From 6e52b76e1faf5d8d2963a008e85edbddc5019d21 Mon Sep 17 00:00:00 2001
From: Ryan Payne <ryanj.payne@outlook.com>
Date: Wed, 24 Jan 2024 12:50:40 -0600
Subject: [PATCH] address finding

---
 templates/aws_cspm_cloudformation_v2.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/templates/aws_cspm_cloudformation_v2.json b/templates/aws_cspm_cloudformation_v2.json
index 3a004ec..68fc6e1 100644
--- a/templates/aws_cspm_cloudformation_v2.json
+++ b/templates/aws_cspm_cloudformation_v2.json
@@ -452,6 +452,16 @@
     "CrowdStrikeSensorManagementFalconCredentialsSecret": {
       "Type": "AWS::SecretsManager::Secret",
       "Condition": "ShouldCreateSensorManagementCredentialsSecret",
+      "Metadata": {
+        "checkov": {
+          "skip": [
+            {
+              "id": "CKV_AWS_149",
+              "comment": "The default key aws/secretsmanager is sufficient to secure this resource"
+            }
+          ]
+        }
+      },
       "Properties": {
         "Name": "/CrowdStrike/CSPM/SensorManagement/FalconAPICredentials",
         "Description": "Falcon API credentials. Used by the 1-Click sensor management orchestrator.",