Getting StartedGetting started Custom Checks Config
Github ActionsCode Scanning Alerts PR Commenter
Potentially sensitive data stored in “default” value of variable.
Sensitive attributes such as passwords and API tokens should not be available in your templates, especially in a plaintext form. You can declare variables to hold the secrets, assuming you can provide values for those variables in a secure fashion. Alternatively, you can store these secrets in a secure secret store, such as AWS KMS.
NOTE: It is also recommended to store your Terraform state in an encrypted form.
The following example will fail the GEN001 check.
The following example will pass the GEN001 check.