Merge branch 'boost-community:main' into main

boostsecurityio · Dec 11, 2024 · 2e7be3d · 2e7be3d
2 parents 925e186 + 5d5d861
commit 2e7be3d
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/scanners/boostsecurityio/checkov-tf-plan/module.yaml b/scanners/boostsecurityio/checkov-tf-plan/module.yaml
@@ -20,5 +20,8 @@ steps:
       format: sarif
       post-processor:
         docker:
-          image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ec4f3d2@sha256:8fdf1b3eb4fb7ade9fe618e586a0d4f8d6fe316d390a1c28ead8812e7a388e93
+          image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:72d5f80@sha256:786f15fb33b57a26a72edbfcc4d2e9a32952a0d16186633f9d3d5ebbae9816da
           command: process
+          workdir: /src
+          environment:
+            BOOST_TF_TAGS_POLICY: $BOOST_TF_TAGS_POLICY
diff --git a/scanners/boostsecurityio/checkov-tf-plan/rules.yaml b/scanners/boostsecurityio/checkov-tf-plan/rules.yaml
@@ -14785,4 +14785,15 @@ rules:
     pretty_name: Ensure KMS symmetric key is rotated.
     recommended: true
     ref: https://www.checkov.io/5.Policy%20Index/all.html
+  BOOST_INVALID_TF_TAGS:
+    categories:
+    - ALL
+    - boost-hardened
+    - cloud-resources-tagging-requirements
+    description: Check that Terraform Resource are tagged according to the expected policy.
+    group: cloud-weak-configuration
+    name: BOOST_INVALID_TF_TAGS
+    pretty_name: Ensure Terraform Resources are tagged appropriately
+    recommended: true
+    ref: https://docs.boostsecurity.io/rules/BOOST_INVALID_TF_TAGS.html