AC_AWS_0214 not backward compatible

[HorizonNet]

• terrascan version: master
• Operating System: MacOS

Description

The changes made in #1153 to introduce S3 bucket versioning capabilities for provider version 4.0.0 broke the behavior for provider versions before 4.0.0, such as 3.74.0 of hashicorp/aws. Now inline definitions of the bucket versioning are reported as violations.

What I Did

The following definition is versioning-enabled based on provider version 3.74.0 and was not reported as a violation for AC_AWS_0214 before #1153.

resource "aws_s3_bucket" "example" {
  bucket = "example"
  acl    = "private"

  versioning {
    enabled    = true
    mfa_delete = true
  }
}

Running the current master against this file via

./bin/terrascan scan -f main.tf -p terrascan/pkg/policies/opa/rego

returns the following result

Violation Details -

    Description    :        Enabling S3 versioning will enable easy recovery from both unintended user actions, like deletes and overwrites
    File           :        main.tf
    Module Name    :        root
    Line           :        5
    Severity       :        HIGH
    -----------------------------------------------------------------------

Scan Summary -

    File/Folder         :   main.tf
    IaC Type            :   terraform
    Scanned At          :   2022-02-27 14:59:11.976481 +0000 UTC
    Policies Validated  :   14
    Violated Policies   :   1
    Low                 :   0
    Medium              :   0
    High                :   1