infrastructure-as-code

Describe the solution you'd like
It would be nice to have a way to control whether a VM starts on boot or not. Maybe a new autostart option to salt.states.virt.running and/or salt.states.virt.defined? Or maybe a new function?

Describe alternatives you've considered
I'll probably use salt.modules.virt.set_autostart for now.

Container scanning schemas below 14.0.0 have been deprecated.

blob/main/contrib/gitlab.tpl:3 is using a deprecated version:

"version": "2.3",

The latest version of the schema is [14.1.0](https://gitlab.com/gitlab-org/gitla

What is the problem?

The documentation gives the following info for the dbProxy prop:

"Type: string (optional, default: Generated by CloudFormation (recommended))"

However, the dbProxyName is not autogenerated by CFN. Instead the dbProxy name is set to the id string if props.dbProxy is not present.

Reproduction Steps

Create a DatabaseProxy without specifying a dbProxyName.

I suggest adding MongoDB Atlas to the supported cloud as a feather.

Here are the steps to migrate a resource:

1. Pull latest changes from my refactor-migration-t1 branch.
2. Set the var SINGLE_RESOURCE_NAME in cmd/migrator/main.go to the resource filename.
3. Run go run cmd/migrator/main.go, the resource file would be edited and a new resource file will be created in internal/resources/aws
4. All things that the script was unable to migrate are chang

I have a terraform.tfvars.json file that passes variables into my module. It looks like tfsec isn't scanning this file when I pass the ---tfvars-file flag, however it does work, as expected, thanks to #133 with terraform.tfvars.

In the example below, the json file sets "vulnerability alerts" to "false" which should be picked up as a HIGH.

`tf

Describe the issue
https://github.com/bridgecrewio/checkov/blob/master/checkov/dockerfile/checks/UserExists.py doesn't cover all of https://docs.bridgecrew.io/docs/ensure-that-a-user-for-the-container-has-been-created

Bridgecrew Policy ID: BC_DKR_3
Checkov Check ID: CKV_DOCKER_3

ToDo: Additionally check if gosu is executed in either CMD or ENTRYPOINT

Examples

FROM al

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

I ran into a strange error message when trying to deploy a request driven web service in the Frankfurt (eu-central-1) region.

Template format error: Unrecognized resource types: [AWS::AppRunner::Service]

After some digging I found out that AppRunner isn't available in this region yet. It would be nice if copilot-cli could check whether a template is valid for the region and issue a warning

Description

We all have an aws_api_gateway_account resource inside each region of AWS that will by default output as unmanaged. We s