Checkov suppressions for Lambda functions

andywick-aws · andywick-aws · commit 74ac1c0a4e65 · 2022-07-12T11:34:05.000-05:00
diff --git a/aws_sra_examples/solutions/common/common_prerequisites/templates/sra-common-prerequisites-staging-s3-bucket.yaml b/aws_sra_examples/solutions/common/common_prerequisites/templates/sra-common-prerequisites-staging-s3-bucket.yaml
@@ -163,10 +163,14 @@ Resources:
             reason: Lambda does not need reserved concurrent executions.
       checkov:
         skip:
+          - id: CKV_AWS_115
+            comment: Lambda does not need reserved concurrent executions.
           - id: CKV_AWS_116
             comment: DLQ not needed, as Lambda function only triggered by CloudFormation events.
+          - id: CKV_AWS_117
+            comment: Lambda does not need to communicate with VPC resources.
           - id: CKV_AWS_173
-            comment: Environment variables are not sensitive
+            comment: Environment variables are not sensitive.
     Type: AWS::Lambda::Function
     Properties:
       FunctionName: !Ref pOrgIdLambdaFunctionName
diff --git a/aws_sra_examples/solutions/common/common_register_delegated_administrator/templates/sra-common-register-delegated-administrator-ssm.yaml b/aws_sra_examples/solutions/common/common_register_delegated_administrator/templates/sra-common-register-delegated-administrator-ssm.yaml
@@ -226,8 +226,12 @@ Resources:
             reason: Lambda does not need reserved concurrent executions.
       checkov:
         skip:
+          - id: CKV_AWS_115
+            comment: Lambda does not need reserved concurrent executions.
           - id: CKV_AWS_116
             comment: DLQ not needed, as Lambda function only triggered by CloudFormation events.
+          - id: CKV_AWS_117
+            comment: Lambda does not need to communicate with VPC resources.
           - id: CKV_AWS_173
             comment: Environment variables are not sensitive.
     Properties:
