Releases: devang-gaur/terrascan
v9.4
Changelog
95aba12 Add AWS CFT as an IaC Provider (tenable#815)
2b8e2cd tenable#394: recognize that empty values for username and password in master_auth block will disable basic auth
c33ebed -support color for default output -change color for 'file'
9d40d8e 1. added setup func to download policies 2. fix code smells
4fbe4ac 1. fix debug messages 2. fix typos in test name
3fd3d95 1. fix debug messages 2. fix typos in test name
a4d7af9 1. fix failing test due to log message assertion (tenable#812)
5abf9af 1. fix panic for list variable with no type definition in terraform config (tenable#654)
c36691f 1. fix panic for list variables 2. test for list variables
33cd0e7 1. fix summary order 2. fix colored writer test
bf202e0 1. format summary 2. print empty quotes when resource name is absent
78fd1d2 1. initial changes for registry module support 2. fix issue of remote module containing local modules
3bc7f14 1. initial changes for registry module support 2. fix issue of remote module containing local modules
390eed3 1. initial changes for registry module support 2. fix issue of remote module containing local modules
bfbd608 1. initial changes for registry module support 2. fix issue of remote module containing local modules
10ee6d5 1. modify existing tests of Run 2. add new tests for Run
e0c2e07 1. remove _ from test func 2. define variable for error string in test func
63d9867 1. support of rule skip comment for tf 2. human readable output modifications
0212180 1. support skip and scan rules in the server mode 2. refactor the existing config reader code 3. update unit tests 4. incorporate PR review comments
f0cbb79 1. support skip resource with comment. 2. skipped resource violations in output.
2ca27b9 1. toml config file based rule skipping 2. tests around rule scanning and skipping
c4b9aa7 1. update fix for exit code 2. remove default command code
6603436 APE-1319: Revamped Getting Started Section
dbaf3a1 AWS Risk Category Changes (tenable#603)
cca6d2f AWS new Categories (tenable#581)
9c4918e AWS policy pack update (tenable#737)
dfc0d08 Add /go/bin to PATH. (tenable#637)
a086a65 Add Docker image release tagging on release
b899922 Add ID Field for AWS Policies' Metadata (tenable#831)
48f92ef Add ID Field for K8s Policies' Metadata (tenable#826)
325985d Add ID Field in Azure Policies (tenable#872)
9e962b9 Add Microsoft Azure ARM as an IaC Provider (tenable#736)
cb2be19 Add module name in violation summary for terraform scans (tenable#774)
07c1e4f Add a kustomize based guide for setting up terrascan server and validating webhook in kubernetes (tenable#739)
a56270e Add check for visibility for github_repository
0a1912f Add e2e tests for k8s admission control validating webhook (tenable#772)
53657d0 Add instructions for booting terrascan demo
85a0666 Add line about kubernetes YAML/JSON support
c228665 Add new policy for checking insecure_ssl on github_organization_webhook
6d79769 Add new policy for checking insecure_ssl on github_repository_webhook
185f8c6 Add policy AC-K8-NS-SE-M-0188 for CVE-2020-8554
780408e Add policy set for GitHub provider
8b5f811 Add step-by-step instructions for interacting with the demo env
6da5e88 Add v13 flag option for terraform iac
3f759b9 Add v13 flag option for terraform iac
1d7e5b9 Add webhook setup capability and remote repo scan capability in the helm charts (tenable#778)
95b02c4 Added "id" field support & policy validation tests (tenable#843)
1f296e6 Added Unit test coverage for Kustomize V3 Iac-provider
940a446 Added source_range 0.0.0.0/0 (any) to avoid rule violations (tenable#776)
b1c5360 Added terraform v14 support
7a4de55 Addind AWS Network Security Policies (tenable#866)
3f02324 Adding Aws new policies cloudTrail (tenable#810)
32a4c15 Adding Id fix for github policies (tenable#874)
2a7627a Adding code of conduct
6e3cc71 Adding missing Id field for GCP policies (tenable#870)
317a536 Adding openssh to Dockerfile for downloading modules via ssh (tenable#625)
964167b Adding release checklist (tenable#734)
1d1addf Adding support to scan IAC from atlantis workflow (tenable#648)
2296d3a Adds support for scanning tfplan json file (tenable#562)
5f4b15a Adds support to scan config resources with applicable policies & Refactors filteration (tenable#803)
5057073 Adds: in-file instrumentation for resource prioritizing (tenable#802)
d356d5c Apply fix for self referential variables to non-parent modules
05e4db3 Automate generation of TLS Certs using Helm (tenable#779)
bc364ad Azure Risk Category Changes (tenable#604)
414035d Bring Go to 1.15 in Github Actions
5b612ed Bring Go to 1.15 in Github Actions
6b7b83f Bugfix/az nw sec policies (tenable#862)
4bbb647 Bugfix/k8s id field (tenable#873)
1752bb7 Bugfix/revert policies (tenable#602)
8fc20b2 Bugfix/use ref id old format (tenable#846)
87cf969 Bump github.com/gorilla/mux from 1.7.4 to 1.8.0
5885f2c Bump github.com/hashicorp/go-getter from 1.5.1 to 1.5.2
181d5b3 Bump github.com/hashicorp/go-retryablehttp from 0.6.6 to 0.6.8
eb7e1dc Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1
4d74093 Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1
03ea645 Bump github.com/iancoleman/strcase from 0.1.1 to 0.1.3
a264778 Bump github.com/mattn/go-isatty from 0.0.8 to 0.0.12
2330164 Bump github.com/mattn/go-isatty from 0.0.8 to 0.0.12
9664dcc Bump github.com/pelletier/go-toml from 1.8.0 to 1.8.1
7d0e3a0 Bump github.com/spf13/afero from 1.3.4 to 1.5.1
e838bb5 Bump github.com/spf13/cobra from 1.0.0 to 1.1.1 (tenable#493)
feb1a9e Bump github.com/zclconf/go-cty from 1.2.1 to 1.7.1
7a14d2d Bump go.uber.org/zap from 1.13.0 to 1.16.0
07092e5 Bump sigs.k8s.io/kustomize/api from 0.6.5 to 0.7.1
385da16 Bump sigs.k8s.io/kustomize/api from 0.7.1 to 0.7.2
1801ce9 Bump sigs.k8s.io/kustomize/api from 0.7.1 to 0.7.2
0f03866 Bump up to Go 1.16 (tenable#836)
55c1ae1 Category flag e2e tests (tenable#605)
bcc4cf2 Change api, Add support for s3 bucket resource and better cft loader (tenable#865)
9adfe1d Do not trim resource id from tfplan json (tenable#825)
53eda39 Documentation (tenable#768)
4590a3a Feature/aws new policies sp (tenable#751)
37cef51 Feature/az id field (tenable#808)
a4dc4ef Fire clientCertificateEnabled rule when client certificate is enabled
2d06d74 Fix NSG associations (tenable#727)
72e3ebc Fix accurics.azure.AKS.3 (tenable#712)
9f050b3 Fix authorization header for http request (tenable#877)
8a70f9e Fix infinite loop on variable resolution
21d311b Fix link to rego playground in policies documentation
d6eb16e Fix typo
7e1a1bb Fix typo in architecture documentation
2536a09 Fix: potential bug added in PR tenable#470
2986401 Fix: potential bug added in PR tenable#470
91c018a Fixed incorrect description of a rego policy for RDS encryption
9792a28 Fixed messed up merge
2033718 Fixes broken link in README (tenable#671)
1257ec2 Fixes docs format (tenable#661)
cd2c0c5 Fixes header
b8fda7c Fixes incorrect filepath reporting in sarif output & added e2e tests for sarif output (tenable#863)
e783b6b Fixes typo
66c14cd Fixing policy description
0eae483 Fixing the bug for google_kms_crypto_key policies (tenable#848)
12ce5c6 For human readable output display json output when '--config-only' is used
d242c2e Gh action terrscan_atlantis release (tenable#733)
e8e5281 Handle multiple vpc flow logs (tenable#680)
433415c IMDSv1 check policy
df73bc4 IMDSv1 policy: update category, description
d6872fa IMDSv1 policy: update category, description
01c8d78 Initial addition of terrascan helm chart (tenable#688)
bbe97ce Initial changes for e2e testing framework (tenable#553)
636515e JSON and Rego updated (tenable#787)
d1a198c Log error in LoadIacDir before continuing (tenable#613)
225a914 Makes saving of admission requests configurable via a config file option (tenable#665)
c39c7fa Making Category Changes (tenable#606)
35c1c54 Merge branch 'colorize' of github.com:acc-jon/terrascan into colorize
5fc9818 Merge branch 'imdsv1-fix' of github.com:accurics/terrascan into imdsv1-fix
e153cde Merge branch 'master' into dependabot/go_modules/github.com/hashicorp/go-getter-1.5.2
283d7d9 Merge branch 'master' into dependabot/go_modules/go.uber.org/zap-1.16.0
2fe16cc Merge branch 'master' into issue-325
f799685 Merge branch 'master' into issue-325
2df50b4 Merge branch 'master' into issue-422
23fe143 Merge branch 'master' of github.com:accurics/terrascan into argo-cd-hook
e1df4c1 Merge branch 'master' of https://github.com/accurics/terrascan
13670d7 Merge branch 'remote-module-support' of https://github.com/patilpankaj212/terrascan into remote-module-support
3589f96 Merge branch 'remote-module-support' of https://github.com/patilpankaj212/terrascan into remote-module-support
1f89abd Merge pull request #1 from accurics/master
afc78b5 Merge pull request tenable#319 from kklin/demo-badge
570cc9b Merge pull request tenable#333 from HorizonNet/issue-326
424c823 Merge pull request tenable#334 from HorizonNet/issue-325
c061f02 Merge pull request tenable#335 from accurics/readme-update-k8s
0b22a65 Merge pull request tenable#336 from accurics/auto-pickup-supportedtypes
f380b89 Merge pull request tenable#337 from accurics/docs/github-policies
dcd76dd Merge pull request tenable#340 from accurics/pyup-update-mkdocs-material-5.5.12-to-5.5.14
9aad2cf Merge pull request tenable#343 from kmonticolo/fix_typo
25a7c45 Merge pull request tenable#344 from accurics/bugfix/fix-providers-unit-test
f1c80fe Merge pull request tenable#345 from accurics/feature/downloader-support
45a6ee9 Merge pull request tenable#346 from accurics/pyup-update-mkdocs-material-5.5.14-to-6.0.1
556d333 Merge pull request tenable#347 from acc-jon/colorize
49f66ed Merge pull request tenable#348 from accurics/pyup-update-mkdocs-material-6.0.1-to-6.0.2
347bee3 Merge pull request tenable#350 from HorizonNet/issue-339
2c964d5 Merge pull request tenable#351 from accurics/feature/support-resolve-variable-references
a8084f6 Merge pull request tenable#354 from acc-jon/master
4a5d34d Merge pull request tenable#356 from accurics/pyup-update-mkdocs-material-6.0.2-to-6.1.0
222bd31 Merge pull request tenable#357 from accurics/feature/aws-serverless-regos
fd2bf7c Merge pull request tenable#360 from accurics/bugfix/add-git-binary
935e3b0 Merge pull request tenable#361 from accurics/bugfix/fix-http-request
d7bc4aa Merge pull request tenable#366 from accurics/bugfix/large-file
7a8e07f Merge pull request tenable#368 from acc-jon/master
fb7b01c...
v9.0.6
v9.0.4
v9.0.2
v9.0.0
Changelog
95aba12 Add AWS CFT as an IaC Provider (tenable#815)
2b8e2cd tenable#394: recognize that empty values for username and password in master_auth block will disable basic auth
c33ebed -support color for default output -change color for 'file'
9d40d8e 1. added setup func to download policies 2. fix code smells
3fd3d95 1. fix debug messages 2. fix typos in test name
4fbe4ac 1. fix debug messages 2. fix typos in test name
a4d7af9 1. fix failing test due to log message assertion (tenable#812)
5abf9af 1. fix panic for list variable with no type definition in terraform config (tenable#654)
c36691f 1. fix panic for list variables 2. test for list variables
33cd0e7 1. fix summary order 2. fix colored writer test
bf202e0 1. format summary 2. print empty quotes when resource name is absent
78fd1d2 1. initial changes for registry module support 2. fix issue of remote module containing local modules
390eed3 1. initial changes for registry module support 2. fix issue of remote module containing local modules
bfbd608 1. initial changes for registry module support 2. fix issue of remote module containing local modules
3bc7f14 1. initial changes for registry module support 2. fix issue of remote module containing local modules
10ee6d5 1. modify existing tests of Run 2. add new tests for Run
e0c2e07 1. remove _ from test func 2. define variable for error string in test func
63d9867 1. support of rule skip comment for tf 2. human readable output modifications
0212180 1. support skip and scan rules in the server mode 2. refactor the existing config reader code 3. update unit tests 4. incorporate PR review comments
f0cbb79 1. support skip resource with comment. 2. skipped resource violations in output.
2ca27b9 1. toml config file based rule skipping 2. tests around rule scanning and skipping
c4b9aa7 1. update fix for exit code 2. remove default command code
6603436 APE-1319: Revamped Getting Started Section
dbaf3a1 AWS Risk Category Changes (tenable#603)
cca6d2f AWS new Categories (tenable#581)
9c4918e AWS policy pack update (tenable#737)
dfc0d08 Add /go/bin to PATH. (tenable#637)
a086a65 Add Docker image release tagging on release
b899922 Add ID Field for AWS Policies' Metadata (tenable#831)
48f92ef Add ID Field for K8s Policies' Metadata (tenable#826)
325985d Add ID Field in Azure Policies (tenable#872)
cb2be19 Add module name in violation summary for terraform scans (tenable#774)
07c1e4f Add a kustomize based guide for setting up terrascan server and validating webhook in kubernetes (tenable#739)
a56270e Add check for visibility for github_repository
0a1912f Add e2e tests for k8s admission control validating webhook (tenable#772)
53657d0 Add instructions for booting terrascan demo
85a0666 Add line about kubernetes YAML/JSON support
c228665 Add new policy for checking insecure_ssl on github_organization_webhook
6d79769 Add new policy for checking insecure_ssl on github_repository_webhook
185f8c6 Add policy AC-K8-NS-SE-M-0188 for CVE-2020-8554
780408e Add policy set for GitHub provider
8b5f811 Add step-by-step instructions for interacting with the demo env
6da5e88 Add v13 flag option for terraform iac
3f759b9 Add v13 flag option for terraform iac
1d7e5b9 Add webhook setup capability and remote repo scan capability in the helm charts (tenable#778)
95b02c4 Added "id" field support & policy validation tests (tenable#843)
1f296e6 Added Unit test coverage for Kustomize V3 Iac-provider
940a446 Added source_range 0.0.0.0/0 (any) to avoid rule violations (tenable#776)
b1c5360 Added terraform v14 support
7a4de55 Addind AWS Network Security Policies (tenable#866)
3f02324 Adding Aws new policies cloudTrail (tenable#810)
32a4c15 Adding Id fix for github policies (tenable#874)
2a7627a Adding code of conduct
6e3cc71 Adding missing Id field for GCP policies (tenable#870)
317a536 Adding openssh to Dockerfile for downloading modules via ssh (tenable#625)
964167b Adding release checklist (tenable#734)
1d1addf Adding support to scan IAC from atlantis workflow (tenable#648)
2296d3a Adds support for scanning tfplan json file (tenable#562)
5f4b15a Adds support to scan config resources with applicable policies & Refactors filteration (tenable#803)
5057073 Adds: in-file instrumentation for resource prioritizing (tenable#802)
d356d5c Apply fix for self referential variables to non-parent modules
05e4db3 Automate generation of TLS Certs using Helm (tenable#779)
bc364ad Azure Risk Category Changes (tenable#604)
5b612ed Bring Go to 1.15 in Github Actions
414035d Bring Go to 1.15 in Github Actions
6b7b83f Bugfix/az nw sec policies (tenable#862)
4bbb647 Bugfix/k8s id field (tenable#873)
1752bb7 Bugfix/revert policies (tenable#602)
8fc20b2 Bugfix/use ref id old format (tenable#846)
87cf969 Bump github.com/gorilla/mux from 1.7.4 to 1.8.0
5885f2c Bump github.com/hashicorp/go-getter from 1.5.1 to 1.5.2
181d5b3 Bump github.com/hashicorp/go-retryablehttp from 0.6.6 to 0.6.8
4d74093 Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1
eb7e1dc Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1
03ea645 Bump github.com/iancoleman/strcase from 0.1.1 to 0.1.3
a264778 Bump github.com/mattn/go-isatty from 0.0.8 to 0.0.12
2330164 Bump github.com/mattn/go-isatty from 0.0.8 to 0.0.12
9664dcc Bump github.com/pelletier/go-toml from 1.8.0 to 1.8.1
7d0e3a0 Bump github.com/spf13/afero from 1.3.4 to 1.5.1
e838bb5 Bump github.com/spf13/cobra from 1.0.0 to 1.1.1 (tenable#493)
feb1a9e Bump github.com/zclconf/go-cty from 1.2.1 to 1.7.1
7a14d2d Bump go.uber.org/zap from 1.13.0 to 1.16.0
07092e5 Bump sigs.k8s.io/kustomize/api from 0.6.5 to 0.7.1
385da16 Bump sigs.k8s.io/kustomize/api from 0.7.1 to 0.7.2
1801ce9 Bump sigs.k8s.io/kustomize/api from 0.7.1 to 0.7.2
0f03866 Bump up to Go 1.16 (tenable#836)
55c1ae1 Category flag e2e tests (tenable#605)
bcc4cf2 Change api, Add support for s3 bucket resource and better cft loader (tenable#865)
9adfe1d Do not trim resource id from tfplan json (tenable#825)
53eda39 Documentation (tenable#768)
4590a3a Feature/aws new policies sp (tenable#751)
37cef51 Feature/az id field (tenable#808)
a4dc4ef Fire clientCertificateEnabled rule when client certificate is enabled
2d06d74 Fix NSG associations (tenable#727)
72e3ebc Fix accurics.azure.AKS.3 (tenable#712)
9f050b3 Fix authorization header for http request (tenable#877)
8a70f9e Fix infinite loop on variable resolution
21d311b Fix link to rego playground in policies documentation
d6eb16e Fix typo
7e1a1bb Fix typo in architecture documentation
2536a09 Fix: potential bug added in PR tenable#470
2986401 Fix: potential bug added in PR tenable#470
91c018a Fixed incorrect description of a rego policy for RDS encryption
9792a28 Fixed messed up merge
2033718 Fixes broken link in README (tenable#671)
1257ec2 Fixes docs format (tenable#661)
cd2c0c5 Fixes header
e783b6b Fixes typo
66c14cd Fixing policy description
0eae483 Fixing the bug for google_kms_crypto_key policies (tenable#848)
12ce5c6 For human readable output display json output when '--config-only' is used
d242c2e Gh action terrscan_atlantis release (tenable#733)
e8e5281 Handle multiple vpc flow logs (tenable#680)
433415c IMDSv1 check policy
df73bc4 IMDSv1 policy: update category, description
d6872fa IMDSv1 policy: update category, description
01c8d78 Initial addition of terrascan helm chart (tenable#688)
bbe97ce Initial changes for e2e testing framework (tenable#553)
636515e JSON and Rego updated (tenable#787)
d1a198c Log error in LoadIacDir before continuing (tenable#613)
225a914 Makes saving of admission requests configurable via a config file option (tenable#665)
c39c7fa Making Category Changes (tenable#606)
35c1c54 Merge branch 'colorize' of github.com:acc-jon/terrascan into colorize
5fc9818 Merge branch 'imdsv1-fix' of github.com:accurics/terrascan into imdsv1-fix
e153cde Merge branch 'master' into dependabot/go_modules/github.com/hashicorp/go-getter-1.5.2
283d7d9 Merge branch 'master' into dependabot/go_modules/go.uber.org/zap-1.16.0
f799685 Merge branch 'master' into issue-325
2fe16cc Merge branch 'master' into issue-325
2df50b4 Merge branch 'master' into issue-422
23fe143 Merge branch 'master' of github.com:accurics/terrascan into argo-cd-hook
e1df4c1 Merge branch 'master' of https://github.com/accurics/terrascan
13670d7 Merge branch 'remote-module-support' of https://github.com/patilpankaj212/terrascan into remote-module-support
3589f96 Merge branch 'remote-module-support' of https://github.com/patilpankaj212/terrascan into remote-module-support
1f89abd Merge pull request #1 from accurics/master
afc78b5 Merge pull request tenable#319 from kklin/demo-badge
570cc9b Merge pull request tenable#333 from HorizonNet/issue-326
424c823 Merge pull request tenable#334 from HorizonNet/issue-325
c061f02 Merge pull request tenable#335 from accurics/readme-update-k8s
0b22a65 Merge pull request tenable#336 from accurics/auto-pickup-supportedtypes
f380b89 Merge pull request tenable#337 from accurics/docs/github-policies
dcd76dd Merge pull request tenable#340 from accurics/pyup-update-mkdocs-material-5.5.12-to-5.5.14
9aad2cf Merge pull request tenable#343 from kmonticolo/fix_typo
25a7c45 Merge pull request tenable#344 from accurics/bugfix/fix-providers-unit-test
f1c80fe Merge pull request tenable#345 from accurics/feature/downloader-support
45a6ee9 Merge pull request tenable#346 from accurics/pyup-update-mkdocs-material-5.5.14-to-6.0.1
556d333 Merge pull request tenable#347 from acc-jon/colorize
49f66ed Merge pull request tenable#348 from accurics/pyup-update-mkdocs-material-6.0.1-to-6.0.2
347bee3 Merge pull request tenable#350 from HorizonNet/issue-339
2c964d5 Merge pull request tenable#351 from accurics/feature/support-resolve-variable-references
a8084f6 Merge pull request tenable#354 from acc-jon/master
4a5d34d Merge pull request tenable#356 from accurics/pyup-update-mkdocs-material-6.0.2-to-6.1.0
222bd31 Merge pull request tenable#357 from accurics/feature/aws-serverless-regos
fd2bf7c Merge pull request tenable#360 from accurics/bugfix/add-git-binary
935e3b0 Merge pull request tenable#361 from accurics/bugfix/fix-http-request
d7bc4aa Merge pull request tenable#366 from accurics/bugfix/large-file
7a8e07f Merge pull request tenable#368 from acc-jon/master
fb7b01c Merge pull request tenable#370 from accurics/pyup-update-mkdocs-material-6.1.0-to-6.1.2
411a4aa Merge pull request tenable#371 from accurics/pyup-update-mkdocs-material-6.1.2...