Replies: 2 comments 4 replies
-
|
@nikpivkin take a look, please |
Beta Was this translation helpful? Give feedback.
-
|
Hi @dave505 Here's the output I got: {
"Type": "Terraform Security Check",
"ID": "ID-001",
"AVDID": "AVDID-001",
"Title": "some title",
"Description": "a description",
"Message": "foo",
"Namespace": "user.test001",
"Query": "data.user.test001.deny",
"Resolution": "fix this please",
"Severity": "LOW",
"Status": "FAIL",check: # METADATA
# title: some title
# description: a description
# scope: package
# schemas:
# - input: schema["cloud"]
# custom:
# id: ID-001
# avd_id: AVDID-001
# recommended_action: fix this please
# provider: aws
# service: s3
# severity: LOW
# input:
# selector:
# - type: cloud
# subtypes:
# - service: s3
# provider: aws
package user.test001
import rego.v1
deny contains res if {
res := result.new("foo", {})
} |
Beta Was this translation helpful? Give feedback.
-
|
Using your example, I'm seeing |
Beta Was this translation helpful? Give feedback.
-
|
How do you run Trivy? |
Beta Was this translation helpful? Give feedback.
-
|
Where ./custom/test.rego is your rego policy from above |
Beta Was this translation helpful? Give feedback.
-
|
Thank you, I'll investigate it |
Beta Was this translation helpful? Give feedback.
-
Description
Setting different values for metadata tags id: and avd_id: results in only avd_id: tag being used to populate both ID and AVDID
Desired Behavior
ID and AVDID should be different, I don't want to set AVDID for internal policies but it looks like I have to set the ID.
Actual Behavior
ID and AVDID are the same, id: tag was ignored
Reproduction Steps
Target
AWS
Scanner
Vulnerability
Output Format
None
Mode
Standalone
Debug Output
debug isn't working in v0.57.0Operating System
macOS Sonoma 14.5
Version
Checklist
trivy clean --allBeta Was this translation helpful? Give feedback.
All reactions