BATSAD-2417: adding runbook / documentation on what the daily report …

[JamesEElliott]

…means and how to read it.

[robo-gotham]

Snyk Scanning for Commit: 2ea1097

Snyk Infrastructure as Code

• Snyk testing Infrastructure as Code configuration issues.
  ✔ Test completed.

Issues

Medium Severity Issues: 1

[Medium] Wildcard principal in KMS key access policy
Info: Wildcard principal has been specified in access policy. Using wild
card will grant unnecessary access to any user in the account
Rule: https://security.snyk.io/rules/cloud/SNYK-CC-AWS-709
Path: [DocId: 0] > Resources[FileAssetsBucketEncryptionKey] > Properties >
KeyPolicy
File: bootstrap/bootstrap-template.yaml
Resolve: Set Principal attribute in the policy to specific entities, for
example arn:aws:iam::123456789012:user/JohnDoe

High Severity Issues: 1

[High] Wildcard action in IAM Policy
Info: The IAM policy allows all actions on resource. Granting permission to
perform any action is against 'least privilege' principle
Rule: https://security.snyk.io/rules/cloud/SNYK-CC-TF-69
Path: [DocId: 0] > Resources[CdkBoostrapPermissionsBoundaryPolicy] >
Properties > PolicyDocument
File: bootstrap/bootstrap-template.yaml
Resolve: Set Action attribute in Properties.PolicyDocument to specific
actions e.g. s3:ListBucket

---

Test Summary

Organization: batcave-ispg
Project name: CMS-Enterprise/batcave-wt-sdl-reporting

✔ Files without issues: 0
✗ Files with issues: 1
Ignored issues: 0
Total issues: 2 [ 0 critical, 1 high, 1 medium, 0 low ]

---

Report Complete

Your test results are available at: https://snyk.io/org/batcave-ispg/projects
under the name: CMS-Enterprise/batcave-wt-sdl-reporting

[rileydakota]

LGTM