terrascan icon indicating copy to clipboard operation
terrascan copied to clipboard

Published 20 hours ago verified publisher icon tenable

When performing a tfplan scan the resource name is incomplete

Open jbrule opened this issue 1 year ago • 1 comments

  • terrascan version: v1.18.1
  • Operating System: Ventura 13.3.1, Darwin Kernel Version 22.4.0

Description

Running custom policy scan on Terraform plan file and expecting to fail but the output does not include a complete resource name. I think the address would be more helpful in the check output. Currently the ambiguous Resource name makes it really difficult for developers to trace the source module/resource.

I have performed a config test and that includes the module path which is useful but we are seeing false positives as our modules make use of for_each and variable maps which Terrascan is not correctly resolving.

What I Did

terrascan scan -v --log-output-dir ../scanner-logs -i tfplan -t gcp --use-terraform-cache -p custom-policies -f tfplan.json

Resource in tfplan Screenshot 2023-05-16 at 2 08 41 PM

Check Output Screenshot 2023-05-16 at 2 16 15 PM

jbrule avatar May 16 '23 19:05 jbrule

Any suggestion? Been awhile.

jbrule avatar Aug 21 '23 21:08 jbrule