Checkov Scan Findings for "terraform-aws-iam" Repository
m5jain opened this issue · 2 comments
Description
While running the Checkov scanning tool for the "terraform-aws-iam" repo, we identified several issues, which are attached. Please review them.
- ✋ I have searched the open/closed issues and my issue is not listed.
Versions
- Module version [Required]: v5.39.1
- Terraform version: Terraform v1.8.4
- Provider version(s): aws 5.52.0
Reproduction Code [Required]
Steps to reproduce the behavior:
Run the Checkov tool on the module as suggested on the Checkov official page: https://www.checkov.io/7.Scan%20Examples/Terraform%20Plan%20Scanning.html
Expected behavior
There should not be any findings in the output.
Actual behavior
We encountered the following findings:
ID: CKV_AWS_356
ID: CKV_AWS_111
ID: CKV_AWS_109
Terminal Output Screenshot(s)
Refer to the attached file for the line numbers where the issues are located.
scanners do not work on modules because modules do not define the end intent. its sort of like trying to stress test a blueprint for a building, it doesn't work - you test the final implementation
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.