feat: Add SECURITY.md template for terraform_module repos (#225) #231
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Collaborator
akuzminsky
commented
Jan 16, 2026
akuzminsky
commented
- Create security policy template with vulnerability reporting guidelines
- Deploy to all terraform_module repositories via Terraform
- Create security policy template with vulnerability reporting guidelines - Deploy to all terraform_module repositories via Terraform
State
|
| Success | 🟢 Add | Change | Destroy |
|---|---|---|---|
| ✅ | 47 | 0 | 0 |
Affected resources by action
| Action | Resources |
|---|---|
| 🟢 | module.repos["terraform-aws-actions-runner"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-aerospike"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-bookstack"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-ci-cd"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-cloud-init"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-cloudcraft-role"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-cost-alert"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-debian-repo"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-dms"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-ecr"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-ecs"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-elasticsearch"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-emrserverless"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-gh-identity-provider"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-gha-admin"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-github-backup"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-github-backup-configuration"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-github-role"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-guardduty-configuration"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-http-redirect"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-instance-profile"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-iso27001"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-jumphost"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-key"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-kibana"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-lambda-monitored"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-openvpn"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-pmm-ecs"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-postfix"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-pypiserver"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-registry"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-s3-bucket"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-secret"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-secret-policy"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-service-network"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-sqs-ecs"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-sqs-pod"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-state-bucket"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-state-manager"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-tags-override"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-tcp-pod"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-teleport"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-teleport-agent"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-terraformer"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-truststore"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-update-dns"].github_repository_file.security_md[0] |
| 🟢 | module.repos["terraform-aws-website-pod"].github_repository_file.security_md[0] |
STDOUT
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.repos["terraform-aws-actions-runner"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-actions-runner"
+ sha = (known after apply)
}
# module.repos["terraform-aws-aerospike"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-aerospike"
+ sha = (known after apply)
}
# module.repos["terraform-aws-bookstack"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-bookstack"
+ sha = (known after apply)
}
# module.repos["terraform-aws-ci-cd"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-ci-cd"
+ sha = (known after apply)
}
# module.repos["terraform-aws-cloud-init"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-cloud-init"
+ sha = (known after apply)
}
# module.repos["terraform-aws-cloudcraft-role"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-cloudcraft-role"
+ sha = (known after apply)
}
# module.repos["terraform-aws-cost-alert"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-cost-alert"
+ sha = (known after apply)
}
# module.repos["terraform-aws-debian-repo"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-debian-repo"
+ sha = (known after apply)
}
# module.repos["terraform-aws-dms"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-dms"
+ sha = (known after apply)
}
# module.repos["terraform-aws-ecr"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-ecr"
+ sha = (known after apply)
}
# module.repos["terraform-aws-ecs"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-ecs"
+ sha = (known after apply)
}
# module.repos["terraform-aws-elasticsearch"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-elasticsearch"
+ sha = (known after apply)
}
# module.repos["terraform-aws-emrserverless"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-emrserverless"
+ sha = (known after apply)
}
# module.repos["terraform-aws-gh-identity-provider"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-gh-identity-provider"
+ sha = (known after apply)
}
# module.repos["terraform-aws-gha-admin"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-gha-admin"
+ sha = (known after apply)
}
# module.repos["terraform-aws-github-backup"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-github-backup"
+ sha = (known after apply)
}
# module.repos["terraform-aws-github-backup-configuration"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-github-backup-configuration"
+ sha = (known after apply)
}
# module.repos["terraform-aws-github-role"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-github-role"
+ sha = (known after apply)
}
# module.repos["terraform-aws-guardduty-configuration"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-guardduty-configuration"
+ sha = (known after apply)
}
# module.repos["terraform-aws-http-redirect"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-http-redirect"
+ sha = (known after apply)
}
# module.repos["terraform-aws-instance-profile"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-instance-profile"
+ sha = (known after apply)
}
# module.repos["terraform-aws-iso27001"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-iso27001"
+ sha = (known after apply)
}
# module.repos["terraform-aws-jumphost"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-jumphost"
+ sha = (known after apply)
}
# module.repos["terraform-aws-key"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-key"
+ sha = (known after apply)
}
# module.repos["terraform-aws-kibana"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-kibana"
+ sha = (known after apply)
}
# module.repos["terraform-aws-lambda-monitored"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-lambda-monitored"
+ sha = (known after apply)
}
# module.repos["terraform-aws-openvpn"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-openvpn"
+ sha = (known after apply)
}
# module.repos["terraform-aws-pmm-ecs"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-pmm-ecs"
+ sha = (known after apply)
}
# module.repos["terraform-aws-postfix"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-postfix"
+ sha = (known after apply)
}
# module.repos["terraform-aws-pypiserver"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-pypiserver"
+ sha = (known after apply)
}
# module.repos["terraform-aws-registry"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-registry"
+ sha = (known after apply)
}
# module.repos["terraform-aws-s3-bucket"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-s3-bucket"
+ sha = (known after apply)
}
# module.repos["terraform-aws-secret"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-secret"
+ sha = (known after apply)
}
# module.repos["terraform-aws-secret-policy"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-secret-policy"
+ sha = (known after apply)
}
# module.repos["terraform-aws-service-network"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-service-network"
+ sha = (known after apply)
}
# module.repos["terraform-aws-sqs-ecs"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-sqs-ecs"
+ sha = (known after apply)
}
# module.repos["terraform-aws-sqs-pod"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-sqs-pod"
+ sha = (known after apply)
}
# module.repos["terraform-aws-state-bucket"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-state-bucket"
+ sha = (known after apply)
}
# module.repos["terraform-aws-state-manager"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-state-manager"
+ sha = (known after apply)
}
# module.repos["terraform-aws-tags-override"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-tags-override"
+ sha = (known after apply)
}
# module.repos["terraform-aws-tcp-pod"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-tcp-pod"
+ sha = (known after apply)
}
# module.repos["terraform-aws-teleport"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-teleport"
+ sha = (known after apply)
}
# module.repos["terraform-aws-teleport-agent"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-teleport-agent"
+ sha = (known after apply)
}
# module.repos["terraform-aws-terraformer"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-terraformer"
+ sha = (known after apply)
}
# module.repos["terraform-aws-truststore"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-truststore"
+ sha = (known after apply)
}
# module.repos["terraform-aws-update-dns"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-update-dns"
+ sha = (known after apply)
}
# module.repos["terraform-aws-website-pod"].github_repository_file.security_md[0] will be created
+ resource "github_repository_file" "security_md" {
+ autocreate_branch_source_sha = (known after apply)
+ commit_message = "Add SECURITY.md"
+ commit_sha = (known after apply)
+ content = <<-EOT
# Security Policy
## Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability in this project, please report it responsibly.
**Please DO NOT create a public GitHub issue for security vulnerabilities.**
### How to Report
Send an email to **security@infrahouse.com** with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
### What to Expect
- **Acknowledgment:** Within 48 hours of your report
- **Initial Assessment:** Within 5 business days
- **Resolution Timeline:** Depends on severity, typically 30-90 days
### Scope
This policy applies to:
- The Terraform module code in this repository
- Associated documentation and examples
### Out of Scope
- Issues in upstream dependencies (report to respective maintainers)
- Issues in AWS services (report to AWS)
## Security Best Practices
When using this module:
- Follow the principle of least privilege for IAM roles
- Enable encryption at rest and in transit where applicable
- Review the module's security group and IAM policy configurations
- Keep the module updated to the latest version
## Supported Versions
We provide security updates for the latest major version only.
| Version | Supported |
| ------- | ------------------ |
| Latest | :white_check_mark: |
| Older | :x: |
EOT
+ file = "SECURITY.md"
+ id = (known after apply)
+ overwrite_on_create = true
+ ref = (known after apply)
+ repository = "terraform-aws-website-pod"
+ sha = (known after apply)
}
Plan: 47 to add, 0 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: tf.plan
To perform exactly these actions, run the following command to apply:
terraform apply "tf.plan"
metadata
eyJzMzovL2luZnJhaG91c2UtZ2l0aHViLWNvbnRyb2wtc3RhdGUvdGVycmFmb3JtLnRmc3RhdGUiOiB7InN1Y2Nlc3MiOiB0cnVlLCAiYWRkIjogNDcsICJjaGFuZ2UiOiAwLCAiZGVzdHJveSI6IDB9fQ==
When build_type = "workflow", GitHub Pages deploys from workflow artifacts, not from a branch/path. GitHub ignores the source block entirely, causing permanent drift on every Terraform run.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.