IaC Scanning with Checkmarx KICS

Implement DevSecOps GHAS Demo Features with Intentional Vulnerabilities #106

Sign in to view logs

Re-run triggered June 26, 2025 17:51

CalinL

#83

copilot/fix-82

Status Success

Total duration 58s

Artifacts –

IACS-Checkmarx-kics.yml

on: pull_request

Annotations

10 warnings

[MEDIUM] App Service Authentication Disabled: terraform/azure/app_service.tf#L12

Azure App Service authentication settings should be enabled

[MEDIUM] AKS RBAC Disabled: terraform/azure/aks.tf#L23

Azure Container Service (AKS) instance should have role-based access control (RBAC) enabled

[MEDIUM] AKS Private Cluster Disabled: terraform/azure/aks.tf#L1

Azure Kubernetes Service (AKS) API should not be exposed to the internet

[MEDIUM] AD Admin Not Configured For SQL Server: terraform/azure/sql.tf#L9

The Active Directory Administrator is not configured for a SQL server

[HIGH] Passwords And Secrets - Generic Password: terraform/azure/sql.tf#L41

Query to find passwords and secrets in infrastructure code.

[HIGH] Passwords And Secrets - Generic Password: terraform/azure/sql.tf#L15

Query to find passwords and secrets in infrastructure code.

[HIGH] Passwords And Secrets - Generic Password: terraform/azure/instance.tf#L36

Query to find passwords and secrets in infrastructure code.

[HIGH] Passwords And Secrets - Generic Password: terraform/azure/sql.tf#L64

Query to find passwords and secrets in infrastructure code.

[HIGH] Passwords And Secrets - Generic Password: terraform/azure/instance.tf#L11

Query to find passwords and secrets in infrastructure code.

[HIGH] MySQL Server Public Access Enabled: terraform/azure/sql.tf#L50

MySQL Server public access should be disabled