5.8
Viable, but needs remediation
This stack is wearing an enterprise blazer over a skateboard. Stylish, fast, and one missing guardrail away from a headline nobody wants.
Technical findings
Terraform production core shows public exposure, loose access controls, missing restore posture, and partial governance metadata.
Wildcard IAM permissions
Administrative actions are broadly scoped across resources.
Replace wildcard permissions with least-privilege policies and permission boundaries.
Public ingress exposure
An internet-facing service is open without obvious CIDR restrictions or WAF policy.
Restrict ingress and add edge filtering.
Backup policy not declared
Stateful services lack visible backup and restore configuration.
Enable automated backups and document recovery objectives.
Share card
Built to be posted internally or externally after sensitive details are removed.
5.8/10
prod-core.tf
This stack is wearing an enterprise blazer over a skateboard. Stylish, fast, and one missing guardrail away from a headline nobody wants.
Remediation order
- 1. Critical security issues
- 2. Public exposure and secrets
- 3. Recovery and monitoring
- 4. Tags, budgets, and policy gates