Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Any particular reason "CHECKOV_EXPERIMENTAL_TERRAFORM_MANAGED_MODULES" is still an experimental feature? I think this would help our use case nicely.
Use case:
Our CI/CD pipeline pulls the modules included from external sources (both public and private repositories) into the current workspace as a result of "terraform init" step. All the required modules are available under ".terraform/modules". Now run the Checkov scan to scan all the code under the TF root directory including the downloaded modules.
Will enabling "CHECKOV_EXPERIMENTAL_TERRAFORM_MANAGED_MODULES" work for the above use case? Are there any limitations? Or are there any better solutions than using "CHECKOV_EXPERIMENTAL_TERRAFORM_MANAGED_MODULES" option?
cbhat-ie
commented
4 months ago
Any particular reason "CHECKOV_EXPERIMENTAL_TERRAFORM_MANAGED_MODULES" is still an experimental feature? I think this would help our use case nicely.
Use case: Our CI/CD pipeline pulls the modules included from external sources (both public and private repositories) into the current workspace as a result of "terraform init" step. All the required modules are available under ".terraform/modules". Now run the Checkov scan to scan all the code under the TF root directory including the downloaded modules.
Will enabling "CHECKOV_EXPERIMENTAL_TERRAFORM_MANAGED_MODULES" work for the above use case? Are there any limitations? Or are there any better solutions than using "CHECKOV_EXPERIMENTAL_TERRAFORM_MANAGED_MODULES" option?