Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.0.4 version is not able to identify the encryption properties #100

Closed
vrbcntrl opened this issue Jun 23, 2019 · 3 comments
Closed

1.0.4 version is not able to identify the encryption properties #100

vrbcntrl opened this issue Jun 23, 2019 · 3 comments

Comments

@vrbcntrl
Copy link
Contributor

Hi @eerkunt,

I was testing the encryption_at_rest.feature with AWS RDS Instance and found that the rule is able to read the aws_db_instance resource however its not able to read the storage_encrypted=false property. it says : Failure: Resource aws_db_instance.default does not have encryption enabled (storage_encrypted). even though I have that property configured in my out file.

`. Running tests.
Feature: Resources should use encryption at rest while they are created # C:\Training\cloud\terraform-compliance\1.0.4\terraform-compliance-master\example\example_01\aws\testing-inprogress\encryption_at_rest.feature
In order to improve security
As engineers
We'll enforce encryption at rest

Scenario: RDS instances
    Given I have AWS RDS instance defined
    Then encryption must be enabled
      Failure: Resource aws_db_instance.default does not have encryption enabled (storage_encrypted).`

I have attached the .tf , .out, and .out.json files for yur reference

aws_db_instance_encryption.zip

@eerkunt
Copy link
Member

eerkunt commented Jun 23, 2019

After checking and re-testing on my local, it is working as intended.

"storage_encrypted": false,

in your plan out, therefore encryption is disabled, therefore the test you have described above is failing as intended.

@vrbcntrl
Copy link
Contributor Author

you are right, its working as expected, somehow It was throwing the same Failure message when i had storage_encrypted : true yesterday, i guess it was a mistake.

also, in the older versions prior to 1.0.0, the failure message used to be different, meaning the message used to tell, what is the current value and what is the expected value also. I guess you have changed the Failure message format now which is fine...thanks!

@eerkunt
Copy link
Member

eerkunt commented Jun 24, 2019

With #101 ( and 1.0.5) now terraform-compliance shows additional information about the failure.

@eerkunt eerkunt closed this as completed Jun 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants