terrascan-action
terrascan-action copied to clipboard
tenable
Terrascan skip flag not working
Hi Team,
When using the terrascan github action, the skip flag does not seem to work.
Flag used in below format: skip_rules: AC_AWS_0460
Further, can anyone please share the inventory with the details of all rules and the correct ids to be used for skip flag.
Could not find rule details for "S3 Access log"policy in any documentation.
-TIA
Hi, @AnkitRao17 does the skip_rules flag works for you when using Terrascan locally outside of the action?
The inventory of the latest policies included by default on Terrascan is here: https://github.com/accurics/terrascan/tree/master/pkg/policies/opa/rego We also keep a manually updated human-readable version here: https://runterrascan.io/docs/policies/
Hi @cesar-rodriguez ,
Apologies for the late response. The skip flag works locally when using terrascan. But through the action, it somehow doesn't seem to work. Also, can you please provide insights on which rule id to use while using the skip flag ?
Same for me, the github action:
terrascan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: tenable/terrascan-action@main
with:
skip_rules: "AC_DOCKER_0020,AC_DOCKER_0041"
verbose: true
The log:
...
Executing terrascan as follows:
terrascan scan -d . --skip-rules='AC_DOCKER_0020,AC_DOCKER_0041' -v --repo-url ... --repo-ref main
...
Violation Details -
...
Rule ID : AC_DOCKER_0020
...
Rule ID : AC_DOCKER_0041
...
Same here. Tried using skip_rules: "AC_AWS_0207" and skip_rules: "AWS.S3Bucket.EncryptionandKeyManagement.High.0405" but neither worked.
