AWS.EBS.EKM.Medium.0682 does not recognize encrypted volumes

spommerening commented 3 years ago

terrascan version: 1.8.0

Operating System:

cat /etc/os-release
NAME="SLES"
VERSION="12-SP5"
VERSION_ID="12.5"
PRETTY_NAME="SUSE Linux Enterprise Server 12 SP5"
ID="sles"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:suse:sles:12:sp5"

Description

I would expect that terraform would not complain about EBS encryption if the volume is created like this:

resource "aws_ebs_volume" "ddve_sdb" {
  size              = 10
  type              = "gp2"
  availability_zone = "${var.vpc_region}b"
  encrypted         = true
  kms_key_id        = aws_kms_key.kms_vpc_01.arn
}

What I Did

$ terrascan scan -c terrascan.yaml
[...]
        Description    :        Enable AWS EBS Snapshot Encryption
        File           :        res_ddve_test.tf
        Module Name    :        root
        Plan Root      :        ./
        Line           :        193
        Severity       :        HIGH
[...]

The line number displayed matchs the exact line of the aws_ebs_volume resource in the Terraform code (see above).

mattya802 commented 2 years ago

Any solution to this? I'm running into the same thing.

Makushchenko commented 1 year ago

@spommerening Hi. Any updates ? Have this issue with AWS. Terrascan v1.18.1

tenable / terrascan

AWS.EBS.EKM.Medium.0682 does not recognize encrypted volumes #922

Description

What I Did