tenable/terrascan

Skip IaC Types

guyguy333 opened this issue · 0 comments

guyguy333 commented
  • terrascan version: 1.18.1
  • Operating System: macOS

Description

Currently, if we want to ignore an IaC type scan in a mixed IaC types in a directory, we need to run multiple times terrascan with --iac-type and different values. Sometimes, we just want to skip one IaC type because it's not relevant.
It would be useful to add a --skip-iac-type with type "strings" (list of iac types comma separated) to skip IaC types even if they are detected to avoid false positive issue.

Example: A directory is mixing helm and kustomise but there is also a terraform file. What I expect:

terrascan scan --skip-iac-types terraform

This should run Helm and Kustomise IaC type but not Terraform even if Terraform files are present.