Terrascan Versions Save

Changelog

• b018d772 Adding CFT scanning support for the resources: (#1149)
• 2f3c2d9a Adds: missing release tag push step (#1151)
• a524076b Bugfix/coginto pool (#1159)
• 2f294b45 Bugfix/s3 user policy (#1157)
• f1acad73 Feature/s3 policy update (#1153)
• ccca7eee Update mkdocs-material from 8.1.10 to 8.2.1 (#1155)
• c8234f4d fix rds encryptionc check policy (#1156)
• 21a73844 release 1.13.2 changelog (#1161)
• b45a099e skip terrascan init for --config-with-error flag (#1160)

Changelog

• 0fd6b7dd Add Policy AC_GCP_0296 - Service Attachment with ACCEPT_AUTOMATIC (#1147)
• b0259e8b Adds: logger in case of flag parsing fails (#1115)
• 969d8dfa Allow internal github repos to pass AC_GCP_0231 & AC_GITHUB_0002 (#1131)
• 090d7679 Allow tfplan format version 0.2 (#1074)
• 14a634ba Feature/ec2 cog lambda acm cft (#1129)
• 575bff2e Feature/eks msk vpc version (#1140)
• 4dae7e4a Feature/rds sage dms load emr msk (#1133)
• 94cc7ced Fix gcp policy AC_GCP_0014 - dnsStateIsNotOn (#1033) (#1107)
• 87ce30e6 Fix typos in docs and release_checklist (#1138)
• c37172a5 Prevent adding both skipped and failure elements (#1123)
• ae4eccb6 Update README.md (#1109)
• d7316b69 Update mkdocs-material from 8.1.4 to 8.1.8 (#1124)
• 683de81c Update mkdocs-material from 8.1.8 to 8.1.9 (#1132)
• b6f2ed06 Update mkdocs-material from 8.1.9 to 8.1.10 (#1141)
• 52e4cdb2 Updates CloudFormation mapper to support additional resources (#1120)
• 08ec43b4 add ability to output normalized resource config with errors (#1134)
• 9780e131 add rule id to docs (#1136)
• b75cab78 fix panic in cft (#1146)
• 7325cf96 fix: pkg/iac-providers/docker/v1/testdata/file-test-data/dockerfile-withmultiple-stages to reduce vulnerabilities (#1144)
• db9103e8 fixes failing docker iac provider test (#1145)
• 950e20ba release/v1.13.1 (#1150)
• 1dc8ebbe update cft mapper (#1143)
• 20ef2321 update cft mapper (#1148)
• f205cff5 updated discord link (#1118)

Changelog

• 790b1dd Fix Sarif file uri path invalid in Windows and update go-sarif to latest (#1070)
• ffd5d75 New k8s policy to detect CVE-2021-25742 (#1069)
• 2cde272 Update mkdocs-material from 7.3.4 to 7.3.6 (#1075)
• 5761394 Update mkdocs-material from 7.3.6 to 8.0.3 (#1092)
• 81f67ad Update mkdocs-material from 8.0.3 to 8.0.5 (#1095)
• ddad143 Update mkdocs-material from 8.0.5 to 8.1.3 (#1101)
• c8344ba Update mkdocs-material from 8.1.3 to 8.1.4 (#1106)
• 6a849d4 fix go mod (#1094)
• 83afdb7 fix input CFT templates based on goformation structs (#1105)
• 84eae3f fix: handles nil pointer issue while extracting container images (#1076)
• 9dec8e8 making change in imageVersionnotusinglatest.rego (#1068)
• 9f75f75 release/v1.13.0 (#1108)
• d2ede64 updating policies to detect cve-2021-25742 (#1071)

Changelog

4ee5e04 Accept notification webhook configs as CLI args (#1042) 056c30c Add support for getting line numbers for all attributes (#1055) 474f1b6 Add support for repo-url and branch name in CLI flags and scan output (#1059) 0719c9c Fix notification webhook flow (#1051) f81d81f Update atlantis base image (#1054) a3e7161 Update mkdocs from 1.2.2 to 1.2.3 (#1058) 1b60b11 Update mkdocs-material from 7.3.2 to 7.3.3 (#1057) 9c89ec1 Update mkdocs-material from 7.3.3 to 7.3.4 (#1060) 743756d release v1.12.0 (#1066) 835f90b update container image version in helm and kustomize sources (#1050)

Changelog

eaf5927 Adds additional dockerfile policies (#984) b6337a0 Adds: e2e tests for vulnerability (#1009) 56b6964 Adds: support for harbor registry vulnerability fetching (#1015) de98118 Optimized disk encryption check code. (#1037) b11c43a Update README.md with instsall instructions for ArchLinux / Manjaro (#1011) a400d98 Update docs for AWS.LambdaFunction.Logging.Low.0472 policy (#1027) 683be27 Update mkdocs-material from 7.2.4 to 7.2.6 (#1012) ec87a48 Update mkdocs-material from 7.2.6 to 7.3.2 (#1043) c11052e accepted 2xx in response code as success (#1040) d76a41a fix #1046: helm chart breaking due to invalid configfile name extension (#1047) 362aa86 fix permission issues in creating webhook mode logs file persistence 2bf4cdb fix: added null check before value conversion to avoid panic (#1020) db18509 release v1.11.0 (#1048)

Changelog

d1a11f3 Adds additional policies for dockerfile (#996) cecdd6e Adds: e2e test for docker IaC provider (#968) 687863e Bump github.com/hashicorp/go-getter from 1.5.2 to 1.5.7 (#993) d24a8b8 Bump github.com/hashicorp/hcl/v2 from 2.10.0 to 2.10.1 (#972) 68c36a1 Bump github.com/pelletier/go-toml from 1.8.1 to 1.9.3 (#999) e55a624 Bump github.com/spf13/afero from 1.5.1 to 1.6.0 (#970) 6ae1274 Extract Docker images from Terraform templates (#937) b42be70 Extract Docker images from k8s YAML files (#905) 256facf Extract images from Dockerfiles (#1002) 309e9f5 Fix dependency issue that caused dependabot to fail (#966) 05a65a3 Fixes supported Kustomize version (should be v4) (#932) 01184ad Initial support for image scanning (#989) 81495a9 Revert "update resource type to map[string]bool (#992)" (#1001) c3458b1 Update helm.sh/helm/v3 v3.6.1 (#1000) 1269301 Update mkdocs-material from 7.2.2 to 7.2.3 (#978) e9017b1 Update mkdocs-material from 7.2.3 to 7.2.4 (#985) a559f4b added binary based support for kustomize v2 and v3 (#988) 5077005 adds brew instructions to release checklist (#987) c9f7483 bump up version to 1.10 (#1008) ced64a2 fix(policies): removing false-positive for K8s namespaces (#961) a2b9bd2 modify wait logic for service account creation (#979) 5c6a2c1 terrascan should exit with non zero exit code when scan error are present (#994) 9aea292 update changelog (#1005) 3e8d964 update resource type to map[string]bool (#992)

Changelog

c1b2d57 Add support for CFT nested stacks (#949) 7fb8bb4 Adds Terrascan pre-commit (#953) 5477227 Adds support for using Terraform modules cached locally (#940) 11db729 Dockerfile support (#849) f922d00 Update README.md (#945) 485d577 Update mkdocs-material from 7.1.11 to 7.2.0 (#939) aaacce2 Update mkdocs-material from 7.2.0 to 7.2.1 (#947) af9deed Update mkdocs-material from 7.2.1 to 7.2.2 (#954) d1d21fc fix - config only option used with remote repo scan generates panic (#948) fad5d92 release v1.9.0 (#965) a3e0b6e temporary fix for k8s policy filtering issue (#963) b0c9873 update helm chart progress checklist (#943)

Changelog

35afbe6 Add support for arm linked templates (#903) 2443118 Do not initiate policy engine incase of --config-only flag cf582eb Remove unnecessary KMS deletion window code (#918) 35c7ca1 Update mkdocs from 1.2.1 to 1.2.2 (#935) dbf90e8 Update mkdocs-material from 7.1.10 to 7.1.11 (#938) 29201a7 Update mkdocs-material from 7.1.9 to 7.1.10 (#929) ef959f1 Update overview.md (#919) 656744d Updating the dax cluster policy (#909) 8bba815 add github-sarif writer for github suited sarif output (#907) 89555e5 add integrations overview and minor fixes (#913) 80c00e0 fix error log message for terraform file (#914) c9d73e0 fix go mod files (#941) 73bcc12 fix(sws/cloudfront): wrong check tls version (#928) d231a43 fixed e2e test cases for --config-only 5513a0f fixes: broken doc links (#921) 1721cde minor-doc-fix (#916) c299d50 policy to detect a service without selector (#931) bf23634 release v1.8.1 (#942) 87efa51 terraform 0.15 support (#860) aba0d62 update getting started and Usage, fix links (#920)

Changelog

325985d Add ID Field in Azure Policies (#872) 9e962b9 Add Microsoft Azure ARM as an IaC Provider (#736) 95b02c4 Added "id" field support & policy validation tests (#843) 7a4de55 Addind AWS Network Security Policies (#866) 32a4c15 Adding Id fix for github policies (#874) 6e3cc71 Adding missing Id field for GCP policies (#870) 6b7b83f Bugfix/az nw sec policies (#862) 4bbb647 Bugfix/k8s id field (#873) bcc4cf2 Change api, Add support for s3 bucket resource and better cft loader (#865) 9f050b3 Fix authorization header for http request (#877) b8fda7c Fixes incorrect filepath reporting in sarif output & added e2e tests for sarif output (#863) 7fd8ba0 Minor documentation fixes (#908) 1b58346 Spilt usage docs (#890) c3f372f Update Integration Docs.md (#885) c43ec4a Update cicd.md (#901) 51a71f8 Update cicd.md (#902) 4bf9b35 Update mkdocs from 1.1.2 to 1.2.1 (#886) 1db0999 Update mkdocs-material from 7.1.4 to 7.1.8 (#859) 0734df7 Update mkdocs-material from 7.1.8 to 7.1.9 (#895) a74765d Update usage.md (#893) decb1e9 Updates documentation on Terrascan github action (#894) c04acd4 Updating network security policies for GCP (#869) bedfaa1 Use CGO independent package for sqlite (#906) 40c0aa8 add in-file instrumentation segment (#910) 36ca6eb add proper values via metadata (#888) 7d20723 adding ID field (#871) c642063 fix broken link to usage.md (#855) 80902fa fix error messages reported from hcl diags (#911) 2ca5eb1 fix(pkg/policies/opa/rego/azure/azurerm_container_registry/containerregistryresourcelock.rego): check correct fields (#858) 617ef74 fixed sarif unit tests hardcoding code smell (#857) cee9ab4 fixes: recursive loop when parent and child module has same local block (#900) 4fd7642 improves: filename in remote module (#867) 2fdc14d k8s policies refactor (#879) 0f0be20 mod policies to achieve parity with siac (#878) 1f316eb release v1.8.0 (#912)

Changelog

95aba12 Add AWS CFT as an IaC Provider (#815) a4d7af9 1. fix failing test due to log message assertion (#812) b899922 Add ID Field for AWS Policies' Metadata (#831) 48f92ef Add ID Field for K8s Policies' Metadata (#826) cb2be19 Add module name in violation summary for terraform scans (#774) 07c1e4f Add a kustomize based guide for setting up terrascan server and validating webhook in kubernetes (#739) 0a1912f Add e2e tests for k8s admission control validating webhook (#772) 1d7e5b9 Add webhook setup capability and remote repo scan capability in the helm charts (#778) 940a446 Added source_range 0.0.0.0/0 (any) to avoid rule violations (#776) 3f02324 Adding Aws new policies cloudTrail (#810) 5f4b15a Adds support to scan config resources with applicable policies & Refactors filteration (#803) 5057073 Adds: in-file instrumentation for resource prioritizing (#802) 05e4db3 Automate generation of TLS Certs using Helm (#779) 8fc20b2 Bugfix/use ref id old format (#846) 0f03866 Bump up to Go 1.16 (#836) 9adfe1d Do not trim resource id from tfplan json (#825) 53eda39 Documentation (#768) 37cef51 Feature/az id field (#808) 72e3ebc Fix accurics.azure.AKS.3 (#712) 0eae483 Fixing the bug for google_kms_crypto_key policies (#848) 01c8d78 Initial addition of terrascan helm chart (#688) 636515e JSON and Rego updated (#787) 82e5242 Support for spaces in policy reference_id (#833) 0cf4ed6 Update mkdocs-material from 7.1.2 to 7.1.4 (#746) 9db3868 Update mkdocs-redirects from 1.0.1 to 1.0.3 (#710) d7e16f6 Update policy description to match correct port. (#777) 9ac1667 Update usage.md (#765) 1839b24 [feat.] Merge Webhook and Server Helm Chart (#817) 1229942 [fix] Add Alternate names for k8s services (#834) 9ff6f2f add check for env vars and kms, fixes #682 (#827) 0d8bc97 add id field for matching policies siac/terrascan (#824) 0ed8ef7 add logging middleware for server (#785) afc2a18 add support for YAML format for terrascan config file (#816) fafdda4 add support for sarif format violation reports (#806) dc0b428 add validation for tls private key and cert file values (#771) 971845a bucket policy check false positive fix (#828) 358fc67 check for loopback addresses in endpoint slice (#830) a3f26c1 config file changes for terrascan server (#780) b012204 enhancing aws policies (#829) 23bb0ae fix multierror variable issue for helm, kustomize and k8s (#818) cbbde51 fix terraform inner block reference resolution (#844) 0c3c547 fix: add validation for module local source dir in terraform iac (#793) 0e4c830 fix: modified docker file to use UID of user (#773) eff166f fix: moves the pending test to running (#819) 5060bbb fixing the policy (#847) ff2c2a5 improve unit tests for config reader package (#820) 66159bd making file paths relative for k8s IaC (#821) e4ae20c policy metadata changes to include policy_type and resource_type (#792) 9316d5d reference ids with & and fixed (#845) 446b80f release 1.7.0 (#850) bea2473 removed pod level securityContext support (#790) 669631a shifted custom atlantis container source under integrations/ directory (#758) 696481d shifted opa engine warning message to debug log level (#800) dec6618 type assertion check for hcl.Body (#832)