diff --git a/pkg/iac-providers/output/types.go b/pkg/iac-providers/output/types.go
index 6b55059e8..9dcf08e55 100644
--- a/pkg/iac-providers/output/types.go
+++ b/pkg/iac-providers/output/types.go
@@ -24,13 +24,14 @@ import (
// ResourceConfig describes a resource present in IaC
type ResourceConfig struct {
- ID string `json:"id"`
- Name string `json:"name"`
- Source string `json:"source"`
- PlanRoot string `json:"plan_root,omitempty" yaml:"plan_root,omitempty" `
- Line int `json:"line"`
- Type string `json:"type"`
- Config interface{} `json:"config"`
+ ID string `json:"id"`
+ Name string `json:"name"`
+ ModuleName string `json:"module_name,omitempty" yaml:"module_name,omitempty"`
+ Source string `json:"source"`
+ PlanRoot string `json:"plan_root,omitempty" yaml:"plan_root,omitempty" `
+ Line int `json:"line"`
+ Type string `json:"type"`
+ Config interface{} `json:"config"`
// SkipRules will hold the rules to be skipped for the resource.
// Each iac provider should append the rules to be skipped for a resource,
// while extracting resource from the iac files
diff --git a/pkg/iac-providers/terraform/commons/load-dir.go b/pkg/iac-providers/terraform/commons/load-dir.go
index 8465beb8b..dec54df0f 100644
--- a/pkg/iac-providers/terraform/commons/load-dir.go
+++ b/pkg/iac-providers/terraform/commons/load-dir.go
@@ -46,6 +46,7 @@ var (
type ModuleConfig struct {
Config *hclConfigs.Config
ParentModuleCall *hclConfigs.ModuleCall
+ Name string
}
// TerraformDirectoryLoader implements terraform directory loading
@@ -136,7 +137,7 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
*/
// queue of for BFS, add root module config to it
- root := &ModuleConfig{Config: unified.Root}
+ root := &ModuleConfig{Config: unified.Root, Name: "root"}
configsQ := []*ModuleConfig{root}
// using BFS traverse through all modules in the unified config tree
@@ -160,6 +161,9 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
continue
}
+ // set module name
+ resourceConfig.ModuleName = current.Name
+
// resolve references
resourceConfig.Config = r.ResolveRefs(resourceConfig.Config.(jsonObj))
@@ -193,13 +197,7 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
}
// add all current's children to the queue
- for childName, childModule := range current.Config.Children {
- childModuleConfig := &ModuleConfig{
- Config: childModule,
- ParentModuleCall: current.Config.Module.ModuleCalls[childName],
- }
- configsQ = append(configsQ, childModuleConfig)
- }
+ configsQ = append(configsQ, current.getChildConfigs()...)
}
}
@@ -253,7 +251,7 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi
*/
// queue of for BFS, add root module config to it
- root := &ModuleConfig{Config: unified.Root}
+ root := &ModuleConfig{Config: unified.Root, Name: "root"}
configsQ := []*ModuleConfig{root}
// using BFS traverse through all modules in the unified config tree
@@ -276,6 +274,9 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi
return allResourcesConfig, multierror.Append(t.errIacLoadDirs, results.DirScanErr{IacType: "terraform", Directory: t.absRootDir, ErrMessage: "failed to create ResourceConfig"})
}
+ // set module name
+ resourceConfig.ModuleName = current.Name
+
// resolve references
resourceConfig.Config = r.ResolveRefs(resourceConfig.Config.(jsonObj))
@@ -301,13 +302,7 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi
}
// add all current's children to the queue
- for childName, childModule := range current.Config.Children {
- childModuleConfig := &ModuleConfig{
- Config: childModule,
- ParentModuleCall: current.Config.Module.ModuleCalls[childName],
- }
- configsQ = append(configsQ, childModuleConfig)
- }
+ configsQ = append(configsQ, current.getChildConfigs()...)
}
// successful
@@ -389,3 +384,17 @@ func (t TerraformDirectoryLoader) processTerraformRegistrySource(req *hclConfigs
return pathToModule, nil
}
+
+// getChildConfigs will get all child configs in a ModuleConfig
+func (m *ModuleConfig) getChildConfigs() []*ModuleConfig {
+ allConfigs := make([]*ModuleConfig, 0)
+ for childName, childModule := range m.Config.Children {
+ childModuleConfig := &ModuleConfig{
+ Config: childModule,
+ ParentModuleCall: m.Config.Module.ModuleCalls[childName],
+ Name: childName,
+ }
+ allConfigs = append(allConfigs, childModuleConfig)
+ }
+ return allConfigs
+}
diff --git a/pkg/iac-providers/terraform/commons/load-file.go b/pkg/iac-providers/terraform/commons/load-file.go
index 0a43826cc..5bd1b6bbe 100644
--- a/pkg/iac-providers/terraform/commons/load-file.go
+++ b/pkg/iac-providers/terraform/commons/load-file.go
@@ -58,6 +58,10 @@ func LoadIacFile(absFilePath string) (allResourcesConfig output.AllResourceConfi
return allResourcesConfig, fmt.Errorf("failed to create ResourceConfig")
}
+ // set module name
+ // module name for the file scan will always be root
+ resourceConfig.ModuleName = "root"
+
// extract file name from path
resourceConfig.Source = getFileName(resourceConfig.Source)
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json
index 2bdd20087..9642a0cea 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json
@@ -3,6 +3,7 @@
{
"id": "aws_instance.instance_playground",
"name": "instance_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 77,
"type": "aws_instance",
@@ -46,6 +47,7 @@
{
"id": "aws_internet_gateway.igw_playground",
"name": "igw_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 14,
"type": "aws_internet_gateway",
@@ -62,6 +64,7 @@
{
"id": "aws_key_pair.ec2key_playground",
"name": "ec2key_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 72,
"type": "aws_key_pair",
@@ -76,6 +79,7 @@
{
"id": "aws_route_table.rtb_public_playground",
"name": "rtb_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 30,
"type": "aws_route_table",
@@ -98,6 +102,7 @@
{
"id": "aws_route_table_association.rta_subnet_public_playground",
"name": "rta_subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 41,
"type": "aws_route_table_association",
@@ -112,6 +117,7 @@
{
"id": "aws_security_group.sg_playground",
"name": "sg_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 46,
"type": "aws_security_group",
@@ -157,6 +163,7 @@
{
"id": "aws_subnet.subnet_public_playground",
"name": "subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 21,
"type": "aws_subnet",
@@ -175,6 +182,7 @@
{
"id": "aws_vpc.vpc_playground",
"name": "vpc_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 5,
"type": "aws_vpc",
@@ -189,4 +197,4 @@
"skip_rules": null
}
]
-}
+}
\ No newline at end of file
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json
index 33a4e710c..c92eb531c 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json
@@ -3,6 +3,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
+ "module_name": "m1",
"source": "modules/m1/main.tf",
"plan_root": "./",
"line": 20,
@@ -16,6 +17,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
+ "module_name": "m4",
"source": "modules/m4/main.tf",
"plan_root": "./",
"line": 11,
@@ -29,6 +31,7 @@
{
"id": "aws_s3_bucket.bucket4a",
"name": "bucket4a",
+ "module_name": "m4a",
"source": "modules/m4/modules/m4a/main.tf",
"plan_root": "./",
"line": 20,
@@ -42,6 +45,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
+ "module_name": "root",
"source": "modules/m4/main.tf",
"plan_root": "modules/m4",
"line": 11,
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json
index 78626e6c5..1094371ab 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json
@@ -1,40 +1,46 @@
{
- "aws_s3_bucket": [
- {
- "id": "aws_s3_bucket.bucket",
- "name": "bucket",
- "source": "modules/m1/main.tf",
- "plan_root": "./",
- "line": 20,
- "type": "aws_s3_bucket",
- "config": {
- "bucket": "${module.m3.fullbucketname}",
- "policy": "${module.m2.fullbucketpolicy}"
- }
+ "aws_s3_bucket": [
+ {
+ "id": "aws_s3_bucket.bucket",
+ "name": "bucket",
+ "module_name": "m1",
+ "source": "modules/m1/main.tf",
+ "plan_root": "./",
+ "line": 20,
+ "type": "aws_s3_bucket",
+ "config": {
+ "bucket": "${module.m3.fullbucketname}",
+ "policy": "${module.m2.fullbucketpolicy}"
},
- {
- "id": "aws_s3_bucket.bucket",
- "name": "bucket",
- "source": "modules/m4/main.tf",
- "plan_root": "./",
- "line": 11,
- "type": "aws_s3_bucket",
- "config": {
- "bucket": "tf-test-project-2",
- "policy": "${module.m4a.fullbucketpolicy}"
- }
+ "skip_rules": null
+ },
+ {
+ "id": "aws_s3_bucket.bucket",
+ "name": "bucket",
+ "module_name": "m4",
+ "source": "modules/m4/main.tf",
+ "plan_root": "./",
+ "line": 11,
+ "type": "aws_s3_bucket",
+ "config": {
+ "bucket": "tf-test-project-2",
+ "policy": "${module.m4a.fullbucketpolicy}"
},
- {
- "id": "aws_s3_bucket.bucket4a",
- "name": "bucket4a",
- "source": "modules/m4/modules/m4a/main.tf",
- "plan_root": "./",
- "line": 20,
- "type": "aws_s3_bucket",
- "config": {
- "bucket": "${module.m4c.fullbucketname}",
- "policy": "${module.m4b.fullbucketpolicy}"
- }
- }
- ]
- }
\ No newline at end of file
+ "skip_rules": null
+ },
+ {
+ "id": "aws_s3_bucket.bucket4a",
+ "name": "bucket4a",
+ "module_name": "m4a",
+ "source": "modules/m4/modules/m4a/main.tf",
+ "plan_root": "./",
+ "line": 20,
+ "type": "aws_s3_bucket",
+ "config": {
+ "bucket": "${module.m4c.fullbucketname}",
+ "policy": "${module.m4b.fullbucketpolicy}"
+ },
+ "skip_rules": null
+ }
+ ]
+}
\ No newline at end of file
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json
index aa5244a40..abd72fb20 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json
@@ -3,6 +3,7 @@
{
"id": "terraform_remote_state.remote",
"name": "remote",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 41,
"type": "terraform_remote_state",
@@ -22,6 +23,7 @@
{
"id": "type1.resource1",
"name": "resource1",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 1,
"type": "type1",
@@ -48,6 +50,7 @@
{
"id": "type2.resource2",
"name": "resource2",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 13,
"type": "type2",
@@ -70,6 +73,7 @@
{
"id": "type3.resource3",
"name": "resource3",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 26,
"type": "type3",
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json
index 07d176b78..9c14c2197 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json
@@ -3,6 +3,7 @@
{
"id": "aws_instance.instance_playground",
"name": "instance_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 77,
@@ -47,6 +48,7 @@
{
"id": "aws_internet_gateway.igw_playground",
"name": "igw_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 14,
@@ -64,6 +66,7 @@
{
"id": "aws_key_pair.ec2key_playground",
"name": "ec2key_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 72,
@@ -79,6 +82,7 @@
{
"id": "aws_route_table.rtb_public_playground",
"name": "rtb_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 30,
@@ -102,6 +106,7 @@
{
"id": "aws_route_table_association.rta_subnet_public_playground",
"name": "rta_subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 41,
@@ -117,6 +122,7 @@
{
"id": "aws_security_group.sg_playground",
"name": "sg_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 46,
@@ -163,6 +169,7 @@
{
"id": "aws_subnet.subnet_public_playground",
"name": "subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 21,
@@ -182,6 +189,7 @@
{
"id": "aws_vpc.vpc_playground",
"name": "vpc_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 5,
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json
index ab2bf764c..eaeb3867e 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json
@@ -3,6 +3,7 @@
{
"id": "aws_instance.app",
"name": "app",
+ "module_name": "root",
"source": "main.tf",
"plan_root": "./",
"line": 5,
diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json
index b94df2244..002b441a6 100644
--- a/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json
+++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json
@@ -3,6 +3,7 @@
{
"id": "aws_cloudfront_distribution.s3-distribution-TLS-v1",
"name": "s3-distribution-TLS-v1",
+ "module_name": "cloudfront",
"source": "cloudfront/main.tf",
"plan_root": "./",
"line": 6,
@@ -133,6 +134,7 @@
{
"id": "aws_cloudtrail.missing-multi-region",
"name": "missing-multi-region",
+ "module_name": "cloudtrail",
"source": "cloudtrail/main.tf",
"plan_root": "./",
"line": 1,
@@ -150,6 +152,7 @@
{
"id": "aws_ecs_task_definition.instanceNotInVpc",
"name": "instanceNotInVpc",
+ "module_name": "ecs",
"source": "ecs/main.tf",
"plan_root": "./",
"line": 1,
@@ -166,6 +169,7 @@
{
"id": "aws_efs_file_system.efsNotEncrypted",
"name": "efsNotEncrypted",
+ "module_name": "efs",
"source": "efs/main.tf",
"plan_root": "./",
"line": 1,
@@ -183,6 +187,7 @@
{
"id": "aws_elasticache_cluster.noMemcachedInElastiCache",
"name": "noMemcachedInElastiCache",
+ "module_name": "elasticcache",
"source": "../relative-moduleconfigs/elasticcache/main.tf",
"plan_root": "./",
"line": 1,
@@ -202,6 +207,7 @@
{
"id": "aws_guardduty_detector.gaurdDutyDisabled",
"name": "gaurdDutyDisabled",
+ "module_name": "guardduty",
"source": "guardduty/main.tf",
"plan_root": "./",
"line": 1,
@@ -216,6 +222,7 @@
{
"id": "aws_iam_access_key.noAccessKeyForRootAccount",
"name": "noAccessKeyForRootAccount",
+ "module_name": "iam",
"source": "iam/main.tf",
"plan_root": "./",
"line": 1,
@@ -232,6 +239,7 @@
{
"id": "aws_kinesis_stream.kinesisEncryptedWithKms",
"name": "kinesisEncryptedWithKms",
+ "module_name": "kinesis",
"source": "kinesis/main.tf",
"plan_root": "./",
"line": 1,
@@ -257,6 +265,7 @@
{
"id": "aws_kms_key.kmsKeyDisabled",
"name": "kmsKeyDisabled",
+ "module_name": "sub-cloudfront",
"source": "cloudfront/sub-cloudfront/main.tf",
"plan_root": "./",
"line": 1,
@@ -276,6 +285,7 @@
{
"id": "aws_load_balancer_policy.elbWeakCipher",
"name": "elbWeakCipher",
+ "module_name": "elb",
"source": "elb/main.tf",
"plan_root": "./",
"line": 1,
@@ -298,6 +308,7 @@
{
"id": "aws_s3_bucket.noS3BucketSseRules",
"name": "noS3BucketSseRules",
+ "module_name": "s3",
"source": "s3/main.tf",
"plan_root": "./",
"line": 1,
@@ -317,6 +328,7 @@
{
"id": "aws_security_group.acme_web",
"name": "acme_web",
+ "module_name": "sg",
"source": "sg/main.tf",
"plan_root": "./",
"line": 1,
@@ -358,6 +370,7 @@
{
"id": "aws_sqs_queue.sqsQueueExposed",
"name": "sqsQueueExposed",
+ "module_name": "sqs",
"source": "sqs/main.tf",
"plan_root": "./",
"line": 1,
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json
index 3450e6c89..51b1ad454 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json
@@ -1,119 +1,120 @@
{
- "complex_var_resource": [
- {
- "id": "complex_var_resource.complex",
- "name": "complex",
- "source": "main.tf",
- "plan_root": "./",
- "line": 1,
- "type": "complex_var_resource",
- "config": {
- "boolList": [
- true,
- true,
- false,
- true,
- false
- ],
- "floatList": [
- 1.01,
- 2.02,
- 3.03
- ],
- "intList": [
+ "complex_var_resource": [
+ {
+ "id": "complex_var_resource.complex",
+ "name": "complex",
+ "module_name": "root",
+ "source": "main.tf",
+ "plan_root": "./",
+ "line": 1,
+ "type": "complex_var_resource",
+ "config": {
+ "boolList": [
+ true,
+ true,
+ false,
+ true,
+ false
+ ],
+ "floatList": [
+ 1.01,
+ 2.02,
+ 3.03
+ ],
+ "intList": [
+ 1,
+ 2,
+ 3
+ ],
+ "listTuple": [
+ [
+ "one",
1,
- 2,
- 3
+ true
],
- "listTuple": [
- [
- "one",
+ [
+ "two",
+ 2,
+ false
+ ]
+ ],
+ "list_no_type": [
+ 1,
+ 2
+ ],
+ "mapVar": {
+ "10USD": "1xCPU-2GB",
+ "20USD": "2xCPU-4GB",
+ "5USD": "1xCPU-1GB"
+ },
+ "mapVarComplex": {
+ "first": {
+ "ID": 1,
+ "name": "Thor"
+ },
+ "second": {
+ "ID": 2,
+ "name": "Antman"
+ }
+ },
+ "objecVar": {
+ "address": "pune",
+ "name": "pankaj"
+ },
+ "objectList": [
+ {
+ "external": 8300,
+ "internal": 8300,
+ "protocol": "tcp"
+ },
+ {
+ "external": 3000,
+ "internal": 4000,
+ "protocol": "udp"
+ }
+ ],
+ "objectListComplex": [
+ {
+ "key1": [
1,
- true
- ],
- [
- "two",
2,
- false
- ]
- ],
- "list_no_type": [
- 1,
- 2
- ],
- "mapVar": {
- "10USD": "1xCPU-2GB",
- "20USD": "2xCPU-4GB",
- "5USD": "1xCPU-1GB"
- },
- "mapVarComplex": {
- "first": {
- "ID": 1,
- "name": "Thor"
+ 3
+ ],
+ "key2": {
+ "port": 9010
},
- "second": {
- "ID": 2,
- "name": "Antman"
- }
- },
- "objecVar": {
- "address": "pune",
- "name": "pankaj"
- },
- "objectList": [
- {
- "external": 8300,
- "internal": 8300,
- "protocol": "tcp"
+ "key3": {
+ "name": "hero"
},
- {
- "external": 3000,
- "internal": 4000,
- "protocol": "udp"
+ "key4": {
+ "first": 11.23,
+ "second": 50
}
- ],
- "objectListComplex": [
- {
- "key1": [
- 1,
- 2,
- 3
- ],
- "key2": {
- "port": 9010
- },
- "key3": {
- "name": "hero"
- },
- "key4": {
- "first": 11.23,
- "second": 50
- }
- }
- ],
- "setVar": [
- "first",
- "second"
- ],
- "stringList": [
- "one",
- "two",
- "three"
- ],
- "tupleVar": [
- "one",
- 1,
- true
- ],
- "tupleVarComplex": [
- 10,
- {
- "field1": 11,
- "field2": 12
- }
- ]
- },
- "skip_rules": null
- }
- ]
- }
\ No newline at end of file
+ }
+ ],
+ "setVar": [
+ "first",
+ "second"
+ ],
+ "stringList": [
+ "one",
+ "two",
+ "three"
+ ],
+ "tupleVar": [
+ "one",
+ 1,
+ true
+ ],
+ "tupleVarComplex": [
+ 10,
+ {
+ "field1": 11,
+ "field2": 12
+ }
+ ]
+ },
+ "skip_rules": null
+ }
+ ]
+}
\ No newline at end of file
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json
index 2bdd20087..9642a0cea 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json
@@ -3,6 +3,7 @@
{
"id": "aws_instance.instance_playground",
"name": "instance_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 77,
"type": "aws_instance",
@@ -46,6 +47,7 @@
{
"id": "aws_internet_gateway.igw_playground",
"name": "igw_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 14,
"type": "aws_internet_gateway",
@@ -62,6 +64,7 @@
{
"id": "aws_key_pair.ec2key_playground",
"name": "ec2key_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 72,
"type": "aws_key_pair",
@@ -76,6 +79,7 @@
{
"id": "aws_route_table.rtb_public_playground",
"name": "rtb_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 30,
"type": "aws_route_table",
@@ -98,6 +102,7 @@
{
"id": "aws_route_table_association.rta_subnet_public_playground",
"name": "rta_subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 41,
"type": "aws_route_table_association",
@@ -112,6 +117,7 @@
{
"id": "aws_security_group.sg_playground",
"name": "sg_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 46,
"type": "aws_security_group",
@@ -157,6 +163,7 @@
{
"id": "aws_subnet.subnet_public_playground",
"name": "subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 21,
"type": "aws_subnet",
@@ -175,6 +182,7 @@
{
"id": "aws_vpc.vpc_playground",
"name": "vpc_playground",
+ "module_name": "root",
"source": "config1.tf",
"line": 5,
"type": "aws_vpc",
@@ -189,4 +197,4 @@
"skip_rules": null
}
]
-}
+}
\ No newline at end of file
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json
index 33a4e710c..c92eb531c 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json
@@ -3,6 +3,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
+ "module_name": "m1",
"source": "modules/m1/main.tf",
"plan_root": "./",
"line": 20,
@@ -16,6 +17,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
+ "module_name": "m4",
"source": "modules/m4/main.tf",
"plan_root": "./",
"line": 11,
@@ -29,6 +31,7 @@
{
"id": "aws_s3_bucket.bucket4a",
"name": "bucket4a",
+ "module_name": "m4a",
"source": "modules/m4/modules/m4a/main.tf",
"plan_root": "./",
"line": 20,
@@ -42,6 +45,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
+ "module_name": "root",
"source": "modules/m4/main.tf",
"plan_root": "modules/m4",
"line": 11,
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json
index 78626e6c5..1094371ab 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json
@@ -1,40 +1,46 @@
{
- "aws_s3_bucket": [
- {
- "id": "aws_s3_bucket.bucket",
- "name": "bucket",
- "source": "modules/m1/main.tf",
- "plan_root": "./",
- "line": 20,
- "type": "aws_s3_bucket",
- "config": {
- "bucket": "${module.m3.fullbucketname}",
- "policy": "${module.m2.fullbucketpolicy}"
- }
+ "aws_s3_bucket": [
+ {
+ "id": "aws_s3_bucket.bucket",
+ "name": "bucket",
+ "module_name": "m1",
+ "source": "modules/m1/main.tf",
+ "plan_root": "./",
+ "line": 20,
+ "type": "aws_s3_bucket",
+ "config": {
+ "bucket": "${module.m3.fullbucketname}",
+ "policy": "${module.m2.fullbucketpolicy}"
},
- {
- "id": "aws_s3_bucket.bucket",
- "name": "bucket",
- "source": "modules/m4/main.tf",
- "plan_root": "./",
- "line": 11,
- "type": "aws_s3_bucket",
- "config": {
- "bucket": "tf-test-project-2",
- "policy": "${module.m4a.fullbucketpolicy}"
- }
+ "skip_rules": null
+ },
+ {
+ "id": "aws_s3_bucket.bucket",
+ "name": "bucket",
+ "module_name": "m4",
+ "source": "modules/m4/main.tf",
+ "plan_root": "./",
+ "line": 11,
+ "type": "aws_s3_bucket",
+ "config": {
+ "bucket": "tf-test-project-2",
+ "policy": "${module.m4a.fullbucketpolicy}"
},
- {
- "id": "aws_s3_bucket.bucket4a",
- "name": "bucket4a",
- "source": "modules/m4/modules/m4a/main.tf",
- "plan_root": "./",
- "line": 20,
- "type": "aws_s3_bucket",
- "config": {
- "bucket": "${module.m4c.fullbucketname}",
- "policy": "${module.m4b.fullbucketpolicy}"
- }
- }
- ]
- }
\ No newline at end of file
+ "skip_rules": null
+ },
+ {
+ "id": "aws_s3_bucket.bucket4a",
+ "name": "bucket4a",
+ "module_name": "m4a",
+ "source": "modules/m4/modules/m4a/main.tf",
+ "plan_root": "./",
+ "line": 20,
+ "type": "aws_s3_bucket",
+ "config": {
+ "bucket": "${module.m4c.fullbucketname}",
+ "policy": "${module.m4b.fullbucketpolicy}"
+ },
+ "skip_rules": null
+ }
+ ]
+}
\ No newline at end of file
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json
index aa5244a40..abd72fb20 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json
@@ -3,6 +3,7 @@
{
"id": "terraform_remote_state.remote",
"name": "remote",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 41,
"type": "terraform_remote_state",
@@ -22,6 +23,7 @@
{
"id": "type1.resource1",
"name": "resource1",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 1,
"type": "type1",
@@ -48,6 +50,7 @@
{
"id": "type2.resource2",
"name": "resource2",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 13,
"type": "type2",
@@ -70,6 +73,7 @@
{
"id": "type3.resource3",
"name": "resource3",
+ "module_name": "root",
"source": "dummyconfig.tf",
"line": 26,
"type": "type3",
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json
index 07d176b78..9c14c2197 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json
@@ -3,6 +3,7 @@
{
"id": "aws_instance.instance_playground",
"name": "instance_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 77,
@@ -47,6 +48,7 @@
{
"id": "aws_internet_gateway.igw_playground",
"name": "igw_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 14,
@@ -64,6 +66,7 @@
{
"id": "aws_key_pair.ec2key_playground",
"name": "ec2key_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 72,
@@ -79,6 +82,7 @@
{
"id": "aws_route_table.rtb_public_playground",
"name": "rtb_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 30,
@@ -102,6 +106,7 @@
{
"id": "aws_route_table_association.rta_subnet_public_playground",
"name": "rta_subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 41,
@@ -117,6 +122,7 @@
{
"id": "aws_security_group.sg_playground",
"name": "sg_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 46,
@@ -163,6 +169,7 @@
{
"id": "aws_subnet.subnet_public_playground",
"name": "subnet_public_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 21,
@@ -182,6 +189,7 @@
{
"id": "aws_vpc.vpc_playground",
"name": "vpc_playground",
+ "module_name": "root",
"source": "config1.tf",
"plan_root": "./",
"line": 5,
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json
index b94df2244..002b441a6 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json
@@ -3,6 +3,7 @@
{
"id": "aws_cloudfront_distribution.s3-distribution-TLS-v1",
"name": "s3-distribution-TLS-v1",
+ "module_name": "cloudfront",
"source": "cloudfront/main.tf",
"plan_root": "./",
"line": 6,
@@ -133,6 +134,7 @@
{
"id": "aws_cloudtrail.missing-multi-region",
"name": "missing-multi-region",
+ "module_name": "cloudtrail",
"source": "cloudtrail/main.tf",
"plan_root": "./",
"line": 1,
@@ -150,6 +152,7 @@
{
"id": "aws_ecs_task_definition.instanceNotInVpc",
"name": "instanceNotInVpc",
+ "module_name": "ecs",
"source": "ecs/main.tf",
"plan_root": "./",
"line": 1,
@@ -166,6 +169,7 @@
{
"id": "aws_efs_file_system.efsNotEncrypted",
"name": "efsNotEncrypted",
+ "module_name": "efs",
"source": "efs/main.tf",
"plan_root": "./",
"line": 1,
@@ -183,6 +187,7 @@
{
"id": "aws_elasticache_cluster.noMemcachedInElastiCache",
"name": "noMemcachedInElastiCache",
+ "module_name": "elasticcache",
"source": "../relative-moduleconfigs/elasticcache/main.tf",
"plan_root": "./",
"line": 1,
@@ -202,6 +207,7 @@
{
"id": "aws_guardduty_detector.gaurdDutyDisabled",
"name": "gaurdDutyDisabled",
+ "module_name": "guardduty",
"source": "guardduty/main.tf",
"plan_root": "./",
"line": 1,
@@ -216,6 +222,7 @@
{
"id": "aws_iam_access_key.noAccessKeyForRootAccount",
"name": "noAccessKeyForRootAccount",
+ "module_name": "iam",
"source": "iam/main.tf",
"plan_root": "./",
"line": 1,
@@ -232,6 +239,7 @@
{
"id": "aws_kinesis_stream.kinesisEncryptedWithKms",
"name": "kinesisEncryptedWithKms",
+ "module_name": "kinesis",
"source": "kinesis/main.tf",
"plan_root": "./",
"line": 1,
@@ -257,6 +265,7 @@
{
"id": "aws_kms_key.kmsKeyDisabled",
"name": "kmsKeyDisabled",
+ "module_name": "sub-cloudfront",
"source": "cloudfront/sub-cloudfront/main.tf",
"plan_root": "./",
"line": 1,
@@ -276,6 +285,7 @@
{
"id": "aws_load_balancer_policy.elbWeakCipher",
"name": "elbWeakCipher",
+ "module_name": "elb",
"source": "elb/main.tf",
"plan_root": "./",
"line": 1,
@@ -298,6 +308,7 @@
{
"id": "aws_s3_bucket.noS3BucketSseRules",
"name": "noS3BucketSseRules",
+ "module_name": "s3",
"source": "s3/main.tf",
"plan_root": "./",
"line": 1,
@@ -317,6 +328,7 @@
{
"id": "aws_security_group.acme_web",
"name": "acme_web",
+ "module_name": "sg",
"source": "sg/main.tf",
"plan_root": "./",
"line": 1,
@@ -358,6 +370,7 @@
{
"id": "aws_sqs_queue.sqsQueueExposed",
"name": "sqsQueueExposed",
+ "module_name": "sqs",
"source": "sqs/main.tf",
"plan_root": "./",
"line": 1,
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json
index 43ab81362..19338345f 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json
@@ -3,6 +3,7 @@
{
"id": "aws_iam_user.lb",
"name": "lb",
+ "module_name": "dummy",
"source": "dummy/main.tf",
"plan_root": "./",
"line": 13,
diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json
index e3a3c6d97..9a1b8f284 100644
--- a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json
+++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json
@@ -1,16 +1,17 @@
{
- "null_resource": [
- {
- "id": "null_resource.example",
- "name": "example",
- "source": "dummy/main.tf",
- "plan_root": "./",
- "line": 5,
- "type": "null_resource",
- "config": {
- "container_definitions": "${templatefile(\n ${path.module}/${var.filename},\n {\n foo = \"bar\"\n }\n )}"
- },
- "skip_rules": null
- }
- ]
- }
\ No newline at end of file
+ "null_resource": [
+ {
+ "id": "null_resource.example",
+ "name": "example",
+ "module_name": "dummy",
+ "source": "dummy/main.tf",
+ "plan_root": "./",
+ "line": 5,
+ "type": "null_resource",
+ "config": {
+ "container_definitions": "${templatefile(\n ${path.module}/${var.filename},\n {\n foo = \"bar\"\n }\n )}"
+ },
+ "skip_rules": null
+ }
+ ]
+}
\ No newline at end of file
diff --git a/pkg/policy/opa/engine.go b/pkg/policy/opa/engine.go
index 5b7b79727..b780ed2b6 100644
--- a/pkg/policy/opa/engine.go
+++ b/pkg/policy/opa/engine.go
@@ -296,6 +296,7 @@ func (e *Engine) reportViolation(regoData *RegoData, resource *output.ResourceCo
ResourceName: resource.Name,
ResourceType: resource.Type,
ResourceData: resource.Config,
+ ModuleName: resource.ModuleName,
File: resource.Source,
PlanRoot: resource.PlanRoot,
LineNumber: resource.Line,
diff --git a/pkg/results/types.go b/pkg/results/types.go
index b92f8d6db..e90159651 100644
--- a/pkg/results/types.go
+++ b/pkg/results/types.go
@@ -34,6 +34,7 @@ type Violation struct {
ResourceName string `json:"resource_name" yaml:"resource_name" xml:"resource_name,attr"`
ResourceType string `json:"resource_type" yaml:"resource_type" xml:"resource_type,attr"`
ResourceData interface{} `json:"-" yaml:"-" xml:"-"`
+ ModuleName string `json:"module_name,omitempty" yaml:"module_name,omitempty" xml:"module_name,attr,omitempty"`
File string `json:"file,omitempty" yaml:"file,omitempty" xml:"file,attr,omitempty"`
PlanRoot string `json:"plan_root,omitempty" yaml:"plan_root,omitempty" xml:"plan_root,omitempty,attr"`
LineNumber int `json:"line,omitempty" yaml:"line,omitempty" xml:"line,attr,omitempty"`
diff --git a/pkg/writer/human_readable.go b/pkg/writer/human_readable.go
index 7603d09fc..fc5605b32 100644
--- a/pkg/writer/human_readable.go
+++ b/pkg/writer/human_readable.go
@@ -97,6 +97,12 @@ func defaultViolations(v results.Violation, isSkipped bool) string {
part := fmt.Sprintf("%-15v:\t%s\n\t%-15v:\t%s\n\t",
"Description", v.Description,
"File", v.File)
+
+ if v.ModuleName != "" {
+ moduleName := fmt.Sprintf("%-15v:\t%s\n\t", "Module Name", v.ModuleName)
+ part = part + moduleName
+ }
+
if v.PlanRoot != "" {
planRoot := fmt.Sprintf("%-15v:\t%s\n\t", "Plan Root", v.PlanRoot)
part = part + planRoot
diff --git a/test/e2e/scan/golden/resource_skipping/terraform_file_resource_skipping.txt b/test/e2e/scan/golden/resource_skipping/terraform_file_resource_skipping.txt
index 8da85deb7..e05ea3c46 100644
--- a/test/e2e/scan/golden/resource_skipping/terraform_file_resource_skipping.txt
+++ b/test/e2e/scan/golden/resource_skipping/terraform_file_resource_skipping.txt
@@ -9,6 +9,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 85
@@ -21,6 +22,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -33,6 +35,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi1",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 10
@@ -45,6 +48,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -57,6 +61,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 71
@@ -69,6 +74,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -81,6 +87,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 85
@@ -93,6 +100,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -105,6 +113,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -117,6 +126,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -129,6 +139,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -144,6 +155,7 @@
"skip_comment": "need to skip this rule",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -157,6 +169,7 @@
"skip_comment": "need to skip this rule",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -170,6 +183,7 @@
"skip_comment": "need to skip this rule",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 71
diff --git a/test/e2e/scan/golden/rules_filtering/scan_and_skip_rules.txt b/test/e2e/scan/golden/rules_filtering/scan_and_skip_rules.txt
index a2cf8c564..461fd81c0 100644
--- a/test/e2e/scan/golden/rules_filtering/scan_and_skip_rules.txt
+++ b/test/e2e/scan/golden/rules_filtering/scan_and_skip_rules.txt
@@ -9,6 +9,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -21,6 +22,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/rules_filtering/scan_multiple_rules.txt b/test/e2e/scan/golden/rules_filtering/scan_multiple_rules.txt
index b83dc836b..0a11603dd 100644
--- a/test/e2e/scan/golden/rules_filtering/scan_multiple_rules.txt
+++ b/test/e2e/scan/golden/rules_filtering/scan_multiple_rules.txt
@@ -9,6 +9,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -21,6 +22,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -33,6 +35,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -45,6 +48,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -57,6 +61,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -69,6 +74,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 69
@@ -81,6 +87,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 82
@@ -93,6 +100,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/rules_filtering/scan_single_rule.txt b/test/e2e/scan/golden/rules_filtering/scan_single_rule.txt
index bc9714ea9..cdecf9306 100644
--- a/test/e2e/scan/golden/rules_filtering/scan_single_rule.txt
+++ b/test/e2e/scan/golden/rules_filtering/scan_single_rule.txt
@@ -9,6 +9,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/rules_filtering/skip_multiple_rules.txt b/test/e2e/scan/golden/rules_filtering/skip_multiple_rules.txt
index 742441bb1..af7e80c57 100644
--- a/test/e2e/scan/golden/rules_filtering/skip_multiple_rules.txt
+++ b/test/e2e/scan/golden/rules_filtering/skip_multiple_rules.txt
@@ -9,6 +9,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/rules_filtering/skip_single_rule.txt b/test/e2e/scan/golden/rules_filtering/skip_single_rule.txt
index b053f71e4..a847f77da 100644
--- a/test/e2e/scan/golden/rules_filtering/skip_single_rule.txt
+++ b/test/e2e/scan/golden/rules_filtering/skip_single_rule.txt
@@ -9,6 +9,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -21,6 +22,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 82
@@ -33,6 +35,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -45,6 +48,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 69
@@ -57,6 +61,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -69,6 +74,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -81,6 +87,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi1",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 10
@@ -93,6 +100,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human.txt
index bfe0192da..955515e99 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human.txt
@@ -2,6 +2,7 @@ Violation Details -
Description : Enable AWS AMI Encryption
File : main.tf
+ Module Name : root
Plan Root : ./
Line : 5
Severity : MEDIUM
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human_verbose.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human_verbose.txt
index c1313c44a..4560f9240 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human_verbose.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_human_verbose.txt
@@ -2,6 +2,7 @@ Violation Details -
Description : Enable AWS AMI Encryption
File : main.tf
+ Module Name : root
Plan Root : ./
Line : 5
Severity : MEDIUM
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json.txt
index 529907af8..e0ad8f51f 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json.txt
@@ -9,6 +9,7 @@
"category": "Encryption \u0026 KeyManagement",
"resource_name": "awsAmiEncrypted",
"resource_type": "aws_ami",
+ "module_name": "root",
"file": "main.tf",
"plan_root": "./",
"line": 5
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_all.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_all.txt
index 9713e8c4b..b341e9b4f 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_all.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_all.txt
@@ -21,6 +21,7 @@
"category": "Encryption \u0026 KeyManagement",
"resource_name": "awsAmiEncrypted",
"resource_type": "aws_ami",
+ "module_name": "root",
"file": "main.tf",
"plan_root": "./",
"line": 5
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_recursive.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_recursive.txt
index 54b01bd40..4f8e93e56 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_recursive.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_json_recursive.txt
@@ -21,6 +21,7 @@
"category": "Encryption \u0026 KeyManagement",
"resource_name": "awsAmiEncrypted",
"resource_type": "aws_ami",
+ "module_name": "root",
"file": "subFolder1/subFolder2/main.tf",
"plan_root": "subFolder1/subFolder2",
"line": 5
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_xml.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_xml.txt
index ee7626527..cde9b898f 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_xml.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_xml.txt
@@ -2,7 +2,7 @@
-
+
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_yaml.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_yaml.txt
index afaa372d3..3c5766729 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_yaml.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_ami_violations/aws_ami_violation_yaml.txt
@@ -7,6 +7,7 @@ results:
category: Encryption & KeyManagement
resource_name: awsAmiEncrypted
resource_type: aws_ami
+ module_name: root
file: main.tf
plan_root: ./
line: 5
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json.txt
index 2c6534c0b..9ace7e031 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json.txt
@@ -9,6 +9,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -21,6 +22,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -33,6 +35,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 82
@@ -45,6 +48,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -57,6 +61,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 69
@@ -69,6 +74,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi1",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 10
@@ -81,6 +87,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -93,6 +100,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -105,6 +113,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -117,6 +126,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 69
@@ -129,6 +139,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 82
@@ -141,6 +152,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -153,6 +165,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -165,6 +178,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json_show_passed.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json_show_passed.txt
index 92ade3e97..b2dd65745 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json_show_passed.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_json_show_passed.txt
@@ -32,6 +32,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 82
@@ -44,6 +45,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -56,6 +58,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -68,6 +71,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi1",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 10
@@ -80,6 +84,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -92,6 +97,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 69
@@ -104,6 +110,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi2",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 25
@@ -116,6 +123,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -128,6 +136,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi6",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 82
@@ -140,6 +149,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi4",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 55
@@ -152,6 +162,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi5",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 69
@@ -164,6 +175,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -176,6 +188,7 @@
"category": "Network Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
@@ -188,6 +201,7 @@
"category": "Data Security",
"resource_name": "PtShGgAdi3",
"resource_type": "aws_db_instance",
+ "module_name": "root",
"file": "main.tf",
"root_path": "./",
"line": 39
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_xml.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_xml.txt
index 244324cde..b41106396 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_xml.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_xml.txt
@@ -2,20 +2,20 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_yaml.txt b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_yaml.txt
index 3ec76b582..ad8380207 100644
--- a/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_yaml.txt
+++ b/test/e2e/scan/golden/terraform_scans/aws/aws_db_instance_violations/aws_db_instance_yaml.txt
@@ -7,6 +7,7 @@ results:
category: Network Security
resource_name: PtShGgAdi3
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 39
@@ -17,6 +18,7 @@ results:
category: Data Security
resource_name: PtShGgAdi3
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 39
@@ -27,6 +29,7 @@ results:
category: Data Security
resource_name: PtShGgAdi6
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 82
@@ -37,6 +40,7 @@ results:
category: Data Security
resource_name: PtShGgAdi4
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 55
@@ -47,6 +51,7 @@ results:
category: Data Security
resource_name: PtShGgAdi5
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 69
@@ -57,6 +62,7 @@ results:
category: Data Security
resource_name: PtShGgAdi1
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 10
@@ -67,6 +73,7 @@ results:
category: Data Security
resource_name: PtShGgAdi2
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 25
@@ -77,6 +84,7 @@ results:
category: Data Security
resource_name: PtShGgAdi3
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 39
@@ -87,6 +95,7 @@ results:
category: Data Security
resource_name: PtShGgAdi6
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 82
@@ -97,6 +106,7 @@ results:
category: Data Security
resource_name: PtShGgAdi4
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 55
@@ -107,6 +117,7 @@ results:
category: Data Security
resource_name: PtShGgAdi5
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 69
@@ -117,6 +128,7 @@ results:
category: Data Security
resource_name: PtShGgAdi2
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 25
@@ -127,6 +139,7 @@ results:
category: Data Security
resource_name: PtShGgAdi3
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 39
@@ -137,6 +150,7 @@ results:
category: Data Security
resource_name: PtShGgAdi3
resource_type: aws_db_instance
+ module_name: root
file: main.tf
root_path: ./
line: 39
diff --git a/test/e2e/scan/golden/terraform_scans/scanned_with_only_aws_policies.txt b/test/e2e/scan/golden/terraform_scans/scanned_with_only_aws_policies.txt
index 3b0ef3cc1..4f353515c 100644
--- a/test/e2e/scan/golden/terraform_scans/scanned_with_only_aws_policies.txt
+++ b/test/e2e/scan/golden/terraform_scans/scanned_with_only_aws_policies.txt
@@ -9,6 +9,7 @@
"category": "Encryption \u0026 KeyManagement",
"resource_name": "awsAmiEncrypted",
"resource_type": "aws_ami",
+ "module_name": "root",
"file": "main.tf",
"plan_root": "./",
"line": 5