infrastructure-as-code

Describe the solution you'd like
It would be nice to have a way to control whether a VM starts on boot or not. Maybe a new autostart option to salt.states.virt.running and/or salt.states.virt.defined? Or maybe a new function?

Describe alternatives you've considered
I'll probably use salt.modules.virt.set_autostart for now.

Description

we have NPM7 generated package-lock.json with lockFileVersion = 2. Now when we scan Node.js project using Trivy filesystem scan, Trivy does not find out packages from package-lock.json.
It is working with lockFileVersion = 1

What did you expect to happen?

It should find out packages in package-lock.json

What happened instead?

It did not find out packages from pack

Description

In April 2021, Fargate added support for requesting additional ephemeral storage.

Support for this feature has [been added](aws/aws-cdk@f1bf935#diff-dcfbc499b4d3c10afcd4e63ad0e4ecc54df2464e45af67f1fdae69d

The current blue links are sometimes not easy to read, e.g. see the first screenshot from a user vs the second screenshot from my terminal (iTerm2):

![Screen Shot 2021-12-03 at 7 17 55 PM](https://user-images.githubusercontent.com/638577/144636188-c01e185d-c4eb-4ad8-bfbc-0a8cd8b40fee

CKV_AWS_174 is being triggered in our terraform code even though we have the viewer certificate set to use TLSv.1.2. Snippet of our code here:

viewer_certificate {
acm_certificate_arn = aws_acm_certificate.cert.arn
ssl_support_method = "sni-only"
minimum_protocol_version = "TLSv1.2_2019"
}

Steps to reproduce the behavior:
Running checkov on our terraform code

**Expe

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

Copilot doesn't seem to have correct error behavior when I try to create a Scheduled Job with the same name as an existing service.

For example, in my app right now I have the following:

❯ copilot svc ls
Name                Type
----                ----
fe                  Load Balanced Web Service

I can see this in SSM:

❯ aws ssm get-parameter --name /copilot/applicatio

Description

We all have an aws_api_gateway_account resource inside each region of AWS that will by default output as unmanaged. We s