You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Many issues related Checkov feature to scan terraform plan were closed prematurely without someone from Checkov making assessment whether this is bug or misuse of the tool. If Checkov does not support child module in the Terraform plan scanning when value is not known until after applying, the documentation needs to be updated. The same observation exists with Checkov connection and filter type policy not working with module resources while scanning Terraform plan.
Version (please complete the following information):
Checkov Version varies. most current versions still have the same issue.
Additional context
please update documentation to call out the limitation if scan Terraform plan is not fully supported. Or add as feature request so these issues can closed correctly.
The text was updated successfully, but these errors were encountered:
Hi @junhu73
I have also raised a similar issue, ref - #6135
The issue seems to be with the graph builder in checkov, mainly not creating edges properly.
I raised a PR (#6145) to address some of the bugs, but not getting active responses in the PR :( .
Lets hope someone from checkov team looks into it on priority!
Describe the issue
Many issues related Checkov feature to scan terraform plan were closed prematurely without someone from Checkov making assessment whether this is bug or misuse of the tool. If Checkov does not support child module in the Terraform plan scanning when value is not known until after applying, the documentation needs to be updated. The same observation exists with Checkov connection and filter type policy not working with module resources while scanning Terraform plan.
Examples
#2762
#5387
#4638
#1116
there were more ...
Version (please complete the following information):
Additional context
please update documentation to call out the limitation if scan Terraform plan is not fully supported. Or add as feature request so these issues can closed correctly.
The text was updated successfully, but these errors were encountered: