infrastructure-as-code

Describe the solution you'd like
It would be nice to have a way to control whether a VM starts on boot or not. Maybe a new autostart option to salt.states.virt.running and/or salt.states.virt.defined? Or maybe a new function?

Describe alternatives you've considered
I'll probably use salt.modules.virt.set_autostart for now.

AlmaLinux should be detected as RHEL/CentOS. Trivy should be able to detect RHEL/CentOS vulnerabilities

https://almalinux.org/

Doing something like the following:

const api = /* create api */
api.addLambdaDataSource(
      "lambda-name-ds",
      /* lambda */,
    );

does not remove the - from the id name, causing the deploy to fail with:

Property validation failure: [Value for property {/Name} does not match pattern {[_A-Za-z][_0-9A-Za-z]*}]

And if we look at the resulting stac

For most of my resources, most of the cost components have 0 usage. (Example: S3 bucket using standard storage, no Glacier, no infrequent/frequent access, etc).

When I have known 0 usage, I put a 0 in the YAML file; however, the Infracost output still displays these items with a cost of $0. It would be nice to skip these items (which have a quantity of 0) because they do not contribute at all t

Is your feature request related to a problem? Please describe.
Yes. We've inherited a terraform repo with a lot of legacy problems. We've introduced checkov to ensure new config going
forward meets our standards. We've also generated baseline files for all of the existing legacy terraform config, so that we only fail checks for new problems. However, we'd like to keep visibility on all

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

Copilot doesn't seem to have correct error behavior when I try to create a Scheduled Job with the same name as an existing service.

For example, in my app right now I have the following:

❯ copilot svc ls
Name                Type
----                ----
fe                  Load Balanced Web Service

I can see this in SSM:

❯ aws ssm get-parameter --name /copilot/applicatio

Description

a) user have a preexisting working .driftignore
b) user updates the .driftignore by appending new content to it
c) fa

Garbage collection works by listing everything with the gc-tag. In a busy cluster, we really want that filter to happen server-side and ideally using an index of some sort.

That means we should use a Kubernetes label, not an annotation.

I think this will require a two-step migration plan (write both but continue to read annotation; release; drop support for annotation; release).