Fix line reporting for unencrypted ebs block device

aquasecurity · Mar 5, 2019 · 6080d27 · 6080d27
1 parent 478b223
commit 6080d27
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/scanner/aws.go b/scanner/aws.go
@@ -15,12 +15,16 @@ func checkAWSEC2ClassicUsage(resource Resource) *Result {
 func checkAWSUnencryptedBlockDevices(resource Resource) *Result {
 
 	if bd, err := resource.Get("ebs_block_device"); err == nil {
-		if enc, err := bd.Get("encrypted"); err != nil || strings.ToLower(enc.String()) == "false" || strings.ToLower(enc.String()) == "0" {
+		if enc, err := bd.Get("encrypted"); strings.ToLower(enc.String()) == "false" || strings.ToLower(enc.String()) == "0" {
 			return NewResult(
 				enc.pos,
 				fmt.Sprintf("Resource '%s' uses an unencrypted EBS block device.", resource.String()),
 			)
-
+		} else if err != nil {
+			return NewResult(
+				bd.pos,
+				fmt.Sprintf("Resource '%s' uses an unencrypted EBS block device.", resource.String()),
+			)
 		}
 	}