Terraform

We already have some scripts in the scripts directory. It would be good to run them for every PR.
This is also a great task for beginners.

I suggest adding MongoDB Atlas to the supported cloud as a feather.

General Availability (GA) for docker compose v2 is "Almost There". With GA we could consider upgrading docker compose examples (sample project and [test](https://github.com/

Currently, terragrunt hclfmt will tell you if there are errors with your hcl file, but not display what they are if you are using --terragrunt-check flag. Example:
terragrunt hclfmt --terragrunt-check --terragrunt-log-level error

terraform fmt has this functionality with the -diff switch to show you what changes it would end up doing, which is great for CI and the end-user feedback l

Manually keeping all dependencies up to date can be a time consuming task which can easily be automated.

One possible solution for this is renovatebot which periodically checks for new versions and can create a pull request for each update found.

It can easily be deployed on kubernetes via helm and works with [gite

Here are the steps to migrate a resource:

1. Pull latest changes from my refactor-migration-t1 branch.
2. Set the var SINGLE_RESOURCE_NAME in cmd/migrator/main.go to the resource filename.
3. Run go run cmd/migrator/main.go, the resource file would be edited and a new resource file will be created in internal/resources/aws
4. All things that the script was unable to migrate are chang

Is your feature request related to a problem? Please describe.

Provide a feature to validate your custom checks work as expected. If we have custom checks in a central location, it would be good to have a way to validate those checks work as we expect.

Describe the solution you'd like
we provide HCL that passes and HCL that fails, tfsec would have a test cmd that would validate

Describe the issue
https://github.com/bridgecrewio/checkov/blob/master/checkov/dockerfile/checks/UserExists.py doesn't cover all of https://docs.bridgecrew.io/docs/ensure-that-a-user-for-the-container-has-been-created

Bridgecrew Policy ID: BC_DKR_3
Checkov Check ID: CKV_DOCKER_3

ToDo: Additionally check if gosu is executed in either CMD or ENTRYPOINT

Examples

FROM al

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions

The example shown here (https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secrets) has a for_each on the data source. I used it for one of my use cases, but it throws the below error.

data "azurerm_key_vault" "cpe_akv" {
name = "cpe"
resource_group_name = "cpe-secrets"
}

data "azurerm_key_vault_secrets" "secrets" {
key_vaul

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira