🔧 🩹 Attach LambdaECRImageRetrievalPolicy to ECR Repository

[Gary-H9]

The purpose of the PR is to resolve the fact that currently the ECR repository does not have our LambdaECRImageRetrievalPolicy policy attached by the ECR module we are using. This caused a failure here.

This is most likely down to some misunderstanding on my part but ultimately I've tried all of the relevant parameters that I would expect to add the defined policy to the repository
e.g. attach_repository_policy andcreate_repository_policy

The examples here don't help and this issue is alluded to here as well I believe.

I've tested a variety of combinations of these together to no avail. So have arrived at the solution of adding a aws_ecr_repository_policy resource.

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T12:01:18Z INFO [vulndb] Need to update DB
2025-01-20T12:01:18Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T12:01:18Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T12:01:20Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T12:01:20Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T12:01:20Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T12:01:20Z INFO [misconfig] Need to update the built-in checks
2025-01-20T12:01:20Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-20T12:01:20Z INFO [secret] Secret scanning is enabled
2025-01-20T12:01:20Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T12:01:20Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T12:01:21Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T12:01:21Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T12:01:23Z INFO Number of language-specific files num=0
2025-01-20T12:01:23Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 12:01:25,762 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 12:01:25,762 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 12:01:25,762 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 12:01:25,762 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 12:01:25,762 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T12:01:18Z	INFO	[vulndb] Need to update DB
2025-01-20T12:01:18Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T12:01:18Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T12:01:20Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T12:01:20Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T12:01:20Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T12:01:20Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T12:01:20Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-20T12:01:20Z	INFO	[secret] Secret scanning is enabled
2025-01-20T12:01:20Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T12:01:20Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T12:01:21Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T12:01:21Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T12:01:23Z	INFO	Number of language-specific files	num=0
2025-01-20T12:01:23Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T13:05:56Z INFO [vulndb] Need to update DB
2025-01-20T13:05:56Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T13:05:56Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:05:58Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:05:58Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T13:05:58Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T13:05:58Z INFO [misconfig] Need to update the built-in checks
2025-01-20T13:05:58Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T13:05:58Z INFO [secret] Secret scanning is enabled
2025-01-20T13:05:58Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T13:05:58Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T13:05:59Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T13:05:59Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T13:06:01Z INFO Number of language-specific files num=0
2025-01-20T13:06:01Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 13:06:03,606 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:03,606 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:03,606 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:03,606 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:03,606 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T13:05:56Z	INFO	[vulndb] Need to update DB
2025-01-20T13:05:56Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T13:05:56Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:05:58Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:05:58Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T13:05:58Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T13:05:58Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T13:05:58Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T13:05:58Z	INFO	[secret] Secret scanning is enabled
2025-01-20T13:05:58Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T13:05:58Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T13:05:59Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T13:05:59Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T13:06:01Z	INFO	Number of language-specific files	num=0
2025-01-20T13:06:01Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T13:06:01Z INFO [vulndb] Need to update DB
2025-01-20T13:06:01Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T13:06:01Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:06:03Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:06:03Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T13:06:03Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T13:06:03Z INFO [misconfig] Need to update the built-in checks
2025-01-20T13:06:03Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-20T13:06:04Z INFO [secret] Secret scanning is enabled
2025-01-20T13:06:04Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T13:06:04Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T13:06:05Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T13:06:05Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T13:06:08Z INFO Number of language-specific files num=0
2025-01-20T13:06:08Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 13:06:11,229 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:11,229 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:11,229 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:11,229 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:06:11,229 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T13:06:01Z	INFO	[vulndb] Need to update DB
2025-01-20T13:06:01Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T13:06:01Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:06:03Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:06:03Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T13:06:03Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T13:06:03Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T13:06:03Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-20T13:06:04Z	INFO	[secret] Secret scanning is enabled
2025-01-20T13:06:04Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T13:06:04Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T13:06:05Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T13:06:05Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T13:06:08Z	INFO	Number of language-specific files	num=0
2025-01-20T13:06:08Z	INFO	Detected config files	num=1
trivy_exitcode=0

[jacobwoffenden]

There is a repository_policy input on the module

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T13:52:17Z INFO [vulndb] Need to update DB
2025-01-20T13:52:17Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T13:52:17Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:52:20Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:52:20Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T13:52:20Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T13:52:20Z INFO [misconfig] Need to update the built-in checks
2025-01-20T13:52:20Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T13:52:21Z INFO [secret] Secret scanning is enabled
2025-01-20T13:52:21Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T13:52:21Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T13:52:22Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T13:52:22Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T13:52:25Z INFO Number of language-specific files num=0
2025-01-20T13:52:25Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 13:52:27,916 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:52:27,917 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:52:27,917 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:52:27,917 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 13:52:27,917 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T13:52:17Z	INFO	[vulndb] Need to update DB
2025-01-20T13:52:17Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T13:52:17Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:52:20Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T13:52:20Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T13:52:20Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T13:52:20Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T13:52:20Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T13:52:21Z	INFO	[secret] Secret scanning is enabled
2025-01-20T13:52:21Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T13:52:21Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T13:52:22Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T13:52:22Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T13:52:25Z	INFO	Number of language-specific files	num=0
2025-01-20T13:52:25Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T15:32:29Z INFO [vulndb] Need to update DB
2025-01-20T15:32:29Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T15:32:29Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:32:31Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:32:31Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T15:32:31Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T15:32:31Z INFO [misconfig] Need to update the built-in checks
2025-01-20T15:32:31Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T15:32:32Z INFO [secret] Secret scanning is enabled
2025-01-20T15:32:32Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T15:32:32Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T15:32:33Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T15:32:33Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z INFO Number of language-specific files num=0
2025-01-20T15:32:34Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 15:32:36,656 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:32:36,656 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:32:36,656 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:32:36,656 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:32:36,657 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T15:32:29Z	INFO	[vulndb] Need to update DB
2025-01-20T15:32:29Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T15:32:29Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:32:31Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:32:31Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T15:32:31Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T15:32:31Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T15:32:31Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T15:32:32Z	INFO	[secret] Secret scanning is enabled
2025-01-20T15:32:32Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T15:32:32Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T15:32:33Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T15:32:33Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:32:34Z	INFO	Number of language-specific files	num=0
2025-01-20T15:32:34Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T15:35:31Z INFO [vulndb] Need to update DB
2025-01-20T15:35:31Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T15:35:31Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:35:33Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:35:33Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T15:35:33Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T15:35:33Z INFO [misconfig] Need to update the built-in checks
2025-01-20T15:35:33Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T15:35:34Z INFO [secret] Secret scanning is enabled
2025-01-20T15:35:34Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T15:35:34Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T15:35:35Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T15:35:35Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T15:35:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z INFO Number of language-specific files num=0
2025-01-20T15:35:38Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 15:35:41,532 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:35:41,532 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:35:41,532 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:35:41,533 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 15:35:41,533 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 30, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T15:35:31Z	INFO	[vulndb] Need to update DB
2025-01-20T15:35:31Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T15:35:31Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:35:33Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T15:35:33Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T15:35:33Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T15:35:33Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T15:35:33Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T15:35:34Z	INFO	[secret] Secret scanning is enabled
2025-01-20T15:35:34Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T15:35:34Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T15:35:35Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T15:35:35Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T15:35:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T15:35:38Z	INFO	Number of language-specific files	num=0
2025-01-20T15:35:38Z	INFO	Detected config files	num=1
trivy_exitcode=0

[github-actions]

Trivy Scan Success

Show Output

```hcl

---

Trivy will check the following folders:
terraform/environments/analytical-platform-common

---

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T16:46:51Z INFO [vulndb] Need to update DB
2025-01-20T16:46:51Z INFO [vulndb] Downloading vulnerability DB...
2025-01-20T16:46:51Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T16:46:54Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T16:46:54Z INFO [vuln] Vulnerability scanning is enabled
2025-01-20T16:46:54Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-20T16:46:54Z INFO [misconfig] Need to update the built-in checks
2025-01-20T16:46:54Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T16:46:54Z INFO [secret] Secret scanning is enabled
2025-01-20T16:46:54Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T16:46:54Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T16:46:55Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-20T16:46:55Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-20T16:46:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z INFO Number of language-specific files num=0
2025-01-20T16:46:56Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Checkov in terraform/environments/analytical-platform-common
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2025-01-20 16:46:59,000 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.48.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 16:46:59,000 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.1 (for external modules, the --download-external-modules flag is required)
2025-01-20 16:46:59,000 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ecr/aws:2.3.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 16:46:59,001 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2025-01-20 16:46:59,001 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.48.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 10


checkov_exitcode=0

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running tflint in terraform/environments/analytical-platform-common
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-common

*****************************

Running Trivy in terraform/environments/analytical-platform-common
2025-01-20T16:46:51Z	INFO	[vulndb] Need to update DB
2025-01-20T16:46:51Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-20T16:46:51Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T16:46:54Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-20T16:46:54Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-20T16:46:54Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-20T16:46:54Z	INFO	[misconfig] Need to update the built-in checks
2025-01-20T16:46:54Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-20T16:46:54Z	INFO	[secret] Secret scanning is enabled
2025-01-20T16:46:54Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-20T16:46:54Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-20T16:46:55Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-20T16:46:55Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-20T16:46:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z	ERROR	[terraform evaluator] Failed to expand dynamic block.	block="module.analytical_platform_jml_report_ecr_repository.data.aws_iam_policy_document.repository[0]" err="1 error occurred:\n\t* invalid for-each in data.aws_iam_policy_document.repository[0].dynamic.statement.content.dynamic.condition block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-20T16:46:56Z	INFO	Number of language-specific files	num=0
2025-01-20T16:46:56Z	INFO	Detected config files	num=1
trivy_exitcode=0