false negative avd-gcp-0056 with terraform dynamic blocks #5868
Closed
pawelmrowka
started this conversation in
False Detection
Replies: 1 comment
-
Hi @pawelmrowka ! I created issue #5902 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
IDs
avd-gcp-0056
Description
Trivy incorrectly detects avd-gcp-0056 when using gke terraform module:
https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/tree/master#usage
probably due to the use of dynamic block
We found simillar issue with: https://github.com/terraform-google-modules/terraform-google-sql-db/tree/v18.1.0/modules/mysql and:
AVD-GCP-0015 -
dynamic "ip_configuration"
AVD-GCP-0024 -
dynamic "backup_configuration"
Reproduction Steps
Target
Filesystem
Scanner
Misconfiguration
Target OS
No response
Debug Output
Version
Checklist
-f json
that shows data sources and confirmed that the security advisory in data sources was correctBeta Was this translation helpful? Give feedback.
All reactions