checkov icon indicating copy to clipboard operation
checkov copied to clipboard

Published 20 hours ago verified publisher icon bridgecrewio

check to test the required provider versions with new terraform format of required_providers for azurerm

Open pravinkumarb84 opened this issue 11 months ago • 2 comments

Describe the issue

we are looking for checkov policy to check the version of azurerm in required_providers section. we were able to write custom checkov policy to check the version in providers section in terraform. but this has been depricated and the version has been moved to required_providers block. we are not able to find any existing code or policy to check the required_providers block and version mentioned for azurerm provider and others.

Examples in the below block, we want to write a custom policy to check whether the provider is above a minimum version (eg. 2.88.0)

terraform { required_version = ">= 1.0"

required_providers { azurerm = { source = "hashicorp/azurerm" version = "2.89.0" }

} }

Version (please complete the following information):

  • Checkov Version [e.g. 22] - latest version

Additional context Add any other context about the problem here.

pravinkumarb84 avatar Mar 11 '24 14:03 pravinkumarb84