File size: 678 Bytes
7c19d46 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | # =============================================================================
# Checkov Configuration — IaC Security Scanning
# =============================================================================
# checkov.yml
branch: main
compact: true
directory:
- terraform/
- k8s/
- docker/
framework:
- terraform
- kubernetes
- dockerfile
- arm
- cloudformation
skip_check:
# Skip checks that have compensating controls:
- CKV_AWS_79 # EKS public endpoint (we use private)
- CKV_K8S_21 # Default namespace (we enforce via Kyverno)
output: cli
soft_fail: false
quiet: false
# Integration with PR comments
repo_id: devsecops/platform
skip_fixes: false
|