From c3065919dac0442e4f21843e4a1789e7cf6b0143 Mon Sep 17 00:00:00 2001
From: Aditya Bhatia <adityabhatia@C02DCPPNML7H.local>
Date: Fri, 20 Jun 2025 19:32:09 +0530
Subject: [PATCH] Ignoring LOW tfsec vulnerability for web_acl cloudwatch log
 group

---
 modules/wafv2/main.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/wafv2/main.tf b/modules/wafv2/main.tf
index afb9d71..caf80ae 100644
--- a/modules/wafv2/main.tf
+++ b/modules/wafv2/main.tf
@@ -216,6 +216,7 @@ data "aws_iam_policy_document" "web_acl_policy_document" {
 }
 
 # CloudWatch Log Group for WAFv2 Logging
+#tfsec:ignore:aws-cloudwatch-log-group-customer-key
 resource "aws_cloudwatch_log_group" "web_acl_log" {
   name  = "aws-waf-logs-${var.stage}_${var.region}_${var.service_name}"
   count = var.enabled