EM: Fix SNS issues

[matt-heery]

No description provided.

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T15:32:27Z INFO [vulndb] Need to update DB
2025-01-02T15:32:27Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T15:32:27Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:32:30Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:32:30Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T15:32:30Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T15:32:30Z INFO [misconfig] Need to update the built-in checks
2025-01-02T15:32:30Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T15:32:30Z INFO [secret] Secret scanning is enabled
2025-01-02T15:32:30Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T15:32:30Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T15:32:31Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T15:32:31Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T15:32:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:32:43Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:32:43Z INFO Number of language-specific files num=0
2025-01-02T15:32:43Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 15:32:45,724 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 15:32:45,724 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 15:32:45,725 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 15:32:45,725 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 15:32:45,725 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T15:32:27Z	INFO	[vulndb] Need to update DB
2025-01-02T15:32:27Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-02T15:32:27Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:32:30Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:32:30Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T15:32:30Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T15:32:30Z	INFO	[misconfig] Need to update the built-in checks
2025-01-02T15:32:30Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T15:32:30Z	INFO	[secret] Secret scanning is enabled
2025-01-02T15:32:30Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T15:32:30Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T15:32:31Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T15:32:31Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T15:32:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:33Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:32:34Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:32:43Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:32:43Z	INFO	Number of language-specific files	num=0
2025-01-02T15:32:43Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T15:46:17Z INFO [vulndb] Need to update DB
2025-01-02T15:46:17Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T15:46:17Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:46:20Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:46:20Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T15:46:20Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T15:46:20Z INFO [misconfig] Need to update the built-in checks
2025-01-02T15:46:20Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-02T15:46:20Z INFO [secret] Secret scanning is enabled
2025-01-02T15:46:20Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T15:46:20Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T15:46:21Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T15:46:21Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T15:46:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z INFO Number of language-specific files num=0
2025-01-02T15:46:33Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 15:46:35,800 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 15:46:35,800 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 15:46:35,800 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 15:46:35,801 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 15:46:35,801 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T15:46:17Z	INFO	[vulndb] Need to update DB
2025-01-02T15:46:17Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-02T15:46:17Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:46:20Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T15:46:20Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T15:46:20Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T15:46:20Z	INFO	[misconfig] Need to update the built-in checks
2025-01-02T15:46:20Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-02T15:46:20Z	INFO	[secret] Secret scanning is enabled
2025-01-02T15:46:20Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T15:46:20Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T15:46:21Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T15:46:21Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T15:46:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T15:46:24Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T15:46:33Z	INFO	Number of language-specific files	num=0
2025-01-02T15:46:33Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:17:50Z INFO [vulndb] Need to update DB
2025-01-02T16:17:50Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T16:17:50Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:17:52Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:17:52Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:17:52Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:17:52Z INFO [misconfig] Need to update the built-in checks
2025-01-02T16:17:52Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T16:17:53Z INFO [secret] Secret scanning is enabled
2025-01-02T16:17:53Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:17:53Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:17:54Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:17:54Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:17:55Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:18:06Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z INFO Number of language-specific files num=0
2025-01-02T16:18:06Z INFO Detected config files num=14
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:18:06Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:18:06Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:18:06Z INFO [secret] Secret scanning is enabled
2025-01-02T16:18:06Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:18:06Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:18:07Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:18:07Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:18:07Z INFO Number of language-specific files num=0
2025-01-02T16:18:07Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:18:07Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:18:07Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:18:07Z INFO [secret] Secret scanning is enabled
2025-01-02T16:18:07Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:18:07Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:18:09Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:18:09Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:18:18Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:18:18Z INFO Number of language-specific files num=0
2025-01-02T16:18:18Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:18:21,411 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:21,414 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:21,414 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:21,414 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:21,414 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:18:34,714 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:34,717 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:34,717 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:34,717 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:18:34,717 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:17:50Z	INFO	[vulndb] Need to update DB
2025-01-02T16:17:50Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-02T16:17:50Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:17:52Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:17:52Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:17:52Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:17:52Z	INFO	[misconfig] Need to update the built-in checks
2025-01-02T16:17:52Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T16:17:53Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:17:53Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:17:53Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:17:54Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:17:54Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:17:55Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:55Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:17:57Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:18:06Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:18:06Z	INFO	Number of language-specific files	num=0
2025-01-02T16:18:06Z	INFO	Detected config files	num=14
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:18:06Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:18:06Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:18:06Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:18:06Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:18:06Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:18:07Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:18:07Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:18:07Z	INFO	Number of language-specific files	num=0
2025-01-02T16:18:07Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:18:07Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:18:07Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:18:07Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:18:07Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:18:07Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:18:09Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:18:09Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:18:10Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:18:18Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:18:18Z	INFO	Number of language-specific files	num=0
2025-01-02T16:18:18Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:19:35Z INFO [vulndb] Need to update DB
2025-01-02T16:19:35Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T16:19:35Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:19:38Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:19:38Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:19:38Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:19:38Z INFO [misconfig] Need to update the built-in checks
2025-01-02T16:19:38Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T16:19:38Z INFO [secret] Secret scanning is enabled
2025-01-02T16:19:38Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:19:38Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:19:39Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:19:39Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z INFO Number of language-specific files num=0
2025-01-02T16:19:50Z INFO Detected config files num=14
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:19:50Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:19:50Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:19:50Z INFO [secret] Secret scanning is enabled
2025-01-02T16:19:50Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:19:50Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:19:51Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:19:51Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:19:52Z INFO Number of language-specific files num=0
2025-01-02T16:19:52Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:19:52Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:19:52Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:19:52Z INFO [secret] Secret scanning is enabled
2025-01-02T16:19:52Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:19:52Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:19:53Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:19:53Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:20:03Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:20:03Z INFO Number of language-specific files num=0
2025-01-02T16:20:03Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:20:05,552 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:05,554 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:05,554 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:05,554 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:05,555 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:20:18,557 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:18,557 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:18,557 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:18,557 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:20:18,558 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:19:35Z	INFO	[vulndb] Need to update DB
2025-01-02T16:19:35Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-02T16:19:35Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:19:38Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:19:38Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:19:38Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:19:38Z	INFO	[misconfig] Need to update the built-in checks
2025-01-02T16:19:38Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T16:19:38Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:19:38Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:19:38Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:19:39Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:19:39Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:40Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:41Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:42Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:19:50Z	INFO	Number of language-specific files	num=0
2025-01-02T16:19:50Z	INFO	Detected config files	num=14
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:19:50Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:19:50Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:19:50Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:19:50Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:19:50Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:19:51Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:19:51Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:19:52Z	INFO	Number of language-specific files	num=0
2025-01-02T16:19:52Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:19:52Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:19:52Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:19:52Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:19:52Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:19:52Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:19:53Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:19:53Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:53Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:19:54Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:20:03Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:20:03Z	INFO	Number of language-specific files	num=0
2025-01-02T16:20:03Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:30:31Z INFO [vulndb] Need to update DB
2025-01-02T16:30:31Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T16:30:31Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:30:33Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:30:33Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:30:33Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:30:33Z INFO [misconfig] Need to update the built-in checks
2025-01-02T16:30:33Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-02T16:30:33Z INFO [secret] Secret scanning is enabled
2025-01-02T16:30:33Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:30:33Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:30:35Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:30:35Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:38Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:46Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:46Z INFO Number of language-specific files num=0
2025-01-02T16:30:46Z INFO Detected config files num=14
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:30:46Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:30:46Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:30:46Z INFO [secret] Secret scanning is enabled
2025-01-02T16:30:46Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:30:46Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:30:47Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:30:47Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:30:47Z INFO Number of language-specific files num=0
2025-01-02T16:30:47Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:30:47Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:30:47Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:30:47Z INFO [secret] Secret scanning is enabled
2025-01-02T16:30:47Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:30:47Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:30:49Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:30:49Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:30:58Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:30:59Z INFO Number of language-specific files num=0
2025-01-02T16:30:59Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:31:01,402 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:01,402 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:01,402 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:01,402 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:01,402 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:31:14,289 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:14,289 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:14,289 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:14,290 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:31:14,290 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:30:31Z	INFO	[vulndb] Need to update DB
2025-01-02T16:30:31Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-02T16:30:31Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:30:33Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:30:33Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:30:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:30:33Z	INFO	[misconfig] Need to update the built-in checks
2025-01-02T16:30:33Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-02T16:30:33Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:30:33Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:30:33Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:30:35Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:30:35Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:38Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:46Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:46Z	INFO	Number of language-specific files	num=0
2025-01-02T16:30:46Z	INFO	Detected config files	num=14
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:30:46Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:30:46Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:30:46Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:30:46Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:30:46Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:30:47Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:30:47Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:30:47Z	INFO	Number of language-specific files	num=0
2025-01-02T16:30:47Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:30:47Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:30:47Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:30:47Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:30:47Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:30:47Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:30:49Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:30:49Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:49Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:30:50Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:30:58Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:30:59Z	INFO	Number of language-specific files	num=0
2025-01-02T16:30:59Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:40:03Z INFO [vulndb] Need to update DB
2025-01-02T16:40:03Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T16:40:03Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:40:06Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:40:06Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:40:06Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:40:06Z INFO [misconfig] Need to update the built-in checks
2025-01-02T16:40:06Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T16:40:06Z INFO [secret] Secret scanning is enabled
2025-01-02T16:40:06Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:40:06Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:40:08Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:40:08Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z INFO Number of language-specific files num=0
2025-01-02T16:40:21Z INFO Detected config files num=14
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:40:21Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:40:21Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:40:21Z INFO [secret] Secret scanning is enabled
2025-01-02T16:40:21Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:40:21Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:40:22Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:40:22Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:40:22Z INFO Number of language-specific files num=0
2025-01-02T16:40:22Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:40:22Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T16:40:22Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T16:40:22Z INFO [secret] Secret scanning is enabled
2025-01-02T16:40:22Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:40:22Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:40:24Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T16:40:24Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:40:33Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:40:33Z INFO Number of language-specific files num=0
2025-01-02T16:40:33Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:40:36,867 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:36,867 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:36,867 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:36,868 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:36,868 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-02 16:40:51,213 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:51,214 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:51,214 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:51,214 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-02 16:40:51,214 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:40:03Z	INFO	[vulndb] Need to update DB
2025-01-02T16:40:03Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-02T16:40:03Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:40:06Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T16:40:06Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:40:06Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:40:06Z	INFO	[misconfig] Need to update the built-in checks
2025-01-02T16:40:06Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T16:40:06Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:40:06Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:40:06Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:40:08Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:40:08Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:11Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:13Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:40:21Z	INFO	Number of language-specific files	num=0
2025-01-02T16:40:21Z	INFO	Detected config files	num=14
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-02T16:40:21Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:40:21Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:40:21Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:40:21Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:40:21Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:40:22Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:40:22Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-02T16:40:22Z	INFO	Number of language-specific files	num=0
2025-01-02T16:40:22Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-02T16:40:22Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-02T16:40:22Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-02T16:40:22Z	INFO	[secret] Secret scanning is enabled
2025-01-02T16:40:22Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T16:40:22Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T16:40:24Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-02T16:40:24Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:24Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T16:40:25Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-02T16:40:33Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-02T16:40:33Z	INFO	Number of language-specific files	num=0
2025-01-02T16:40:33Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T09:26:06Z INFO [vulndb] Need to update DB
2025-01-03T09:26:06Z INFO [vulndb] Downloading vulnerability DB...
2025-01-03T09:26:06Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T09:26:08Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T09:26:08Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T09:26:08Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T09:26:08Z INFO [misconfig] Need to update the built-in checks
2025-01-03T09:26:08Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T09:26:08Z INFO [secret] Secret scanning is enabled
2025-01-03T09:26:08Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T09:26:08Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T09:26:09Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T09:26:09Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-03T09:26:09Z INFO Number of language-specific files num=0
2025-01-03T09:26:09Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T09:26:10Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T09:26:10Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T09:26:10Z INFO [secret] Secret scanning is enabled
2025-01-03T09:26:10Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T09:26:10Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T09:26:11Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T09:26:11Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T09:26:22Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z INFO Number of language-specific files num=0
2025-01-03T09:26:22Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 09:26:28,132 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 09:26:28,132 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 09:26:28,132 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 09:26:28,132 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 09:26:28,133 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2611, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T09:26:06Z	INFO	[vulndb] Need to update DB
2025-01-03T09:26:06Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-03T09:26:06Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T09:26:08Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T09:26:08Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T09:26:08Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T09:26:08Z	INFO	[misconfig] Need to update the built-in checks
2025-01-03T09:26:08Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T09:26:08Z	INFO	[secret] Secret scanning is enabled
2025-01-03T09:26:08Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T09:26:08Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T09:26:09Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T09:26:09Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-03T09:26:09Z	INFO	Number of language-specific files	num=0
2025-01-03T09:26:09Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T09:26:10Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T09:26:10Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T09:26:10Z	INFO	[secret] Secret scanning is enabled
2025-01-03T09:26:10Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T09:26:10Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T09:26:11Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T09:26:11Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:12Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:13Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T09:26:14Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:36"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:92"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T09:26:22Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T09:26:22Z	INFO	Number of language-specific files	num=0
2025-01-03T09:26:22Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T13:31:40Z INFO [vulndb] Need to update DB
2025-01-03T13:31:40Z INFO [vulndb] Downloading vulnerability DB...
2025-01-03T13:31:40Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:31:42Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:31:42Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T13:31:42Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T13:31:42Z INFO [misconfig] Need to update the built-in checks
2025-01-03T13:31:42Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T13:31:42Z INFO [secret] Secret scanning is enabled
2025-01-03T13:31:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:31:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:31:43Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T13:31:43Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-03T13:31:43Z INFO Number of language-specific files num=0
2025-01-03T13:31:43Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T13:31:43Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T13:31:43Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T13:31:43Z INFO [secret] Secret scanning is enabled
2025-01-03T13:31:43Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:31:43Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:31:45Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T13:31:45Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:39"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:120"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:31:57Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z INFO Number of language-specific files num=0
2025-01-03T13:31:57Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 13:32:02,568 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 13:32:02,568 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 13:32:02,568 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 13:32:02,568 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 13:32:02,568 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2634, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T13:31:40Z	INFO	[vulndb] Need to update DB
2025-01-03T13:31:40Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-03T13:31:40Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:31:42Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:31:42Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T13:31:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T13:31:42Z	INFO	[misconfig] Need to update the built-in checks
2025-01-03T13:31:42Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T13:31:42Z	INFO	[secret] Secret scanning is enabled
2025-01-03T13:31:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:31:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:31:43Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T13:31:43Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-03T13:31:43Z	INFO	Number of language-specific files	num=0
2025-01-03T13:31:43Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T13:31:43Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T13:31:43Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T13:31:43Z	INFO	[secret] Secret scanning is enabled
2025-01-03T13:31:43Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:31:43Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:31:45Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T13:31:45Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:46Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:47Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:31:48Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:39"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:120"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:31:57Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T13:31:57Z	INFO	Number of language-specific files	num=0
2025-01-03T13:31:57Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T13:45:31Z INFO [vulndb] Need to update DB
2025-01-03T13:45:31Z INFO [vulndb] Downloading vulnerability DB...
2025-01-03T13:45:31Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:45:33Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:45:33Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T13:45:33Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T13:45:33Z INFO [misconfig] Need to update the built-in checks
2025-01-03T13:45:33Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T13:45:33Z INFO [secret] Secret scanning is enabled
2025-01-03T13:45:33Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:45:33Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:45:35Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T13:45:35Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-03T13:45:35Z INFO Number of language-specific files num=0
2025-01-03T13:45:35Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T13:45:35Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T13:45:35Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T13:45:35Z INFO [secret] Secret scanning is enabled
2025-01-03T13:45:35Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:45:35Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:45:36Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T13:45:36Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T13:45:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:39"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:120"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T13:45:48Z INFO Number of language-specific files num=0
2025-01-03T13:45:48Z INFO Detected config files num=14
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 13:45:53,794 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 13:45:53,794 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 13:45:53,795 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 13:45:53,795 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 13:45:53,795 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2634, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T13:45:31Z	INFO	[vulndb] Need to update DB
2025-01-03T13:45:31Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-03T13:45:31Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:45:33Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T13:45:33Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T13:45:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T13:45:33Z	INFO	[misconfig] Need to update the built-in checks
2025-01-03T13:45:33Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T13:45:33Z	INFO	[secret] Secret scanning is enabled
2025-01-03T13:45:33Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:45:33Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:45:35Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T13:45:35Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-03T13:45:35Z	INFO	Number of language-specific files	num=0
2025-01-03T13:45:35Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T13:45:35Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T13:45:35Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T13:45:35Z	INFO	[secret] Secret scanning is enabled
2025-01-03T13:45:35Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T13:45:35Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T13:45:36Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T13:45:36Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T13:45:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T13:45:39Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:39"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-sns-topic-encryption-use-cmk" range="s3_sns.tf:120"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T13:45:48Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T13:45:48Z	INFO	Number of language-specific files	num=0
2025-01-03T13:45:48Z	INFO	Detected config files	num=14
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T14:23:02Z INFO [vulndb] Need to update DB
2025-01-03T14:23:02Z INFO [vulndb] Downloading vulnerability DB...
2025-01-03T14:23:02Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T14:23:05Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T14:23:05Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T14:23:05Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T14:23:05Z INFO [misconfig] Need to update the built-in checks
2025-01-03T14:23:05Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-03T14:23:05Z INFO [secret] Secret scanning is enabled
2025-01-03T14:23:05Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T14:23:05Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T14:23:06Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T14:23:06Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z INFO Number of language-specific files num=0
2025-01-03T14:23:19Z INFO Detected config files num=13
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T14:23:19Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T14:23:19Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T14:23:19Z INFO [secret] Secret scanning is enabled
2025-01-03T14:23:19Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T14:23:19Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T14:23:20Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T14:23:20Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-03T14:23:20Z INFO Number of language-specific files num=0
2025-01-03T14:23:20Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T14:23:20Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T14:23:20Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T14:23:20Z INFO [secret] Secret scanning is enabled
2025-01-03T14:23:20Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T14:23:20Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T14:23:21Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T14:23:21Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T14:23:21Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:21Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:23Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:31Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:31Z INFO Number of language-specific files num=0
2025-01-03T14:23:31Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 14:23:33,769 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:33,769 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:33,769 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:33,769 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:33,769 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2587, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 14:23:47,137 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:47,137 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:47,137 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:47,138 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 14:23:47,138 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2587, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T14:23:02Z	INFO	[vulndb] Need to update DB
2025-01-03T14:23:02Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-03T14:23:02Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T14:23:05Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T14:23:05Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T14:23:05Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T14:23:05Z	INFO	[misconfig] Need to update the built-in checks
2025-01-03T14:23:05Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-03T14:23:05Z	INFO	[secret] Secret scanning is enabled
2025-01-03T14:23:05Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T14:23:05Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T14:23:06Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T14:23:06Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:08Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:09Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:10Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T14:23:19Z	INFO	Number of language-specific files	num=0
2025-01-03T14:23:19Z	INFO	Detected config files	num=13
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T14:23:19Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T14:23:19Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T14:23:19Z	INFO	[secret] Secret scanning is enabled
2025-01-03T14:23:19Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T14:23:19Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T14:23:20Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T14:23:20Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-03T14:23:20Z	INFO	Number of language-specific files	num=0
2025-01-03T14:23:20Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T14:23:20Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T14:23:20Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T14:23:20Z	INFO	[secret] Secret scanning is enabled
2025-01-03T14:23:20Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T14:23:20Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T14:23:21Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T14:23:21Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T14:23:21Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:21Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:22Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:23Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T14:23:23Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:31Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T14:23:31Z	INFO	Number of language-specific files	num=0
2025-01-03T14:23:31Z	INFO	Detected config files	num=13
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T15:16:31Z INFO [vulndb] Need to update DB
2025-01-03T15:16:31Z INFO [vulndb] Downloading vulnerability DB...
2025-01-03T15:16:31Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:16:33Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:16:33Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T15:16:33Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T15:16:33Z INFO [misconfig] Need to update the built-in checks
2025-01-03T15:16:33Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-03T15:16:33Z INFO [secret] Secret scanning is enabled
2025-01-03T15:16:33Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:16:33Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:16:34Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T15:16:35Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T15:16:47Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z INFO Number of language-specific files num=0
2025-01-03T15:16:47Z INFO Detected config files num=13
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T15:16:47Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T15:16:47Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T15:16:47Z INFO [secret] Secret scanning is enabled
2025-01-03T15:16:47Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:16:47Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:16:48Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T15:16:48Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="function_name, role_arn, role_name"
2025-01-03T15:16:48Z INFO Number of language-specific files num=0
2025-01-03T15:16:48Z INFO Detected config files num=1
trivy_exitcode=0

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T15:16:48Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T15:16:48Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T15:16:48Z INFO [secret] Secret scanning is enabled
2025-01-03T15:16:48Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:16:48Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:16:49Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T15:16:49Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:59Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:59Z INFO Number of language-specific files num=0
2025-01-03T15:16:59Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 15:17:01,730 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:01,730 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:01,730 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:01,730 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:01,730 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2587, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 62, Failed checks: 0, Skipped checks: 1


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 15:17:15,251 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:15,251 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:15,251 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:15,251 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:15,252 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2587, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data/modules/lambdas
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data
terraform/environments/electronic-monitoring-data/modules/lambdas
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T15:16:31Z	INFO	[vulndb] Need to update DB
2025-01-03T15:16:31Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-03T15:16:31Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:16:33Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:16:33Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T15:16:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T15:16:33Z	INFO	[misconfig] Need to update the built-in checks
2025-01-03T15:16:33Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-03T15:16:33Z	INFO	[secret] Secret scanning is enabled
2025-01-03T15:16:33Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:16:33Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:16:34Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T15:16:35Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:36Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:37Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:38Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T15:16:47Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T15:16:47Z	INFO	Number of language-specific files	num=0
2025-01-03T15:16:47Z	INFO	Detected config files	num=13
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data/modules/lambdas
2025-01-03T15:16:47Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T15:16:47Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T15:16:47Z	INFO	[secret] Secret scanning is enabled
2025-01-03T15:16:47Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:16:47Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:16:48Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T15:16:48Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="function_name, role_arn, role_name"
2025-01-03T15:16:48Z	INFO	Number of language-specific files	num=0
2025-01-03T15:16:48Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T15:16:48Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T15:16:48Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T15:16:48Z	INFO	[secret] Secret scanning is enabled
2025-01-03T15:16:48Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:16:48Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:16:49Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T15:16:49Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:50Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:16:51Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:59Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:16:59Z	INFO	Number of language-specific files	num=0
2025-01-03T15:16:59Z	INFO	Detected config files	num=13
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

---

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T15:17:22Z INFO [vulndb] Need to update DB
2025-01-03T15:17:22Z INFO [vulndb] Downloading vulnerability DB...
2025-01-03T15:17:22Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:17:24Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:17:24Z INFO [vuln] Vulnerability scanning is enabled
2025-01-03T15:17:24Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-03T15:17:24Z INFO [misconfig] Need to update the built-in checks
2025-01-03T15:17:24Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T15:17:25Z INFO [secret] Secret scanning is enabled
2025-01-03T15:17:25Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:17:25Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:17:26Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-03T15:17:26Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:32Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:32Z INFO [terraform scanner] Scanning root module file_path="glue-job/Archived"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z INFO [terraform executor] Ignore finding rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z INFO Number of language-specific files num=0
2025-01-03T15:17:40Z INFO Detected config files num=13
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Checkov in terraform/environments/electronic-monitoring-data
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-03 15:17:43,177 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3:None (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:43,177 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060:None (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:43,177 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:43,177 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-03 15:17:43,178 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 2587, Failed checks: 0, Skipped checks: 115


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running tflint in terraform/environments/electronic-monitoring-data
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/electronic-monitoring-data

*****************************

Running Trivy in terraform/environments/electronic-monitoring-data
2025-01-03T15:17:22Z	INFO	[vulndb] Need to update DB
2025-01-03T15:17:22Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-03T15:17:22Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:17:24Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-03T15:17:24Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-03T15:17:24Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-03T15:17:24Z	INFO	[misconfig] Need to update the built-in checks
2025-01-03T15:17:24Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-03T15:17:25Z	INFO	[secret] Secret scanning is enabled
2025-01-03T15:17:25Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-03T15:17:25Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-03T15:17:26Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-03T15:17:26Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.api_gateway_authorizer.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.calculate_checksum.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.format_json_fms_data.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.rds_bastion.data.aws_subnet.local_account" value="cty.NilVal"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:29Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rds_bastion.aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.rotate_iam_key.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:30Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.output_file_structure_as_json_from_zip.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-fms-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-general-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-general-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-ho-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-ho-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.s3-mdss-specials-landing-bucket.module.kms_key.aws_kms_grant.this" value="cty.NilVal"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.process_landing_bucket_files.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:31Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-mdss-specials-landing-bucket.module.this-bucket.data.aws_iam_policy_document.bucket_policy_v2" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.bucket_policy_v2.dynamic.statement block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:32Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.s3-p1-export-bucket.module.push_lambda.aws_lambda_function.this" err="1 error occurred:\n\t* invalid for-each in aws_lambda_function.this.dynamic.vpc_config block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-03T15:17:32Z	INFO	[terraform scanner] Scanning root module	file_path="glue-job/Archived"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-bucket-encryption" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-ssm-secret-use-customer-key" range="analytical_platform_share.tf:50-68"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:295-300"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-cloudwatch-log-group-customer-key" range="modules/api_step_function/main.tf:421-425"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=f759060/main.tf:153-163"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=95ed3c3/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=568694e50e03630d99cb569eafa06a0b879a1239/main.tf:171-179"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-encryption-customer-key" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-iam-no-user-attached-policies" range="modules/landing_bucket_iam_user_access/main.tf:2-10"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-versioning" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z	INFO	[terraform executor] Ignore finding	rule="aws-s3-enable-logging" range="s3.tf:1133-1152"
2025-01-03T15:17:40Z	INFO	Number of language-specific files	num=0
2025-01-03T15:17:40Z	INFO	Detected config files	num=13
trivy_exitcode=0

[Lee-250]

Reviewed with Matt - LGTM