl.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlServerContainedDBAuthentication.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlServerCrossDBOwnershipChaining.py
checkov/terraform/checks/resource/gcp/GoogleCloudSqlServerNoPublicIP.py
checkov/terraform/checks/resource/gcp/GoogleComputeBlockProjectSSH.py
checkov/terraform/checks/resource/gcp/GoogleComputeBootDiskEncryption.py
checkov/terraform/checks/resource/gcp/GoogleComputeDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleComputeDefaultServiceAccountFullAccess.py
checkov/terraform/checks/resource/gcp/GoogleComputeDiskEncryption.py
checkov/terraform/checks/resource/gcp/GoogleComputeExternalIP.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress20.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress21.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress22.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress3306.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress3389.py
checkov/terraform/checks/resource/gcp/GoogleComputeFirewallUnrestrictedIngress80.py
checkov/terraform/checks/resource/gcp/GoogleComputeIPForward.py
checkov/terraform/checks/resource/gcp/GoogleComputeInstanceOSLogin.py
checkov/terraform/checks/resource/gcp/GoogleComputeProjectOSLogin.py
checkov/terraform/checks/resource/gcp/GoogleComputeSSLPolicy.py
checkov/terraform/checks/resource/gcp/GoogleComputeSerialPorts.py
checkov/terraform/checks/resource/gcp/GoogleComputeShieldedVM.py
checkov/terraform/checks/resource/gcp/GoogleFolderImpersonationRole.py
checkov/terraform/checks/resource/gcp/GoogleFolderMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleKMSPreventDestroy.py
checkov/terraform/checks/resource/gcp/GoogleKMSRotationPeriod.py
checkov/terraform/checks/resource/gcp/GoogleOrgImpersonationRole.py
checkov/terraform/checks/resource/gcp/GoogleOrgMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleProjectAdminServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleProjectDefaultNetwork.py
checkov/terraform/checks/resource/gcp/GoogleProjectImpersonationRole.py
checkov/terraform/checks/resource/gcp/GoogleProjectMemberDefaultServiceAccount.py
checkov/terraform/checks/resource/gcp/GoogleRoleServiceAccountUser.py
checkov/terraform/checks/resource/gcp/GoogleStorageBucketNotPublic.py
checkov/terraform/checks/resource/gcp/GoogleStorageBucketUniformAccess.py
checkov/terraform/checks/resource/gcp/GoogleSubnetworkIPV6PrivateGoogleEnabled.py
checkov/terraform/checks/resource/gcp/GoogleSubnetworkLoggingEnabled.py
checkov/terraform/checks/resource/gcp/GoogleSubnetworkPrivateGoogleEnabled.py
checkov/terraform/checks/resource/gcp/MemorystoreForRedisAuthEnabled.py
checkov/terraform/checks/resource/gcp/MemorystoreForRedisInTransitEncryption.py
checkov/terraform/checks/resource/gcp/PubSubPrivateTopic.py
checkov/terraform/checks/resource/gcp/SpannerDatabaseEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/VertexAIDatasetEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/VertexAIMetadataStoreEncryptedWithCMK.py
checkov/terraform/checks/resource/gcp/VertexAIPrivateInstance.py
checkov/terraform/checks/resource/gcp/__init__.py
checkov/terraform/checks/resource/github/BranchProtectionRequireSignedCommits.py
checkov/terraform/checks/resource/github/BranchProtectionReviewNumTwo.py
checkov/terraform/checks/resource/github/PrivateRepo.py
checkov/terraform/checks/resource/github/RepositoryEnableVulnerabilityAlerts.py
checkov/terraform/checks/resource/github/SecretsEncrypted.py
checkov/terraform/checks/resource/github/WebhookInsecureSsl.py
checkov/terraform/checks/resource/github/__init__.py
checkov/terraform/checks/resource/gitlab/ForcePushDisabled.py
checkov/terraform/checks/resource/gitlab/PreventSecretsEnabled.py
checkov/terraform/checks/resource/gitlab/RejectUnsignedCommits.py
checkov/terraform/checks/resource/gitlab/RequireTwoApprovalsToMerge.py
checkov/terraform/checks/resource/gitlab/__init__.py
checkov/terraform/checks/resource/kubernetes/AllowPrivilegeEscalation.py
checkov/terraform/checks/resource/kubernetes/AllowPrivilegeEscalationPSP.py
checkov/terraform/checks/resource/kubernetes/AllowedCapabilities.py
checkov/terraform/checks/resource/kubernetes/AllowedCapabilitiesPSP.py
checkov/terraform/checks/resource/kubernetes/AllowedCapabilitiesSysAdmin.py
checkov/terraform/checks/resource/kubernetes/CPULimits.py
checkov/terraform/checks/resource/kubernetes/CPURequests.py
checkov/terraform/checks/resource/kubernetes/ContainerSecurityContext.py
checkov/terraform/checks/resource/kubernetes/DefaultNamespace.py
checkov/terraform/checks/resource/kubernetes/DefaultServiceAccount.py
checkov/terraform/checks/resource/kubernetes/DefaultServiceAccountBinding.py
checkov/terraform/checks/resource/kubernetes/DockerSocketVolume.py
checkov/terraform/checks/resource/kubernetes/DropCapabilities.py
checkov/terraform/checks/resource/kubernetes/DropCapabilitiesPSP.py
checkov/terraform/checks/resource/kubernetes/HostPort.py
checkov/terraform/checks/resource/kubernetes/ImageDigest.py
checkov/terraform/checks/resource/kubernetes/ImagePullPolicyAlways.py
checkov/terraform/checks/resource/kubernetes/ImageTagFixed.py
checkov/terraform/checks/resource/kubernetes/LivenessProbe.py
checkov/terraform/checks/resource/kubernetes/MemoryLimits.py
checkov/terraform/checks/resource/kubernetes/MemoryRequests.py
checkov/terraform/checks/resource/kubernetes/MinimiseCapabilities.py
checkov/terraform/checks/resource/kubernetes/MinimiseCapabilitiesPSP.py
checkov/terraform/checks/resource/kubernetes/PodSecurityContext.py
checkov/terraform/checks/resource/kubernetes/PrivilegedContainer.py
checkov/terraform/checks/resource/kubernetes/PrivilegedContainerPSP.py
checkov/terraform/checks/resource/kubernetes/ReadinessProbe.py
checkov/terraform/checks/resource/kubernetes/ReadonlyRootFilesystem.py
checkov/terraform/checks/resource/kubernetes/RootContainerPSP.py
checkov/terraform/checks/resource/kubernetes/SeccompPSP.py
checkov/terraform/checks/resource/kubernetes/Secrets.py
checkov/terraform/checks/resource/kubernetes/ShareHostIPC.py
checkov/terraform/checks/resource/kubernetes/ShareHostIPCPSP.py
checkov/terraform/checks/resource/kubernetes/ShareHostPID.py
checkov/terraform/checks/resource/kubernetes/ShareHostPIDPSP.py
checkov/terraform/checks/resource/kubernetes/SharedHostNetworkNamespace.py
checkov/terraform/checks/resource/kubernetes/SharedHostNetworkNamespacePSP.py
checkov/terraform/checks/resource/kubernetes/Tiller.py
checkov/terraform/checks/resource/kubernetes/TillerService.py
checkov/terraform/checks/resource/kubernetes/WildcardRoles.py
checkov/terraform/checks/resource/kubernetes/__init__.py
checkov/terraform/checks/resource/linode/__init__.py
checkov/terraform/checks/resource/linode/authorized_keys.py
checkov/terraform/checks/resource/linode/firewall_inbound_policy.py
checkov/terraform/checks/resource/linode/firewall_outbound_policy.py
checkov/terraform/checks/resource/linode/user_email_set.py
checkov/terraform/checks/resource/linode/user_username_set.py
checkov/terraform/checks/resource/ncp/AccessControlGroupInboundRule.py
checkov/terraform/checks/resource/ncp/AccessControlGroupInboundRulePort22.py
checkov/terraform/checks/resource/ncp/AccessControlGroupInboundRulePort3389.py
checkov/terraform/checks/resource/ncp/AccessControlGroupInboundRulePort80.py
checkov/terraform/checks/resource/ncp/AccessControlGroupOutboundRule.py
checkov/terraform/checks/resource/ncp/AccessControlGroupRuleDescription.py
checkov/terraform/checks/resource/ncp/LBListenerUsesSecureProtocols.py
checkov/terraform/checks/resource/ncp/LBListenerUsingHTTPS.py
checkov/terraform/checks/resource/ncp/LBNetworkPrivate.py
checkov/terraform/checks/resource/ncp/LBTargetGroupDefinesHealthCheck.py
checkov/terraform/checks/resource/ncp/LBTargetGroupUsingHTTPS.py
checkov/terraform/checks/resource/ncp/LaunchConfigurationEncryptionVPC.py
checkov/terraform/checks/resource/ncp/NACLInbound20.py
checkov/terraform/checks/resource/ncp/NACLInbound21.py
checkov/terraform/checks/resource/ncp/NACLInbound22.py
checkov/terraform/checks/resource/ncp/NACLInbound3389.py
checkov/terraform/checks/resource/ncp/NACLInboundCheck.py
checkov/terraform/checks/resource/ncp/NACLPortCheck.py
checkov/terraform/checks/resource/ncp/NASEncryptionEnabled.py
checkov/terraform/checks/resource/ncp/NKSControlPlaneLogging.py
checkov/terraform/checks/resource/ncp/NKSPublicAccess.py
checkov/terraform/checks/resource/ncp/RouteTableNATGatewayDefault.py
checkov/terraform/checks/resource/ncp/ServerEncryptionVPC.py
checkov/terraform/checks/resource/ncp/ServerPublicIP.py
checkov/terraform/checks/resource/ncp/__init__.py
checkov/terraform/checks/resource/oci/AbsSecurityGroupUnrestrictedIngress.py
checkov/terraform/checks/resource/oci/AbsSecurityListUnrestrictedIngress.py
checkov/terraform/checks/resource/oci/FileSystemEncryption.py
checkov/terraform/checks/resource/oci/IAMPasswordLength.py
checkov/terraform/checks/resource/oci/IAMPasswordPolicyLowerCase.py
checkov/terraform/checks/resource/oci/IAMPasswordPolicyNumeric.py
checkov/terraform/checks/resource/oci/IAMPasswordPolicySpecialCharacters.py
checkov/terraform/checks/resource/oci/IAMPasswordPolicyUpperCase.py
checkov/terraform/checks/resource/oci/InstanceBootVolumeIntransitEncryption.py
checkov/terraform/checks/resource/oci/InstanceMetadataServiceEnabled.py
checkov/terraform/checks/resource/oci/InstanceMonitoringEnabled.py
checkov/terraform/checks/resource/oci/ObjectStorageEmitEvents.py
checkov/terraform/checks/resource/oci/ObjectStorageEncryption.py
checkov/terraform/checks/resource/oci/ObjectStoragePublic.py
checkov/terraform/checks/resource/oci/ObjectStorageVersioning.py
checkov/terraform/checks/resource/oci/SecurityGroupUnrestrictedIngress22.py
checkov/terraform/checks/resource/oci/SecurityGroupsIngressStatelessSecurityRules.py
checkov/terraform/checks/resource/oci/SecurityListIngress.py
checkov/terraform/checks/resource/oci/SecurityListIngressStateless.py
checkov/terraform/checks/resource/oci/SecurityListUnrestrictedIngress22.py
checkov/terraform/checks/resource/oci/SecurityListUnrestrictedIngress3389.py
checkov/terraform/checks/resource/oci/StorageBlockBackupEnabled.py
checkov/terraform/checks/resource/oci/StorageBlockEncryption.py
checkov/terraform/checks/resource/oci/__init__.py
checkov/terraform/checks/resource/openstack/AbsSecurityGroupUnrestrictedIngress.py
checkov/terraform/checks/resource/openstack/ComputeInstanceAdminPassword.py
checkov/terraform/checks/resource/openstack/FirewallRuleSetDestinationIP.py
checkov/terraform/checks/resource/openstack/SecurityGroupUnrestrictedIngress22.py
checkov/terraform/checks/resource/openstack/SecurityGroupUnrestrictedIngress3389.py
checkov/terraform/checks/resource/openstack/__init__.py
checkov/terraform/checks/resource/panos/InterfaceMgmtProfileNoHTTP.py
checkov/terraform/checks/resource/panos/InterfaceMgmtProfileNoTelnet.py
checkov/terraform/checks/resource/panos/NetworkIPsecAlgorithms.py
checkov/terraform/checks/resource/panos/NetworkIPsecAuthAlgorithms.py
checkov/terraform/checks/resource/panos/NetworkIPsecProtocols.py
checkov/terraform/checks/resource/panos/PolicyDescription.py
checkov/terraform/checks/resource/panos/PolicyLogForwarding.py
checkov/terraform/checks/resource/panos/PolicyLoggingEnabled.py
checkov/terraform/checks/resource/panos/PolicyNoApplicationAny.py
checkov/terraform/checks/resource/panos/PolicyNoDSRI.py
checkov/terraform/checks/resource/panos/PolicyNoServiceAny.py
checkov/terraform/checks/resource/panos/PolicyNoSrcAnyDstAny.py
checkov/terraform/checks/resource/panos/ZoneProtectionProfile.py
checkov/terraform/checks/resource/panos/ZoneUserIDIncludeACL.py
checkov/terraform/checks/resource/panos/__init__.py
checkov/terraform/checks/resource/yandexcloud/ComputeInstanceGroupPublicIP.py
checkov/terraform/checks/resource/yandexcloud/ComputeInstanceGroupSecurityGroup.py
checkov/terraform/checks/resource/yandexcloud/ComputeVMPublicIP.py
checkov/terraform/checks/resource/yandexcloud/ComputeVMSecurityGroup.py
checkov/terraform/checks/resource/yandexcloud/ComputeVMSerialConsole.py
checkov/terraform/checks/resource/yandexcloud/IAMCloudElevatedMembers.py
checkov/terraform/checks/resource/yandexcloud/IAMFolderElevatedMembers.py
checkov/terraform/checks/resource/yandexcloud/IAMOrganizationElevatedMembers.py
checkov/terraform/checks/resource/yandexcloud/IAMPassportAccountUsage.py
checkov/terraform/checks/resource/yandexcloud/K8SAutoUpgrade.py
checkov/terraform/checks/resource/yandexcloud/K8SEtcdKMSEncryption.py
checkov/terraform/checks/resource/yandexcloud/K8SNetworkPolicy.py
checkov/terraform/checks/resource/yandexcloud/K8SNodeGroupAutoUpgrade.py
checkov/terraform/checks/resource/yandexcloud/K8SNodeGroupPublicIP.py
checkov/terraform/checks/resource/yandexcloud/K8SNodeGroupSecurityGroup.py
checkov/terraform/checks/resource/yandexcloud/K8SPublicIP.py
checkov/terraform/checks/resource/yandexcloud/K8SSecurityGroup.py
checkov/terraform/checks/resource/yandexcloud/KMSSymmetricKeyRotation.py
checkov/terraform/checks/resource/yandexcloud/MDBPublicIP.py
checkov/terraform/checks/resource/yandexcloud/MDBSecurityGroup.py
checkov/terraform/checks/resource/yandexcloud/ObjectStorageBucketEncryption.py
checkov/terraform/checks/resource/yandexcloud/ObjectStorageBucketPublicAccess.py
checkov/terraform/checks/resource/yandexcloud/VPCSecurityGroupAllowAll.py
checkov/terraform/checks/resource/yandexcloud/VPCSecurityGroupRuleAllowAll.py
checkov/terraform/checks/resource/yandexcloud/__init__.py
checkov/terraform/checks/utils/__init__.py
checkov/terraform/checks/utils/consts.py
checkov/terraform/checks/utils/dependency_path_handler.py
checkov/terraform/checks/utils/iam_terraform_document_to_policy_converter.py
checkov/terraform/context_parsers/__init__.py
checkov/terraform/context_parsers/base_parser.py
checkov/terraform/context_parsers/registry.py
checkov/terraform/context_parsers/parsers/__init__.py
checkov/terraform/context_parsers/parsers/data_context_parser.py
checkov/terraform/context_parsers/parsers/locals_context_parser.py
checkov/terraform/context_parsers/parsers/module_context_parser.py
checkov/terraform/context_parsers/parsers/provider_context_parser.py
checkov/terraform/context_parsers/parsers/resource_context_parser.py
checkov/terraform/context_parsers/parsers/variable_context_parser.py
checkov/terraform/context_parsers/tf_plan/__init__.py
checkov/terraform/evaluation/__init__.py
checkov/terraform/evaluation/base_variable_evaluation.py
checkov/terraform/graph_builder/__init__.py
checkov/terraform/graph_builder/graph_to_tf_definitions.py
checkov/terraform/graph_builder/local_graph.py
checkov/terraform/graph_builder/utils.py
checkov/terraform/graph_builder/graph_components/__init__.py
checkov/terraform/graph_builder/graph_components/attribute_names.py
checkov/terraform/graph_builder/graph_components/block_types.py
checkov/terraform/graph_builder/graph_components/blocks.py
checkov/terraform/graph_builder/graph_components/generic_resource_encryption.py
checkov/terraform/graph_builder/graph_components/module.py
checkov/terraform/graph_builder/variable_rendering/__init__.py
checkov/terraform/graph_builder/variable_rendering/evaluate_terraform.py
checkov/terraform/graph_builder/variable_rendering/renderer.py
checkov/terraform/graph_builder/variable_rendering/safe_eval_functions.py
checkov/terraform/graph_builder/variable_rendering/vertex_reference.py
checkov/terraform/image_referencer/__init__.py
checkov/terraform/image_referencer/base_provider.py
checkov/terraform/image_referencer/manager.py
checkov/terraform/image_referencer/provider/__init__.py
checkov/terraform/image_referencer/provider/aws.py
checkov/terraform/image_referencer/provider/azure.py
checkov/terraform/module_loading/__init__.py
checkov/terraform/module_loading/content.py
checkov/terraform/module_loading/loader.py
checkov/terraform/module_loading/module_finder.py
checkov/terraform/module_loading/module_params.py
checkov/terraform/module_loading/registry.py
checkov/terraform/module_loading/loaders/__init__.py
checkov/terraform/module_loading/loaders/bitbucket_access_token_loader.py
checkov/terraform/module_loading/loaders/bitbucket_loader.py
checkov/terraform/module_loading/loaders/git_loader.py
checkov/terraform/module_loading/loaders/github_access_token_loader.py
checkov/terraform/module_loading/loaders/github_loader.py
checkov/terraform/module_loading/loaders/local_path_loader.py
checkov/terraform/module_loading/loaders/registry_loader.py
checkov/terraform/module_loading/loaders/versions_parser.py
checkov/terraform/tag_providers/__init__.py
checkov/terraform/tag_providers/aws.py
checkov/terraform/tag_providers/azure.py
checkov/terraform/tag_providers/gcp.py
checkov/yaml_doc/__init__.py
checkov/yaml_doc/base_registry.py
checkov/yaml_doc/base_yaml_check.py
checkov/yaml_doc/enums.py
checkov/yaml_doc/registry.py
checkov/yaml_doc/runner.py
flake8_plugins/__init__.py
flake8_plugins/flake8_class_attributes_plugin/__init__.py
flake8_plugins/flake8_class_attributes_plugin/flake8_class_attributes/__init__.py
flake8_plugins/flake8_class_attributes_plugin/flake8_class_attributes/checker.py
flake8_plugins/flake8_class_attributes_plugin/flake8_class_attributes/class_members_errors.py
flake8_plugins/flake8_class_attributes_plugin/flake8_class_attributes/model_parts_info.py
flake8_plugins/flake8_class_attributes_plugin/tests/__init__.py
flake8_plugins/flake8_class_attributes_plugin/tests/conftest.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_handler.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_files/__init__.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_files/class_attribute_fail.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_files/class_const_pass.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_files/class_special_attributes_pass.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_files/dataclass_skip.py
flake8_plugins/flake8_class_attributes_plugin/tests/test_files/typing_class_skip.py
performance_tests/__init__.py
performance_tests/test_checkov_performance.py