Operating System: Ventura 13.3.1, Darwin Kernel Version 22.4.0
Description
Running custom policy scan on Terraform plan file and expecting to fail but the output does not include a complete resource name. I think the address would be more helpful in the check output. Currently the ambiguous Resource name makes it really difficult for developers to trace the source module/resource.
I have performed a config test and that includes the module path which is useful but we are seeing false positives as our modules make use of for_each and variable maps which Terrascan is not correctly resolving.
jbrule
commented
1 year ago
Description
Running custom policy scan on Terraform plan file and expecting to fail but the output does not include a complete resource name. I think the address would be more helpful in the check output. Currently the ambiguous Resource name makes it really difficult for developers to trace the source module/resource.
I have performed a config test and that includes the module path which is useful but we are seeing false positives as our modules make use of for_each and variable maps which Terrascan is not correctly resolving.
What I Did
terrascan scan -v --log-output-dir ../scanner-logs -i tfplan -t gcp --use-terraform-cache -p custom-policies -f tfplan.jsonResource in tfplan
Check Output