Spelling

CHANGELOG.md

@@ -32,7 +32,7 @@
 - \[fix\] Resolve Vulnerable packages [\#1486](https://github.com/tenable/terrascan/pull/1486) ([rahulchheda](https://github.com/rahulchheda))
 - added tar.gz archive for windows [\#1474](https://github.com/tenable/terrascan/pull/1474) ([nasir-rabbani](https://github.com/nasir-rabbani))
 - Update opa and cobra version [\#1472](https://github.com/tenable/terrascan/pull/1472) ([nasir-rabbani](https://github.com/nasir-rabbani))
-- ignored matching provider verson in tests [\#1470](https://github.com/tenable/terrascan/pull/1470) ([nasir-rabbani](https://github.com/nasir-rabbani))
+- ignored matching provider version in tests [\#1470](https://github.com/tenable/terrascan/pull/1470) ([nasir-rabbani](https://github.com/nasir-rabbani))
 - added terraform and provider version in resource config [\#1469](https://github.com/tenable/terrascan/pull/1469) ([nasir-rabbani](https://github.com/nasir-rabbani))
 - Bump github.com/hashicorp/go-getter from 1.5.11 to 1.6.2 [\#1298](https://github.com/tenable/terrascan/pull/1298) ([dependabot[bot]](https://github.com/apps/dependabot))
 
@@ -244,7 +244,7 @@
 
 - skip terrascan init for --config-with-error flag [\#1160](https://github.com/accurics/terrascan/pull/1160) ([nasir-rabbani](https://github.com/nasir-rabbani))
 - Bugfix/s3 user policy [\#1157](https://github.com/accurics/terrascan/pull/1157) ([gaurav-gogia](https://github.com/gaurav-gogia))
-- fix rds encryptionc check policy [\#1156](https://github.com/accurics/terrascan/pull/1156) ([gaurav-gogia](https://github.com/gaurav-gogia))
+- fix rds encryption check policy [\#1156](https://github.com/accurics/terrascan/pull/1156) ([gaurav-gogia](https://github.com/gaurav-gogia))
 - Update mkdocs-material to 8.2.1 [\#1155](https://github.com/accurics/terrascan/pull/1155) ([pyup-bot](https://github.com/pyup-bot))
 - Adds: missing release tag push step [\#1151](https://github.com/accurics/terrascan/pull/1151) ([Rchanger](https://github.com/Rchanger))
 - Adding CFT scanning support for the resources: [\#1149](https://github.com/accurics/terrascan/pull/1149) ([shreyas-phansalkar-189](https://github.com/shreyas-phansalkar-189))
@@ -445,7 +445,7 @@
 
 - Link to docks in README  [\#944](https://github.com/accurics/terrascan/issues/944)
 - Ensure remote modules are downloaded only once [\#936](https://github.com/accurics/terrascan/issues/936)
-- Rule supression for specific resources [\#868](https://github.com/accurics/terrascan/issues/868)
+- Rule suppression for specific resources [\#868](https://github.com/accurics/terrascan/issues/868)
 
 **Merged pull requests:**
 
@@ -570,7 +570,7 @@
 
 **Fixed bugs:**
 
-- Azure AKS failling to check the network policy status. [\#789](https://github.com/accurics/terrascan/issues/789)
+- Azure AKS failing to check the network policy status. [\#789](https://github.com/accurics/terrascan/issues/789)
 - Scan for terraform doesn't error out if a module definition refers to a directory with no tf files [\#782](https://github.com/accurics/terrascan/issues/782)
 - Wrong detection of MemoryRequestsCheck,CpuRequestsCheck,noReadinessProbe and nolivenessProbe policy in k8s Job spec  [\#767](https://github.com/accurics/terrascan/issues/767)
 - Update Docker build for terrascan to use numeric UID [\#766](https://github.com/accurics/terrascan/issues/766)
@@ -579,7 +579,7 @@
 - tfplan should use resource address for id field [\#702](https://github.com/accurics/terrascan/issues/702)
 - Rule IDs with spaces cannot be skipped [\#610](https://github.com/accurics/terrascan/issues/610)
 - AWS.CloudFront.Network Security.Low.0568 Doesn't allow skipping due to space in filename [\#549](https://github.com/accurics/terrascan/issues/549)
-- Error parsing syntax if using complex query for dynamic ip\_restriction in azurerm\_function\_app or azurerm\_app\_service ressource [\#433](https://github.com/accurics/terrascan/issues/433)
+- Error parsing syntax if using complex query for dynamic ip\_restriction in azurerm\_function\_app or azurerm\_app\_service resource [\#433](https://github.com/accurics/terrascan/issues/433)
 
 **Closed issues:**
 
@@ -633,7 +633,7 @@
 - Adding Aws new policies cloudTrail [\#810](https://github.com/accurics/terrascan/pull/810) ([Avanti19](https://github.com/Avanti19))
 - Feature/az id field [\#808](https://github.com/accurics/terrascan/pull/808) ([gaurav-gogia](https://github.com/gaurav-gogia))
 - added support for sarif formatted violation reports [\#806](https://github.com/accurics/terrascan/pull/806) ([dev-gaur](https://github.com/dev-gaur))
-- Adds support to scan config resources with applicable policies & Refactors filteration [\#803](https://github.com/accurics/terrascan/pull/803) ([patilpankaj212](https://github.com/patilpankaj212))
+- Adds support to scan config resources with applicable policies & Refactors filtration [\#803](https://github.com/accurics/terrascan/pull/803) ([patilpankaj212](https://github.com/patilpankaj212))
 - Adds: in-file instrumentation for resource prioritizing [\#802](https://github.com/accurics/terrascan/pull/802) ([Rchanger](https://github.com/Rchanger))
 - shifted opa engine warning message to debug log level [\#800](https://github.com/accurics/terrascan/pull/800) ([dev-gaur](https://github.com/dev-gaur))
 - fix: added validation for module local source dir [\#793](https://github.com/accurics/terrascan/pull/793) ([Rchanger](https://github.com/Rchanger))
@@ -690,16 +690,16 @@
 - fix failing test [\#740](https://github.com/accurics/terrascan/pull/740) ([patilpankaj212](https://github.com/patilpankaj212))
 - AWS policy pack update [\#737](https://github.com/accurics/terrascan/pull/737) ([harkirat22](https://github.com/harkirat22))
 - Adding release checklist [\#734](https://github.com/accurics/terrascan/pull/734) ([jlk](https://github.com/jlk))
-- Gh action terrscan\_atlantis release [\#733](https://github.com/accurics/terrascan/pull/733) ([dev-gaur](https://github.com/dev-gaur))
-- adds agrocd integration dockerfile, scripts, doc  and examples [\#732](https://github.com/accurics/terrascan/pull/732) ([Rchanger](https://github.com/Rchanger))
+- Gh action terrascan\_atlantis release [\#733](https://github.com/accurics/terrascan/pull/733) ([dev-gaur](https://github.com/dev-gaur))
+- adds argocd integration dockerfile, scripts, doc  and examples [\#732](https://github.com/accurics/terrascan/pull/732) ([Rchanger](https://github.com/Rchanger))
 - Fix NSG associations [\#727](https://github.com/accurics/terrascan/pull/727) ([xortim](https://github.com/xortim))
 - changes for argocd integration [\#724](https://github.com/accurics/terrascan/pull/724) ([patilpankaj212](https://github.com/patilpankaj212))
 - Update admission-controller-webhooks-usage.md [\#722](https://github.com/accurics/terrascan/pull/722) ([amirbenv](https://github.com/amirbenv))
 - fix - \#718 [\#720](https://github.com/accurics/terrascan/pull/720) ([patilpankaj212](https://github.com/patilpankaj212))
 - doc: add homebrew badge [\#714](https://github.com/accurics/terrascan/pull/714) ([chenrui333](https://github.com/chenrui333))
 - update version [\#713](https://github.com/accurics/terrascan/pull/713) ([chenrui333](https://github.com/chenrui333))
 - adds skipped tests for server file scan when file is k8s yaml [\#706](https://github.com/accurics/terrascan/pull/706) ([Rchanger](https://github.com/Rchanger))
-- fixes infinte loop while local variable resolution [\#700](https://github.com/accurics/terrascan/pull/700) ([patilpankaj212](https://github.com/patilpankaj212))
+- fixes infinite loop while local variable resolution [\#700](https://github.com/accurics/terrascan/pull/700) ([patilpankaj212](https://github.com/patilpankaj212))
 - add terrascan atlantis container files, scripts and doc. [\#684](https://github.com/accurics/terrascan/pull/684) ([dev-gaur](https://github.com/dev-gaur))
 - adds support to scan directory with all iac providers in cli mode [\#674](https://github.com/accurics/terrascan/pull/674) ([patilpankaj212](https://github.com/patilpankaj212))
 - adds support to scan sub folders for terraform iac provider [\#640](https://github.com/accurics/terrascan/pull/640) ([patilpankaj212](https://github.com/patilpankaj212))
@@ -800,7 +800,7 @@
 - Adds support for junit xml output [\#527](https://github.com/accurics/terrascan/pull/527)
 - Adds e2e test scenarios for help and scan command [\#564](https://github.com/accurics/terrascan/pull/564)
 - Adds e2e tests for api server [\#585](https://github.com/accurics/terrascan/pull/585)
-- Please checkout our new [Github Action!](https://github.com/marketplace/actions/terrascan-iac-scanner)
+- Please checkout our new [GitHub Action!](https://github.com/marketplace/actions/terrascan-iac-scanner)
 
 **Fixed bugs:**
 
@@ -855,7 +855,7 @@
 **Closed issues:**
 
 - How to get rid of "Anonymous, public read access to a container and its blobs can be enabled in Azure Blob storage. This is only recommended if absolutely necessary." [\#405](https://github.com/accurics/terrascan/issues/405)
-- False Positive for accurics.azure.NS.161 when Security Groups Association and Subnets are defined indepently from VNet [\#391](https://github.com/accurics/terrascan/issues/391)
+- False Positive for accurics.azure.NS.161 when Security Groups Association and Subnets are defined independently from VNet [\#391](https://github.com/accurics/terrascan/issues/391)
 - Calico is not supported as a valid Network Security for azurerm\_kubernetes\_cluster [\#376](https://github.com/accurics/terrascan/issues/376)
 
 **Merged pull requests:**
@@ -893,14 +893,14 @@
 
 **Closed issues:**
 
-- Custom Variable Validation no longer experiemental in 0.13 [\#500](https://github.com/accurics/terrascan/issues/500)
+- Custom Variable Validation no longer experimental in 0.13 [\#500](https://github.com/accurics/terrascan/issues/500)
 
 **Merged pull requests:**
 
 - release v1.3.1 [\#508](https://github.com/accurics/terrascan/pull/508) ([kanchwala-yusuf](https://github.com/kanchwala-yusuf))
 - fix dependencies that were breaking the darwin/arm64 build [\#507](https://github.com/accurics/terrascan/pull/507) ([williepaul](https://github.com/williepaul))
 - support for terraform registry remote modules [\#505](https://github.com/accurics/terrascan/pull/505) ([patilpankaj212](https://github.com/patilpankaj212))
-- Readme rule supression [\#503](https://github.com/accurics/terrascan/pull/503) ([amirbenv](https://github.com/amirbenv))
+- Readme rule suppression [\#503](https://github.com/accurics/terrascan/pull/503) ([amirbenv](https://github.com/amirbenv))
 - Bump github.com/hashicorp/go-retryablehttp from 0.6.6 to 0.6.8 [\#496](https://github.com/accurics/terrascan/pull/496) ([dependabot[bot]](https://github.com/apps/dependabot))
 - Bump github.com/hashicorp/go-getter from 1.5.1 to 1.5.2 [\#495](https://github.com/accurics/terrascan/pull/495) ([dependabot[bot]](https://github.com/apps/dependabot))
 
@@ -1025,19 +1025,19 @@
 
 **Closed issues:**
 
-- Deep modules location mis-proccessed.  [\#365](https://github.com/accurics/terrascan/issues/365)
+- Deep modules location mis-processed.  [\#365](https://github.com/accurics/terrascan/issues/365)
 - 20MB binary file included in repo now [\#364](https://github.com/accurics/terrascan/issues/364)
 - Private GitHub repositories are not recognized with version 3.0.0+ of GitHub provider [\#326](https://github.com/accurics/terrascan/issues/326)
 - Terrascan -var-file=../another dir [\#144](https://github.com/accurics/terrascan/issues/144)
 - Error in test\_aws\_security\_group\_inline\_rule\_open and test\_aws\_security\_group\_rule\_open [\#138](https://github.com/accurics/terrascan/issues/138)
-- Intial setup after installation [\#136](https://github.com/accurics/terrascan/issues/136)
+- Initial setup after installation [\#136](https://github.com/accurics/terrascan/issues/136)
 - Add support for data sources [\#3](https://github.com/accurics/terrascan/issues/3)
 - Support from modules [\#2](https://github.com/accurics/terrascan/issues/2)
 
 **Merged pull requests:**
 
-- Bring Go to 1.15 in Github Actions [\#384](https://github.com/accurics/terrascan/pull/384) ([gliptak](https://github.com/gliptak))
-- Bring Go to 1.15 in Github Actions [\#383](https://github.com/accurics/terrascan/pull/383) ([gliptak](https://github.com/gliptak))
+- Bring Go to 1.15 in GitHub Actions [\#384](https://github.com/accurics/terrascan/pull/384) ([gliptak](https://github.com/gliptak))
+- Bring Go to 1.15 in GitHub Actions [\#383](https://github.com/accurics/terrascan/pull/383) ([gliptak](https://github.com/gliptak))
 - fix a bug when rendering subcharts [\#381](https://github.com/accurics/terrascan/pull/381) ([williepaul](https://github.com/williepaul))
 - Added kustomize support [\#378](https://github.com/accurics/terrascan/pull/378) ([dev-gaur](https://github.com/dev-gaur))
 - Adds support for Helm v3 [\#377](https://github.com/accurics/terrascan/pull/377) ([williepaul](https://github.com/williepaul))
@@ -1081,7 +1081,7 @@
 
 **Fixed bugs:**
 
-- Oudated Docker image [\#294](https://github.com/accurics/terrascan/issues/294)
+- Outdated Docker image [\#294](https://github.com/accurics/terrascan/issues/294)
 - Error with XML output [\#290](https://github.com/accurics/terrascan/issues/290)
 - Fixed checkIpForward rule \(gcp\) [\#323](https://github.com/accurics/terrascan/pull/323) ([williepaul](https://github.com/williepaul))
 

README.md

@@ -154,7 +154,7 @@ The `--find-vuln` flag can be used when scanning IaC files as follows:
 $ terrascan scan -i <IaC provider> --find-vuln
 ```
 
-For more information and explanation of how to setup your environment to authenticate with the registrie's APIs see the [usage](https://runterrascan.io/docs/usage/command_line_mode/) documentation.
+For more information and explanation of how to setup your environment to authenticate with the registry's APIs see the [usage](https://runterrascan.io/docs/usage/command_line_mode/) documentation.
 
 ## Customizing scans
 

docs/README.md

@@ -1,3 +1,3 @@
 # Terrascan documentation
 
-Documenation for terrascan lives at [runterrascan.io](www.runterrascan.io). Any updates or contributions to the documentation can be made in the [tenable/runterrascan.io](https://github.com/tenable/runterrascan.io) GitHub repository.
+Documentation for terrascan lives at [runterrascan.io](www.runterrascan.io). Any updates or contributions to the documentation can be made in the [tenable/runterrascan.io](https://github.com/tenable/runterrascan.io) GitHub repository.

docs/policies.md

@@ -63,7 +63,7 @@ $ terrascan scan -i terraform --config-only -o json
 ```
 
 
-You can use this `.json` output as the input in the [rego playgound](https://play.openpolicyagent.org/). The following policy can be used on the above Terraform to flag if the GitHub repository has been created with `private = false`.
+You can use this `.json` output as the input in the [rego playground](https://play.openpolicyagent.org/). The following policy can be used on the above Terraform to flag if the GitHub repository has been created with `private = false`.
 
 ```
 package accurics

docs/policies/aws.md

@@ -72,7 +72,7 @@
 | Data Protection | RDS | MEDIUM | Ensure that your RDS database has IAM Authentication enabled. | AWS.RDS.DataSecurity.High.0577 | AC_AWS_0053 |
 | Infrastructure Security | RDS | HIGH | RDS Instance publicly_accessible flag is true | AWS.RDS.NS.High.0101 | AC_AWS_0054 |
 | Data Protection | RDS | HIGH | RDS Instance Auto Minor Version Upgrade flag disabled | AWS.RDS.DS.High.1041 | AC_AWS_0056 |
-| Data Protection | RDS | HIGH | Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and descryption of data transparently with minimal impact on performance. | AWS.RDS.DataSecurity.High.0414 | AC_AWS_0058 |
+| Data Protection | RDS | HIGH | Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance. | AWS.RDS.DataSecurity.High.0414 | AC_AWS_0058 |
 
 
 ### aws_secretsmanager_secret_policy
@@ -198,7 +198,7 @@
 | Category | Resource | Severity | Description | Reference ID | ID |
 | -------- | -------- | -------- | ----------- | ------------ | -- |
 | Infrastructure Security | EcsCluster | HIGH | Like any other EC2 instance it is recommended to place ECS instance within a VPC. AWS VPCs provides the controls to facilitate a formal process for approving and testing all network connections and changes to the firewall and router configurations | AWS.EcsCluster.NetworkSecurity.High.0104 | AC_AWS_0088 |
-| Infrastructure Security | AETD | MEDIUM | Ensure EFS volume used for ECS task defination has in transit encryption enabled | AWS.AETD.IS.MEDIUM.0043 | AC_AWS_0463 |
+| Infrastructure Security | AETD | MEDIUM | Ensure EFS volume used for ECS task definition has in transit encryption enabled | AWS.AETD.IS.MEDIUM.0043 | AC_AWS_0463 |
 | Data Protection | LaunchConfiguration | HIGH | Sensitive Information Disclosure | AWS.LaunchConfiguration.DataSecurity.High.0101 | AC_AWS_0095 |
 
 
@@ -480,8 +480,8 @@
 ### aws_lambda_function
 | Category | Resource | Severity | Description | Reference ID | ID |
 | -------- | -------- | -------- | ----------- | ------------ | -- |
-| Logging and Monitoring | LambdaFunction | MEDIUM | Ensure AWS Lambda function has policy attached. | AWS.LambdaFunction.LM.MEIDUM.0063 | AC_AWS_0484 |
-| Infrastructure Security | LambdaFunction | LOW | Lambda function does not include a VPC configuration. | AWS.LambdaFunction.Logging.0472 | AC_AWS_0486 |
+| Logging and Monitoring | LambdaFunction | MEDIUM | Ensure AWS Lambda function has policy attached. | AWS.LambdaFunction.LM.MEDIUM.0063 | AC_AWS_0484 |
+| Infrastructure Security | LambdaFunction | Low | Lambda function does not include a VPC configuration. | AWS.LambdaFunction.Logging.0472 | AC_AWS_0486 |
 | Logging and Monitoring | LambdaFunction | LOW | Lambda tracing is not enabled. | AWS.LambdaFunction.Logging.0470 | AC_AWS_0485 |
 | Data Protection | LambdaFunction | HIGH | Lambda does not use KMS CMK key to protect environment variables. | AWS.LambdaFunction.EncryptionandKeyManagement.0471 | AC_AWS_0483 |
 | Logging and Monitoring | LambdaFunction | LOW | Lambda tracing is not enabled. | AWS.LambdaFunction.Logging.0470 | AC_AWS_0163 |

integrations/argocd/examples/presynchook-webhook.yml

@@ -14,7 +14,7 @@ spec:
          type: RuntimeDefault
      containers:
      - name: terrascan-argocd
-       image: <CUSTOME PRESYNC HOOK IMAGE>
+       image: <CUSTOM PRESYNC HOOK IMAGE>
        resources:
          requests:
            cpu: "1"

integrations/argocd/examples/presynchook.yml

@@ -30,7 +30,7 @@ spec:
            name: known-hosts-config
      containers:
      - name: terrascan-argocd
-       image: <terrscan-image>
+       image: <terrascan-image>
        resources:
          requests:
            cpu: "1"

pkg/cli/run.go

@@ -144,7 +144,7 @@ func (s *ScanOptions) Scan() error {
 	return nil
 }
 
-// Init initalises and validates ScanOptions
+// Init initialises and validates ScanOptions
 func (s *ScanOptions) Init() error {
 	s.initColor()
 	if err := s.validate(); err != nil {

pkg/config/config-reader_test.go

@@ -80,7 +80,7 @@ func TestNewTerrascanConfigReader(t *testing.T) {
 			want: &TerrascanConfigReader{},
 		},
 		{
-			name: "non existent config file",
+			name: "nonexistent config file",
 			args: args{
 				fileName: "test",
 			},

pkg/config/types.go

@@ -16,7 +16,7 @@
 
 package config
 
-// Global initalizes GlobalConfig struct
+// Global initializes GlobalConfig struct
 var global *TerrascanConfig
 
 // TerrascanConfig struct defines global variables/configurations across terrascan