Unsupported block type; Blocks of type "cloud" are not expected here.

[yermulnik]

• terrascan version: v1.15.2
• Operating System: Ubuntu 20.04.5 LTS

Description

Scanning my Terraform config with Terrascan give me an error:

Unsupported block type; Blocks of type "cloud" are not expected here.

What I Did

> terrascan scan --config-path $HOME/.terrascan/config/terrascan.toml --log-level warn --iac-type terraform --policy-type all --use-terraform-cache
2022/09/08 20:27:57 [DEBUG] POST https://httpbin.org/post

Scan Errors -

        IaC Type            :   terraform
        Directory           :   /home/path/to/dir/with/tf/code
        Error Message       :   diagnostic errors while loading terraform config dir '/home/path/to/dir/with/tf/code'. error from terraform:
/home/path/to/dir/with/tf/code/backend.tf:2,3-8: Unsupported block type; Blocks of type "cloud" are not expected here.

        -----------------------------------------------------------------------

[skipping non-essential info on scan summary]

> cat backend.tf
terraform {
  cloud {
    organization = "[…]"

    workspaces {
      tags = [
        "mytag",
        "infra",
      ]
    }
  }
}

Terraform per se works as expected w/o issues.

[GoodGuyGroves]

I have the exact same problem, same input, same output, etc. Happy to help providing whatever info may be needed to resolve this. :)

[occharliesmith]

Same problem here using Terraform Cloud as a backend!

[rodrigo-ramos]

You have to update your terraform version >= 1.1.0. I had the same trouble and with the upgrade, was solved.

https://stackoverflow.com/questions/70763407/blocks-of-type-cloud-are-not-expected-here-for-integrating-with-terraform-clou

[igorbrites]

You have to update your terraform version >= 1.1.0. I had the same trouble and with the upgrade, was solved.

https://stackoverflow.com/questions/70763407/blocks-of-type-cloud-are-not-expected-here-for-integrating-with-terraform-clou

This approach didn't work for me, I'm using terraform >= 1.3.0.

[CalvinRossSmith]

All of a sudden all of my workflows that run terrascan are also running into this issue, I'm using required_version = ">= 1.3.0"

[davidjeddy]

TF 1.3.7 is similarly effected.

terrascan version: v1.15.1

terragrunt version v0.38.7

Darwin 21.6.0

  cloud {
    organization = "[[REDACTED]]"

    workspaces {
      name = "[[REDACTED]]"
    }
  }

  required_version = ">= 1.3.7"

  required_providers {
    archive = ...
  }
}```

[yermulnik]

Any idea whom to tag here to at least have TerraScan devs look into this?

[vdatsiuk]

Same problem for me, using different versions of terraform cloud (1.1.x, 1.2.x, 1.3.x) - all have the same problem with terrascan and the "cloud" type block

[yermulnik]

Any idea whom to tag here to at least have TerraScan devs look into this?

@cesar-rodriguez Could you please assist?

[jackton1]

Hi @cesar-rodriguez, related to this issue terraform does support a cloud block is there any particular reason why this would be deemed unsupported by terrascan?

Reference: https://developer.hashicorp.com/terraform/cli/cloud/settings#the-cloud-block

[ThomasGHenry]

Any idea whom to tag here to at least have TerraScan devs look into this?

@dev-gaur, maybe? https://github.com/tenable/terrascan/commit/87efa51baaad5644661c6d579cea1043bbd77004

[davidjeddy]

While static linked binaries are (in my opinion) a better option vs dynamic link; maybe terraform should be the exception for terrascan?

[jonfoxchase]

did anyone come up with a solution for this? facing same issue using tf version >1.3