search

mattray / inspec-iggy

InSpec CLI plugin for generating compliance controls from Terraform and CloudFormation
Apache License 2.0
106 stars 18 forks source link

Does iggy support terraform modules? #8

Closed miguelaferreira closed 5 years ago

miguelaferreira commented 6 years ago

I've ran inspec terraform generate on a terraform state file from a configuration where all resources are wrapped in a module. The output was a single like with a title attribute.

Example terraform config:

module "example" {
  source = "../"

 (module parameters)
}

Example inspect terraform generate output:

title '.../terraform.tfstate controls generated by Iggy v0.2.0'

Edit: The terraform module I'm trying to test only contains aws_cognito_... resources, and looking at the list of available InSpec AWS resources I don't find anything for Cognito. Maybe that explains why the output of inspect terraform generate only contains no resources.

mattray commented 6 years ago

I haven't tested with this, but I'll look into it. There are currently no Cognito resources in InSpec yet, so that's also not going to generate anything. https://www.inspec.io/docs/reference/resources/#aws-resources

miguelaferreira commented 6 years ago

I realise that, and I'm considering adding some myself.

mattray commented 5 years ago

I'm closing this because https://github.com/mattray/inspec-iggy/pull/12 fixed it (this is in the upcoming 0.5.0 release). I expect Cognito support will be added with the upcoming InSpec 4.0 if it's not already in there.