Any finding reported by Checkov will need to corrected. If it cannot be corrected immediately, a security-issue will need to be created and the proper suppression entered into the code. Also please tag the security team to review the PR. If it is a false-positive, the proper suppression entry will need to be entered into the code.
I have a vulnerability that is a false positive, or one that we will not fix. Can I make Checkov ignore it?
Yes. Simply follow the instructions in suppressing/skipping policies and then tag the security team to review the PR.
Yes. The following options are available for you to use: