Open pravinkumarb84 opened 7 months ago
bo156
commented
7 months ago Hi @pravinkumarb84.
Unfortunately the issue lies with the fact we are currently not supporting scan for terraform block (only resource, provider, data, etc). This can be seen under this folder in checkov.
Currently it is not supported but feel free to contribute and add this to checkov as well :)
stale[bot]
commented
3 days ago Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at codifiedsecurity.slack.com Thanks!
Describe the issue
we are looking for checkov policy to check the version of azurerm in required_providers section. we were able to write custom checkov policy to check the version in providers section in terraform. but this has been depricated and the version has been moved to required_providers block. we are not able to find any existing code or policy to check the required_providers block and version mentioned for azurerm provider and others.
Examples in the below block, we want to write a custom policy to check whether the provider is above a minimum version (eg. 2.88.0)
terraform { required_version = ">= 1.0"
required_providers { azurerm = { source = "hashicorp/azurerm" version = "2.89.0" }
} }
Version (please complete the following information):
Additional context Add any other context about the problem here.