Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dv job altered to add optional src-prq read-1 #9285

Merged
merged 5 commits into from
Jan 10, 2025
Merged

dv job altered to add optional src-prq read-1 #9285

merged 5 commits into from
Jan 10, 2025

Conversation

madhu-k-sr2
Copy link
Contributor

No description provided.

@madhu-k-sr2 madhu-k-sr2 requested review from a team as code owners January 9, 2025 14:45
@github-actions github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Jan 9, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-09T14:48:21Z INFO [vulndb] Need to update DB
2025-01-09T14:48:21Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T14:48:21Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:48:23Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:48:23Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T14:48:23Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T14:48:23Z INFO [misconfig] Need to update the built-in checks
2025-01-09T14:48:23Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T14:48:24Z INFO [secret] Secret scanning is enabled
2025-01-09T14:48:24Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T14:48:24Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T14:48:25Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T14:48:25Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:48:37Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:48:37Z INFO Number of language-specific files num=0
2025-01-09T14:48:37Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-09 14:48:39,665 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-09 14:48:39,665 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-09 14:48:39,665 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-09 14:48:39,666 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-09 14:48:39,666 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2600, Failed checks: 0, Skipped checks: 117


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-09T14:48:21Z	INFO	[vulndb] Need to update DB
2025-01-09T14:48:21Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T14:48:21Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:48:23Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:48:23Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T14:48:23Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T14:48:23Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T14:48:23Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T14:48:24Z	INFO	[secret] Secret scanning is enabled
2025-01-09T14:48:24Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T14:48:24Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T14:48:25Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T14:48:25Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:26Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:27Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:48:28Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:48:37Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:48:37Z	INFO	Number of language-specific files	num=0
2025-01-09T14:48:37Z	INFO	Detected config files	num=13
trivy_exitcode=0

@madhu-k-sr2 madhu-k-sr2 had a problem deploying to electronic-monitoring-data-test January 9, 2025 14:52 — with GitHub Actions Error
@madhu-k-sr2 madhu-k-sr2 had a problem deploying to electronic-monitoring-data-development January 9, 2025 14:52 — with GitHub Actions Error
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-09T14:52:08Z INFO [vulndb] Need to update DB
2025-01-09T14:52:08Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T14:52:08Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:52:10Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:52:10Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T14:52:10Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T14:52:10Z INFO [misconfig] Need to update the built-in checks
2025-01-09T14:52:10Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T14:52:11Z INFO [secret] Secret scanning is enabled
2025-01-09T14:52:11Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T14:52:11Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T14:52:12Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T14:52:12Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-09T14:52:24Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-09T14:52:24Z INFO Number of language-specific files num=0
2025-01-09T14:52:24Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-09 14:52:27,574 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-09 14:52:27,574 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-09 14:52:27,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-09 14:52:27,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-09 14:52:27,574 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2600, Failed checks: 0, Skipped checks: 117


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-09T14:52:08Z	INFO	[vulndb] Need to update DB
2025-01-09T14:52:08Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T14:52:08Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:52:10Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T14:52:10Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T14:52:10Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T14:52:10Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T14:52:10Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T14:52:11Z	INFO	[secret] Secret scanning is enabled
2025-01-09T14:52:11Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T14:52:11Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T14:52:12Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T14:52:12Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T14:52:16Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-09T14:52:24Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-09T14:52:24Z	INFO	Number of language-specific files	num=0
2025-01-09T14:52:24Z	INFO	Detected config files	num=13
trivy_exitcode=0

@madhu-k-sr2 madhu-k-sr2 temporarily deployed to electronic-monitoring-data-development January 9, 2025 19:56 — with GitHub Actions Inactive
@madhu-k-sr2 madhu-k-sr2 temporarily deployed to electronic-monitoring-data-test January 9, 2025 19:57 — with GitHub Actions Inactive
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-09T19:57:06Z INFO [vulndb] Need to update DB
2025-01-09T19:57:06Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T19:57:06Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T19:57:08Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T19:57:08Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T19:57:08Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T19:57:08Z INFO [misconfig] Need to update the built-in checks
2025-01-09T19:57:08Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T19:57:08Z INFO [secret] Secret scanning is enabled
2025-01-09T19:57:08Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T19:57:08Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T19:57:10Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T19:57:10Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-09T19:57:23Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-09T19:57:24Z INFO Number of language-specific files num=0
2025-01-09T19:57:24Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-09 19:57:26,793 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-09 19:57:26,793 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-09 19:57:26,793 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-09 19:57:26,794 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-09 19:57:26,794 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2600, Failed checks: 0, Skipped checks: 117


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-09T19:57:06Z	INFO	[vulndb] Need to update DB
2025-01-09T19:57:06Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T19:57:06Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T19:57:08Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T19:57:08Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T19:57:08Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T19:57:08Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T19:57:08Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T19:57:08Z	INFO	[secret] Secret scanning is enabled
2025-01-09T19:57:08Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T19:57:08Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T19:57:10Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T19:57:10Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-09T19:57:15Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-09T19:57:23Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-09T19:57:24Z	INFO	Number of language-specific files	num=0
2025-01-09T19:57:24Z	INFO	Detected config files	num=13
trivy_exitcode=0

@madhu-k-sr2 madhu-k-sr2 had a problem deploying to electronic-monitoring-data-development January 10, 2025 08:09 — with GitHub Actions Error
@madhu-k-sr2 madhu-k-sr2 had a problem deploying to electronic-monitoring-data-test January 10, 2025 08:09 — with GitHub Actions Error
@github-actions GitHub Actions
Copy link
Contributor

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-10T08:09:27Z INFO [vulndb] Need to update DB
2025-01-10T08:09:27Z INFO [vulndb] Downloading vulnerability DB...
2025-01-10T08:09:27Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-10T08:09:29Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-10T08:09:29Z INFO [vuln] Vulnerability scanning is enabled
2025-01-10T08:09:29Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-10T08:09:29Z INFO [misconfig] Need to update the built-in checks
2025-01-10T08:09:29Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-10T08:09:29Z INFO [secret] Secret scanning is enabled
2025-01-10T08:09:29Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-10T08:09:29Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-10T08:09:30Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-10T08:09:31Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z INFO Number of language-specific files num=0
2025-01-10T08:09:42Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-10 08:09:45,117 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-10 08:09:45,117 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-10 08:09:45,117 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-10 08:09:45,117 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-10 08:09:45,117 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2600, Failed checks: 0, Skipped checks: 117


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-10T08:09:27Z	INFO	[vulndb] Need to update DB
2025-01-10T08:09:27Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-10T08:09:27Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-10T08:09:29Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-10T08:09:29Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-10T08:09:29Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-10T08:09:29Z	INFO	[misconfig] Need to update the built-in checks
2025-01-10T08:09:29Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-10T08:09:29Z	INFO	[secret] Secret scanning is enabled
2025-01-10T08:09:29Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-10T08:09:29Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-10T08:09:30Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-10T08:09:31Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-10T08:09:34Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:53-71"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-10T08:09:42Z	INFO	Number of language-specific files	num=0
2025-01-10T08:09:42Z	INFO	Detected config files	num=13
trivy_exitcode=0

@madhu-k-sr2 madhu-k-sr2 merged commit 02a89a6 into main Jan 10, 2025
14 of 16 checks passed
@madhu-k-sr2 madhu-k-sr2 deleted the ELM-3031_Partitioned_DV_Job_09012025_1 branch January 10, 2025 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pricemg pricemg pricemg approved these changes

Assignees
No one assigned
Labels
environments-repository Used to exclude PRs from this repo in our Slack PR update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@madhu-k-sr2 @pricemg