You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
Running Trivy in terraform/environments/nomis-combined-reporting
2024-12-27T16:52:37Z INFO [vulndb] Need to update DB
2024-12-27T16:52:37Z INFO [vulndb] Downloading vulnerability DB...
2024-12-27T16:52:37Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-27T16:52:39Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-27T16:52:39Z INFO [vuln] Vulnerability scanning is enabled
2024-12-27T16:52:39Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-27T16:52:39Z INFO [misconfig] Need to update the built-in checks
2024-12-27T16:52:39Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2024-12-27T16:52:40Z INFO [secret] Secret scanning is enabled
2024-12-27T16:52:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-27T16:52:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-12-27T16:52:41Z INFO [terraform scanner] Scanning root module file_path="."
2024-12-27T16:52:41Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_plan.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_selection.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.route53" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_metric_filter.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_metric_alarm.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_policy.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role_policy_attachment.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_service_linked_role.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_key_pair.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_kms_grant.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group.instance" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group_attachment.instance" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_link.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_query_log.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_network_services" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_vpc" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.self" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_endpoint.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule_association.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_zone.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret_version.fixed" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.route53_resolver" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic_subscription.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_association.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_document.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.fixed" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.placeholder" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.assume_role" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.acm_certificate" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.cloudwatch_dashboard" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_autoscaling_group" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_instance" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.efs" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.fsx_windows" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb_listener" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.s3_bucket" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.secrets" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.this" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:41Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:42Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_network_services" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_vpc" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnet.this" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnets.this" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2024-12-27T16:52:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2024-12-27T16:52:44Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"
2024-12-27T16:52:44Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"
2024-12-27T16:52:44Z INFO Number of language-specific files num=0
2024-12-27T16:52:44Z INFO Detected config files num=4
trivy_exitcode=0
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains templates
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 169, Failed checks: 0, Skipped checks: 26
checkov_exitcode=0
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.9.1)
tflint will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running tflint in terraform/environments/nomis-combined-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Trivy in terraform/environments/nomis-combined-reporting
2024-12-27T16:52:37Z INFO [vulndb] Need to update DB
2024-12-27T16:52:37Z INFO [vulndb] Downloading vulnerability DB...2024-12-27T16:52:37Z INFO [vulndb] Downloading artifact...repo="public.ecr.aws/aquasecurity/trivy-db:2"2024-12-27T16:52:39Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"2024-12-27T16:52:39Z INFO [vuln] Vulnerability scanning is enabled
2024-12-27T16:52:39Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-27T16:52:39Z INFO [misconfig] Need to update the built-in checks
2024-12-27T16:52:39Z INFO [misconfig] Downloading the built-in checks...160.80 KiB /160.80 KiB [---------------------------------------------------------] 100.00%? p/s 0s2024-12-27T16:52:40Z INFO [secret] Secret scanning is enabled
2024-12-27T16:52:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-27T16:52:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection2024-12-27T16:52:41Z INFO [terraformscanner] Scanning root module file_path="."2024-12-27T16:52:41Z WARN [terraformparser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.module="root"variables="networking"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_plan.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_selection.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.route53"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_metric_filter.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_metric_alarm.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_policy.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role_policy_attachment.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_service_linked_role.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_key_pair.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_kms_grant.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group.instance"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group_attachment.instance"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_link.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_query_log.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_network_services"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_vpc"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.self"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_endpoint.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule_association.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_zone.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret_version.fixed"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.route53_resolver"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic_subscription.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_association.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_document.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.fixed"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.placeholder"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.assume_role"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.acm_certificate"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.cloudwatch_dashboard"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_autoscaling_group"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_instance"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.efs"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.fsx_windows"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb_listener"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.s3_bucket"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.secrets"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.this"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:41Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:42Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:42Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_network_services"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_vpc"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnet.this"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnets.this"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2024-12-27T16:52:43Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2024-12-27T16:52:44Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"2024-12-27T16:52:44Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"2024-12-27T16:52:44Z INFO Number of language-specific files num=02024-12-27T16:52:44Z INFO Detected config files num=4trivy_exitcode=0*****************************
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
Running Trivy in terraform/environments/nomis-combined-reporting
2024-12-30T09:27:42Z INFO [vulndb] Need to update DB
2024-12-30T09:27:42Z INFO [vulndb] Downloading vulnerability DB...
2024-12-30T09:27:42Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-30T09:27:44Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-30T09:27:44Z INFO [vuln] Vulnerability scanning is enabled
2024-12-30T09:27:44Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-30T09:27:44Z INFO [misconfig] Need to update the built-in checks
2024-12-30T09:27:44Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2024-12-30T09:27:45Z INFO [secret] Secret scanning is enabled
2024-12-30T09:27:45Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-30T09:27:45Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-12-30T09:27:46Z INFO [terraform scanner] Scanning root module file_path="."
2024-12-30T09:27:46Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_plan.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_selection.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.route53" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_metric_filter.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_metric_alarm.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_policy.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role_policy_attachment.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_service_linked_role.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_key_pair.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_kms_grant.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group.instance" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group_attachment.instance" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_link.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_query_log.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_network_services" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_vpc" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.self" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_endpoint.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule_association.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_zone.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret_version.fixed" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.route53_resolver" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic_subscription.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_association.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_document.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.fixed" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.placeholder" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.assume_role" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.acm_certificate" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.cloudwatch_dashboard" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_autoscaling_group" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_instance" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.efs" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.fsx_windows" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb_listener" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.s3_bucket" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.secrets" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.this" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:46Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_network_services" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_vpc" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnet.this" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnets.this" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2024-12-30T09:27:47Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2024-12-30T09:27:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"
2024-12-30T09:27:48Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"
2024-12-30T09:27:48Z INFO Number of language-specific files num=0
2024-12-30T09:27:48Z INFO Detected config files num=4
trivy_exitcode=0
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains templates
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 169, Failed checks: 0, Skipped checks: 26
checkov_exitcode=0
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.9.1)
tflint will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running tflint in terraform/environments/nomis-combined-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Trivy in terraform/environments/nomis-combined-reporting
2024-12-30T09:27:42Z INFO [vulndb] Need to update DB
2024-12-30T09:27:42Z INFO [vulndb] Downloading vulnerability DB...2024-12-30T09:27:42Z INFO [vulndb] Downloading artifact...repo="public.ecr.aws/aquasecurity/trivy-db:2"2024-12-30T09:27:44Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"2024-12-30T09:27:44Z INFO [vuln] Vulnerability scanning is enabled
2024-12-30T09:27:44Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-30T09:27:44Z INFO [misconfig] Need to update the built-in checks
2024-12-30T09:27:44Z INFO [misconfig] Downloading the built-in checks...160.80 KiB /160.80 KiB [------------------------------------------------------] 100.00%? p/s 100ms2024-12-30T09:27:45Z INFO [secret] Secret scanning is enabled
2024-12-30T09:27:45Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-30T09:27:45Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection2024-12-30T09:27:46Z INFO [terraformscanner] Scanning root module file_path="."2024-12-30T09:27:46Z WARN [terraformparser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.module="root"variables="networking"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_plan.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_selection.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.route53"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_metric_filter.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_metric_alarm.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_policy.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role_policy_attachment.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_service_linked_role.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_key_pair.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_kms_grant.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group.instance"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group_attachment.instance"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_link.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_query_log.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_network_services"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_vpc"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.self"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_endpoint.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule_association.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_zone.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret_version.fixed"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.route53_resolver"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic_subscription.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_association.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_document.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.fixed"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.placeholder"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.assume_role"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.acm_certificate"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.cloudwatch_dashboard"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_autoscaling_group"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_instance"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.efs"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.fsx_windows"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb_listener"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.s3_bucket"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.secrets"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.this"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:46Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_network_services"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_vpc"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnet.this"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnets.this"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2024-12-30T09:27:47Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2024-12-30T09:27:48Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"2024-12-30T09:27:48Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"2024-12-30T09:27:48Z INFO Number of language-specific files num=02024-12-30T09:27:48Z INFO Detected config files num=4trivy_exitcode=0*****************************
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
Running Trivy in terraform/environments/nomis-combined-reporting
2024-12-30T10:36:53Z INFO [vulndb] Need to update DB
2024-12-30T10:36:53Z INFO [vulndb] Downloading vulnerability DB...
2024-12-30T10:36:53Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-30T10:36:55Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-30T10:36:55Z INFO [vuln] Vulnerability scanning is enabled
2024-12-30T10:36:55Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-30T10:36:55Z INFO [misconfig] Need to update the built-in checks
2024-12-30T10:36:55Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2024-12-30T10:36:55Z INFO [secret] Secret scanning is enabled
2024-12-30T10:36:55Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-30T10:36:55Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2024-12-30T10:36:56Z INFO [terraform scanner] Scanning root module file_path="."
2024-12-30T10:36:56Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_plan.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_selection.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.route53" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_metric_filter.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_metric_alarm.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_policy.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role_policy_attachment.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_service_linked_role.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_key_pair.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_kms_grant.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group.instance" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group_attachment.instance" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_link.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_query_log.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_network_services" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_vpc" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.self" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_endpoint.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule_association.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_zone.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret_version.fixed" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.route53_resolver" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic_subscription.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_association.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_document.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.fixed" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.placeholder" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.assume_role" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.this" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.acm_certificate" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.cloudwatch_dashboard" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_autoscaling_group" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_instance" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.efs" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.fsx_windows" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb_listener" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.s3_bucket" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.secrets" value="cty.NilVal"
2024-12-30T10:36:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.this" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_network_services" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_vpc" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnet.this" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnets.this" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2024-12-30T10:36:57Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2024-12-30T10:36:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"
2024-12-30T10:36:59Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"
2024-12-30T10:36:59Z INFO Number of language-specific files num=0
2024-12-30T10:36:59Z INFO Detected config files num=4
trivy_exitcode=0
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains templates
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 169, Failed checks: 0, Skipped checks: 26
checkov_exitcode=0
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.9.1)
tflint will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running tflint in terraform/environments/nomis-combined-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Trivy in terraform/environments/nomis-combined-reporting
2024-12-30T10:36:53Z INFO [vulndb] Need to update DB
2024-12-30T10:36:53Z INFO [vulndb] Downloading vulnerability DB...2024-12-30T10:36:53Z INFO [vulndb] Downloading artifact...repo="public.ecr.aws/aquasecurity/trivy-db:2"2024-12-30T10:36:55Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"2024-12-30T10:36:55Z INFO [vuln] Vulnerability scanning is enabled
2024-12-30T10:36:55Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-30T10:36:55Z INFO [misconfig] Need to update the built-in checks
2024-12-30T10:36:55Z INFO [misconfig] Downloading the built-in checks...160.80 KiB /160.80 KiB [------------------------------------------------------] 100.00%? p/s 100ms2024-12-30T10:36:55Z INFO [secret] Secret scanning is enabled
2024-12-30T10:36:55Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-30T10:36:55Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection2024-12-30T10:36:56Z INFO [terraformscanner] Scanning root module file_path="."2024-12-30T10:36:56Z WARN [terraformparser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.module="root"variables="networking"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_plan.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_selection.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.route53"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_metric_filter.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_metric_alarm.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_policy.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role_policy_attachment.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_service_linked_role.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_key_pair.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_kms_grant.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group.instance"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group_attachment.instance"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_link.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_query_log.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_network_services"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_vpc"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.self"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_endpoint.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule_association.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_zone.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret_version.fixed"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.route53_resolver"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic_subscription.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_association.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_document.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.fixed"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.placeholder"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.assume_role"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.this"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.acm_certificate"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.cloudwatch_dashboard"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_autoscaling_group"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_instance"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.efs"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.fsx_windows"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb_listener"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.s3_bucket"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.secrets"value="cty.NilVal"2024-12-30T10:36:56Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.this"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_network_services"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_vpc"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnet.this"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnets.this"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2024-12-30T10:36:57Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2024-12-30T10:36:59Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"2024-12-30T10:36:59Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"2024-12-30T10:36:59Z INFO Number of language-specific files num=02024-12-30T10:36:59Z INFO Detected config files num=4trivy_exitcode=0*****************************
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
Running Trivy in terraform/environments/nomis-combined-reporting
2025-01-02T11:00:04Z INFO [vulndb] Need to update DB
2025-01-02T11:00:04Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T11:00:04Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T11:00:06Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T11:00:06Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T11:00:06Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T11:00:06Z INFO [misconfig] Need to update the built-in checks
2025-01-02T11:00:06Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-02T11:00:09Z INFO [secret] Secret scanning is enabled
2025-01-02T11:00:09Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T11:00:09Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T11:00:10Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T11:00:10Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_plan.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_selection.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.route53" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_metric_filter.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_metric_alarm.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_policy.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role_policy_attachment.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_service_linked_role.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_key_pair.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group.instance" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group_attachment.instance" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_link.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_query_log.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_network_services" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_vpc" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.self" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_endpoint.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule_association.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_zone.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret_version.fixed" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.route53_resolver" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic_subscription.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_association.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_document.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.fixed" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.placeholder" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.assume_role" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.this" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.acm_certificate" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.cloudwatch_dashboard" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_autoscaling_group" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_instance" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.efs" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.fsx_windows" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb_listener" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.s3_bucket" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.secrets" value="cty.NilVal"
2025-01-02T11:00:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.this" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_network_services" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_vpc" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnet.this" value="cty.NilVal"
2025-01-02T11:00:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnets.this" value="cty.NilVal"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:00:12Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2025-01-02T11:00:13Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"
2025-01-02T11:00:13Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"
2025-01-02T11:00:13Z INFO Number of language-specific files num=0
2025-01-02T11:00:13Z INFO Detected config files num=4
trivy_exitcode=0
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains templates
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 169, Failed checks: 0, Skipped checks: 26
checkov_exitcode=0
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.9.1)
tflint will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running tflint in terraform/environments/nomis-combined-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Trivy in terraform/environments/nomis-combined-reporting
2025-01-02T11:00:04Z INFO [vulndb] Need to update DB
2025-01-02T11:00:04Z INFO [vulndb] Downloading vulnerability DB...2025-01-02T11:00:04Z INFO [vulndb] Downloading artifact...repo="public.ecr.aws/aquasecurity/trivy-db:2"2025-01-02T11:00:06Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"2025-01-02T11:00:06Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T11:00:06Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T11:00:06Z INFO [misconfig] Need to update the built-in checks
2025-01-02T11:00:06Z INFO [misconfig] Downloading the built-in checks...160.80 KiB /160.80 KiB [------------------------------------------------------] 100.00%? p/s 100ms2025-01-02T11:00:09Z INFO [secret] Secret scanning is enabled
2025-01-02T11:00:09Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T11:00:09Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection2025-01-02T11:00:10Z INFO [terraformscanner] Scanning root module file_path="."2025-01-02T11:00:10Z WARN [terraformparser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.module="root"variables="networking"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_plan.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_selection.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.route53"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_metric_filter.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_metric_alarm.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_policy.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role_policy_attachment.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_service_linked_role.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_key_pair.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_kms_grant.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group.instance"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group_attachment.instance"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_link.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_query_log.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_network_services"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_vpc"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.self"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_endpoint.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule_association.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_zone.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret_version.fixed"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.route53_resolver"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic_subscription.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_association.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_document.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.fixed"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.placeholder"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.assume_role"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.this"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.acm_certificate"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.cloudwatch_dashboard"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_autoscaling_group"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_instance"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.efs"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.fsx_windows"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb_listener"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.s3_bucket"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.secrets"value="cty.NilVal"2025-01-02T11:00:10Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.this"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_network_services"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_vpc"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnet.this"value="cty.NilVal"2025-01-02T11:00:11Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnets.this"value="cty.NilVal"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2025-01-02T11:00:12Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2025-01-02T11:00:13Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"2025-01-02T11:00:13Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"2025-01-02T11:00:13Z INFO Number of language-specific files num=02025-01-02T11:00:13Z INFO Detected config files num=4trivy_exitcode=0*****************************
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
Running Trivy in terraform/environments/nomis-combined-reporting
2025-01-02T11:05:17Z INFO [vulndb] Need to update DB
2025-01-02T11:05:17Z INFO [vulndb] Downloading vulnerability DB...
2025-01-02T11:05:17Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T11:05:19Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-02T11:05:19Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T11:05:19Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T11:05:19Z INFO [misconfig] Need to update the built-in checks
2025-01-02T11:05:19Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-02T11:05:20Z INFO [secret] Secret scanning is enabled
2025-01-02T11:05:20Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T11:05:20Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-02T11:05:21Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-02T11:05:21Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_plan.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_backup_selection.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.route53" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_group.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_log_metric_filter.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_cloudwatch_metric_alarm.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_policy.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_role_policy_attachment.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_iam_service_linked_role.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_key_pair.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_kms_grant.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group.instance" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_lb_target_group_attachment.instance" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_link.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_query_log.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_network_services" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.core_vpc" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_record.self" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_endpoint.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_resolver_rule_association.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_route53_zone.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_secretsmanager_secret_version.fixed" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.route53_resolver" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_security_group_rule.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_sns_topic_subscription.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_association.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_document.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.fixed" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.aws_ssm_parameter.placeholder" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.assume_role" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.data.aws_iam_policy_document.this" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.acm_certificate" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.cloudwatch_dashboard" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_autoscaling_group" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.ec2_instance" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.efs" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.fsx_windows" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.lb_listener" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.s3_bucket" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.secrets" value="cty.NilVal"
2025-01-02T11:05:21Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.random_password.this" value="cty.NilVal"
2025-01-02T11:05:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T11:05:22Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T11:05:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:22Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_network_services" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_route53_zone.core_vpc" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnet.this" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.environment.data.aws_subnets.this" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily" err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand dynamic block. block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default" err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler" value="cty.NilVal"
2025-01-02T11:05:23Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch" value="cty.NilVal"
2025-01-02T11:05:25Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"
2025-01-02T11:05:25Z INFO [terraform executor] Ignore finding rule="aws-s3-encryption-customer-key" range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"
2025-01-02T11:05:25Z INFO Number of language-specific files num=0
2025-01-02T11:05:25Z INFO Detected config files num=4
trivy_exitcode=0
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains templates
</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>
```hcl
*****************************
Checkov will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:
Passed checks: 169, Failed checks: 0, Skipped checks: 26
checkov_exitcode=0
*****************************
Running Checkov in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
CTFLint Scan Success
Show Output
*****************************
Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version:0.9.1)
tflint will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running tflint in terraform/environments/nomis-combined-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0*****************************
Running tflint in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*tflint_exitcode=0
Trivy Scan Success
Show Output
*****************************
Trivy will check the following folders:
terraform/environments/nomis-combined-reporting
terraform/environments/nomis-combined-reporting/templates
*****************************
Running Trivy in terraform/environments/nomis-combined-reporting
2025-01-02T11:05:17Z INFO [vulndb] Need to update DB
2025-01-02T11:05:17Z INFO [vulndb] Downloading vulnerability DB...2025-01-02T11:05:17Z INFO [vulndb] Downloading artifact...repo="public.ecr.aws/aquasecurity/trivy-db:2"2025-01-02T11:05:19Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"2025-01-02T11:05:19Z INFO [vuln] Vulnerability scanning is enabled
2025-01-02T11:05:19Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-02T11:05:19Z INFO [misconfig] Need to update the built-in checks
2025-01-02T11:05:19Z INFO [misconfig] Downloading the built-in checks...160.80 KiB /160.80 KiB [---------------------------------------------------------] 100.00%? p/s 0s2025-01-02T11:05:20Z INFO [secret] Secret scanning is enabled
2025-01-02T11:05:20Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-02T11:05:20Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection2025-01-02T11:05:21Z INFO [terraformscanner] Scanning root module file_path="."2025-01-02T11:05:21Z WARN [terraformparser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.module="root"variables="networking"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_plan.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_backup_selection.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.route53"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_group.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_log_metric_filter.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_cloudwatch_metric_alarm.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_policy.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_role_policy_attachment.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_iam_service_linked_role.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_key_pair.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_kms_grant.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group.instance"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_lb_target_group_attachment.instance"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_link.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_oam_sink_policy.monitoring_account_oam_sink_policy"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_query_log.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_network_services"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.core_vpc"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_record.self"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_endpoint.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_resolver_rule_association.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_route53_zone.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_secretsmanager_secret_version.fixed"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.route53_resolver"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_security_group_rule.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_sns_topic_subscription.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_association.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_document.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.fixed"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.aws_ssm_parameter.placeholder"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.assume_role"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.secretsmanager_secret_policy"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.data.aws_iam_policy_document.this"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.acm_certificate"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.cloudwatch_dashboard"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_autoscaling_group"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.ec2_instance"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.efs"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.fsx_windows"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.lb_listener"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.s3_bucket"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.secrets"value="cty.NilVal"2025-01-02T11:05:21Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.random_password.this"value="cty.NilVal"2025-01-02T11:05:22Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2025-01-02T11:05:22Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2025-01-02T11:05:22Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:22Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:22Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:22Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_network_services"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_route53_zone.core_vpc"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnet.this"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.environment.data.aws_subnets.this"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].aws_s3_object.user_public_keys"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.bastion_linux[0].data.aws_subnet.local_account"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].aws_autoscaling_group.bastion_linux_daily"err="1 error occurred:\n\t* invalid for-each in aws_autoscaling_group.bastion_linux_daily.dynamic.tag block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand dynamic block.block="module.baseline.module.bastion_linux[0].module.s3-bucket.aws_s3_bucket_lifecycle_configuration.default"err="1 error occurred:\n\t* invalid for-each in aws_s3_bucket_lifecycle_configuration.default.dynamic.rule block: cannot use a cty.NilVal value in for_each. An iterable collection is required\n\n"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_rule.alarm_scheduler"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_cloudwatch_event_target.alarm_scheduler"value="cty.NilVal"2025-01-02T11:05:23Z ERROR [terraformevaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.block="module.baseline.module.schedule_alarms_lambda[0].aws_lambda_permission.allow_cloudwatch"value="cty.NilVal"2025-01-02T11:05:25Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=836db079348a2b40d59bd9cb953111e8ad61aec1/github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=7b2b75c178f855d8c48d3bda4ac53df782288c02/main.tf:141-151"2025-01-02T11:05:25Z INFO [terraformexecutor] Ignore finding rule="aws-s3-encryption-customer-key"range="github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v8.1.0/main.tf:150-160"2025-01-02T11:05:25Z INFO Number of language-specific files num=02025-01-02T11:05:25Z INFO Detected config files num=4trivy_exitcode=0*****************************
Running Trivy in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
github-actions
bot
added
the
environments-repository
drobinson-moj
temporarily deployed
to
nomis-combined-reporting-test
GitHub Actions
Inactive
Add maintenance mode LB rule for nomis combined reporting test and preprod