Releases: bridgecrewio/checkov
Releases · bridgecrewio/checkov
3.2.125
Feature
- arm: Add check for AzureML workspace not configured with private endpoint - #6387
3.2.124
Feature
- azure: Add policy to ensure proper AzureML Workspace network access - #6362
- azure: Ensure Azure Storage Account storing Machine Learning workspace high business impact data is not publicly accessible - #6368
3.2.122
Feature
- arm: AppServicePythonVersion - 82 check the 'python version' is the latest, if used to run the web app - #6282
3.2.121
Feature
- terraform: AWS SageMaker notebook instance KMS Key - #6374
- terraform: CognitiveServicesConfigureIdentity - new check - #6378
- terraform: Ensure that Cognitive Services accounts enable local authentication - new check - #6377
3.2.119
Feature
- arm: add FunctionAppsEnableAuthentication - Checking if a certain field exists - #6250
- terraform: Add more conditions to CKV_AWS_70 - #6371
- terraform: Added the CKV2_AWS_68 Check for TF and CFN - #6369
Bug Fix
- ansible: set task as ansible vertices config - #6376
- terraform: for_each/count attribute wasn't rendering if referencing a dynamic variable of a higher level module - #6372
3.2.112
Feature
- terraform: Add provider address to resources - #6266
- terraform: Support for count & for_each in data blocks - #6359
Bug Fix
- terraform: Fix an issue for loading tfvars + issue in the dynamic rendering - #6360
3.2.108
Bug Fix
- sast: don't scan hidden files - #6349
3.2.107
Bug Fix
- terraform: Handle registry modules with a version in CKF_TF_2 - #6354
3.2.106
Feature
- arm: Ensure Databricks Workspace data plane to control plane co… - #6319
- general: TF and ARM - Ensure that Databricks Workspaces enable… - #6313
- secrets: Bump detect-secrets - #6346
3.2.105
Feature
- arm: add AppServiceJavaVersion - #6258
- arm: add CKV_AZURE_145 to check that the function app uses the latest version of TLS encryption - #6323
- arm: add CKV_AZURE_218 to ensure that Application Gateway defines secure protocols for in transit communicationApp gw defines secure protocols - #6320
- arm: add CKV_AZURE_54 to ensure Enforce a minimal Tls version for the server - #6270
- arm: add CKV_AZURE_71 to Ensure that Managed identity provider is enabled for web apps - #6272
- arm: add CKV_AZURE_72 to ensure that remote debugging is not enabled for app services - #6281
- arm: AzureDefenderOStorage - #6269
- arm: MySQLPublicAccessDisabled-Azure MySQL: Restrict Public Access - #6263
- arm: StorageSyncPublicAccessDisabled - #6331
- secrets: eliminate false positives in entropy keyword combinator detector - #6327
Bug Fix
- ansible: fix ansible resource id in local graph - #6344
- secrets: fix entropy type - #6347