CKV_AWS_46 false positives #7309
Description
Describe the issue
Check CKV_AWS_46 "Ensure no hard-coded secrets exist in EC2 user data" fails even userdata does not contain any secrets. Also even based on same code (CDK), one stack fails, another does not. Makes me think it is looking for other parts of the file, that just userdata. Still not other findings for any of these files.
Version 3.2.439 was the first one to report this false positive.
Examples
Cloudformation for the failing userdata:
"UserData": {
"Fn::Base64": "#!/bin/bash"
}
Version (please complete the following information):
- Checkov Version 3.2.439 onwards
Additional context