Terraform - dyanmic block - Invalid "for-each" argument: map key (or set value) #7610
Closed
roleyfoley
started this conversation in
Bugs
Replies: 2 comments
-
Just tried changing from a list of objects to a map of objects and it works ok
tfvars
output trivy fs .
2024-09-28T12:03:36+10:00 INFO Loaded file_path="trivy.yaml"
2024-09-28T12:03:36+10:00 INFO [misconfig] Misconfiguration scanning is enabled
2024-09-28T12:03:36+10:00 INFO [terraform scanner] Scanning root module file_path="."
2024-09-28T12:03:36+10:00 INFO Detected config files num=1 Looking at that layout it probably makes more sense to do it that way in terraform, but still seems to be different behaviour between the terraform and trivy handling |
Beta Was this translation helpful? Give feedback.
0 replies
-
Hi @roleyfoley ! Track #7611 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
Just started playing around with trivy for misconfiguration checking on our terraform modules. I have a dynamic block inside of a aws_iam_policy_document data block and when trivy run it generates the following error
The variable provided to the for_each loop is a set of objects that are used in this dynamic block and in a couple of othe spots in our overall module
Desired Behavior
Trivy can evalute this for-each loop as expected
Actual Behavior
Trivy fails to run misconfiguration scanning on the terraform module
Reproduction Steps
main.tf
test.tfvars
trivy.yaml
Command
Operating System
MacOS Sanoma 14.6.1
Version
trivy --version 2024-09-28T11:53:28+10:00 INFO Loaded file_path="trivy.yaml" Version: 0.55.2 Vulnerability DB: Version: 2 UpdatedAt: 2024-09-28 00:23:12.078416438 +0000 UTC NextUpdate: 2024-09-28 06:23:12.078416118 +0000 UTC DownloadedAt: 2024-09-28 01:28:54.29594 +0000 UTC Check Bundle: Digest: sha256:ef2d9ad4fce0f933b20a662004d7e55bf200987c180e7f2cd531af631f408bb3 DownloadedAt: 2024-09-27 09:46:54.898547 +0000 UTC
Checklist
trivy clean --all
Beta Was this translation helpful? Give feedback.
All reactions