checkov-vscode icon indicating copy to clipboard operation
checkov-vscode copied to clipboard

Published 20 hours ago verified publisher icon bridgecrewio

References in arguments are not evaluated

Open antonbabenko opened this issue 4 years ago • 1 comments

Good job with this extension!

In Terraform, checks support evaluation of arguments expressed in variables and remote modules to their actual values.

I try this code and it does not seem to work:

variable "value" {
  type    = bool
  default = false
}

resource "aws_kms_key" "objects" {
  description             = "KMS key is used to encrypt bucket objects"
  deletion_window_in_days = 7
  enable_key_rotation     = var.value
}

It works well if I specify static value like true, false, "false" inside enable_key_rotation.

Is this a bug? Or is it not supported yet?

antonbabenko avatar Mar 05 '21 09:03 antonbabenko

Hi Anton, Thank you for reporting this. We will take a look

schosterbarak avatar Mar 05 '21 10:03 schosterbarak