Releases: tenable/terrascan
v1.8.1
Changelog
35afbe6 Add support for arm linked templates (#903)
2443118 Do not initiate policy engine incase of --config-only flag
cf582eb Remove unnecessary KMS deletion window code (#918)
35c7ca1 Update mkdocs from 1.2.1 to 1.2.2 (#935)
dbf90e8 Update mkdocs-material from 7.1.10 to 7.1.11 (#938)
29201a7 Update mkdocs-material from 7.1.9 to 7.1.10 (#929)
ef959f1 Update overview.md (#919)
656744d Updating the dax cluster policy (#909)
8bba815 add github-sarif writer for github suited sarif output (#907)
89555e5 add integrations overview and minor fixes (#913)
80c00e0 fix error log message for terraform file (#914)
c9d73e0 fix go mod files (#941)
73bcc12 fix(sws/cloudfront): wrong check tls version (#928)
d231a43 fixed e2e test cases for --config-only
5513a0f fixes: broken doc links (#921)
1721cde minor-doc-fix (#916)
c299d50 policy to detect a service without selector (#931)
bf23634 release v1.8.1 (#942)
87efa51 terraform 0.15 support (#860)
aba0d62 update getting started and Usage, fix links (#920)
v1.8.0
Changelog
325985d Add ID Field in Azure Policies (#872)
9e962b9 Add Microsoft Azure ARM as an IaC Provider (#736)
95b02c4 Added "id" field support & policy validation tests (#843)
7a4de55 Addind AWS Network Security Policies (#866)
32a4c15 Adding Id fix for github policies (#874)
6e3cc71 Adding missing Id field for GCP policies (#870)
6b7b83f Bugfix/az nw sec policies (#862)
4bbb647 Bugfix/k8s id field (#873)
bcc4cf2 Change api, Add support for s3 bucket resource and better cft loader (#865)
9f050b3 Fix authorization header for http request (#877)
b8fda7c Fixes incorrect filepath reporting in sarif output & added e2e tests for sarif output (#863)
7fd8ba0 Minor documentation fixes (#908)
1b58346 Spilt usage docs (#890)
c3f372f Update Integration Docs.md (#885)
c43ec4a Update cicd.md (#901)
51a71f8 Update cicd.md (#902)
4bf9b35 Update mkdocs from 1.1.2 to 1.2.1 (#886)
1db0999 Update mkdocs-material from 7.1.4 to 7.1.8 (#859)
0734df7 Update mkdocs-material from 7.1.8 to 7.1.9 (#895)
a74765d Update usage.md (#893)
decb1e9 Updates documentation on Terrascan github action (#894)
c04acd4 Updating network security policies for GCP (#869)
bedfaa1 Use CGO independent package for sqlite (#906)
40c0aa8 add in-file instrumentation segment (#910)
36ca6eb add proper values via metadata (#888)
7d20723 adding ID field (#871)
c642063 fix broken link to usage.md (#855)
80902fa fix error messages reported from hcl diags (#911)
2ca5eb1 fix(pkg/policies/opa/rego/azure/azurerm_container_registry/containerregistryresourcelock.rego): check correct fields (#858)
617ef74 fixed sarif unit tests hardcoding code smell (#857)
cee9ab4 fixes: recursive loop when parent and child module has same local block (#900)
4fd7642 improves: filename in remote module (#867)
2fdc14d k8s policies refactor (#879)
0f0be20 mod policies to achieve parity with siac (#878)
1f316eb release v1.8.0 (#912)
v1.7.0
Changelog
95aba12 Add AWS CFT as an IaC Provider (#815)
a4d7af9 1. fix failing test due to log message assertion (#812)
b899922 Add ID Field for AWS Policies' Metadata (#831)
48f92ef Add ID Field for K8s Policies' Metadata (#826)
cb2be19 Add module name in violation summary for terraform scans (#774)
07c1e4f Add a kustomize based guide for setting up terrascan server and validating webhook in kubernetes (#739)
0a1912f Add e2e tests for k8s admission control validating webhook (#772)
1d7e5b9 Add webhook setup capability and remote repo scan capability in the helm charts (#778)
940a446 Added source_range 0.0.0.0/0 (any) to avoid rule violations (#776)
3f02324 Adding Aws new policies cloudTrail (#810)
5f4b15a Adds support to scan config resources with applicable policies & Refactors filteration (#803)
5057073 Adds: in-file instrumentation for resource prioritizing (#802)
05e4db3 Automate generation of TLS Certs using Helm (#779)
8fc20b2 Bugfix/use ref id old format (#846)
0f03866 Bump up to Go 1.16 (#836)
9adfe1d Do not trim resource id from tfplan json (#825)
53eda39 Documentation (#768)
37cef51 Feature/az id field (#808)
72e3ebc Fix accurics.azure.AKS.3 (#712)
0eae483 Fixing the bug for google_kms_crypto_key policies (#848)
01c8d78 Initial addition of terrascan helm chart (#688)
636515e JSON and Rego updated (#787)
82e5242 Support for spaces in policy reference_id (#833)
0cf4ed6 Update mkdocs-material from 7.1.2 to 7.1.4 (#746)
9db3868 Update mkdocs-redirects from 1.0.1 to 1.0.3 (#710)
d7e16f6 Update policy description to match correct port. (#777)
9ac1667 Update usage.md (#765)
1839b24 [feat.] Merge Webhook and Server Helm Chart (#817)
1229942 [fix] Add Alternate names for k8s services (#834)
9ff6f2f add check for env vars and kms, fixes #682 (#827)
0d8bc97 add id field for matching policies siac/terrascan (#824)
0ed8ef7 add logging middleware for server (#785)
afc2a18 add support for YAML format for terrascan config file (#816)
fafdda4 add support for sarif format violation reports (#806)
dc0b428 add validation for tls private key and cert file values (#771)
971845a bucket policy check false positive fix (#828)
358fc67 check for loopback addresses in endpoint slice (#830)
a3f26c1 config file changes for terrascan server (#780)
b012204 enhancing aws policies (#829)
23bb0ae fix multierror variable issue for helm, kustomize and k8s (#818)
cbbde51 fix terraform inner block reference resolution (#844)
0c3c547 fix: add validation for module local source dir in terraform iac (#793)
0e4c830 fix: modified docker file to use UID of user (#773)
eff166f fix: moves the pending test to running (#819)
5060bbb fixing the policy (#847)
ff2c2a5 improve unit tests for config reader package (#820)
66159bd making file paths relative for k8s IaC (#821)
e4ae20c policy metadata changes to include policy_type and resource_type (#792)
9316d5d reference ids with & and fixed (#845)
446b80f release 1.7.0 (#850)
bea2473 removed pod level securityContext support (#790)
669631a shifted custom atlantis container source under integrations/ directory (#758)
696481d shifted opa engine warning message to debug log level (#800)
dec6618 type assertion check for hcl.Body (#832)
v1.6.0
Changelog
9c4918e AWS policy pack update (#737)
964167b Adding release checklist (#734)
4590a3a Feature/aws new policies sp (#751)
2d06d74 Fix NSG associations (#727)
d242c2e Gh action terrscan_atlantis release (#733)
e6e6b8e Update admission-controller-webhooks-usage.md (#722)
320b191 Update mkdocs.yml (#741)
0c7f4ca add terrascan atlantis container files, scripts and doc. (#684)
c44734a adds agrocd integration dockerfile, scripts, doc and examples (#732)
52481bc adds implementation for skipped server mode k8s scan e2e tests (#706)
762c561 adds support to scan directory with all iac providers in cli mode (#674)
dee8090 adds support to scan sub folders for terraform iac provider (#640)
881417a changes for argocd integration (#724)
4878eeb doc: add homebrew badge (#714)
0af155d fix failing test (#740)
3bd67ae fixes infinite loop while local variable resolution for terraform (#700)
02c8bce modify iac dir path validation (#720)
95a739e release v1.6.0 (#764)
ba7a76a update argo cd documentation (#742)
d8fd9c4 update version (#713)
v1.5.1
Changelog
e8e5281 Handle multiple vpc flow logs (#680)
a09b879 Moving linux builds to static builds (#708)
aecf28d Update index.md (#707)
4c66c22 adding new policy and enhancing the nosiy policy (#575)
5a289d6 adds changelog for v1.5.0 (#692)
5669cbf fix severity output case insensivity fix (#691)
7962a8f updates installation instructions to deduct latest release (#695)
v1.5.0
Changelog
5abf9af 1. fix panic for list variable with no type definition in terraform config (#654)
dbaf3a1 AWS Risk Category Changes (#603)
cca6d2f AWS new Categories (#581)
dfc0d08 Add /go/bin to PATH. (#637)
317a536 Adding openssh to Dockerfile for downloading modules via ssh (#625)
1d1addf Adding support to scan IAC from atlantis workflow (#648)
bc364ad Azure Risk Category Changes (#604)
1752bb7 Bugfix/revert policies (#602)
55c1ae1 Category flag e2e tests (#605)
2033718 Fixes broken link in README (#671)
1257ec2 Fixes docs format (#661)
d1a198c Log error in LoadIacDir before continuing (#613)
225a914 Makes saving of admission requests configurable via a config file option (#665)
c39c7fa Making Category Changes (#606)
c6aef0b Moving from goreleaser GH action (#694)
02d312e New Policies for Azure & Category Updates. (#580)
8625834 Reorganized and Updated docs (#655)
23ca9f7 Support for authenticated tf module download (#658)
9546bcc Take file extension from uploaded file (#593)
6bdcf0c Terrascan K8s New categories and ruleRef ID changes (#583)
a30788a Terrascan init and config handling refactor (#576)
4a20105 Update cicd.md (#667)
c61f306 Update mkdocs-material from 7.0.1 to 7.0.5 (#590)
4d12986 Update mkdocs-material from 7.0.5 to 7.0.6 (#615)
41b159c Update mkdocs-material from 7.0.6 to 7.1.0 (#636)
6929cb2 Update mkdocs-material from 7.1.0 to 7.1.2 (#676)
714cf60 Update mkdocs.yml (#660)
a4db22d Update route53LoggingDisabled.rego to ignore private zones (#626)
dbb5a91 Updating Rule reference Id's and Policy categories (#582)
71b776f add authentication with API key for the /logs endpoint (#663)
dcfbd54 add support for kubernetes validating admission webhook
6604c23 adds support to run k8s validating webhook without dashboard by default (#683)
a3bcac7 feature: add support to specify desired categories of violations to be reported (#547)
4df6ce6 filepath fixes in e2e tests (#591)
a11f71e fix - init behavior change (#624)
258206b fix - process local sources in remote modules for terraform iac
6103c45 fix kustomize scan breakage on windows (#630)
114222a fix panic for floating point variables for terraform cty types(#653)
585edcc fix recursive variable reference resolution for terraform (#677)
5db6cb2 fix windows tests (#635)
23c8281 make k8s source paths relative to the provided directory for scanning
b6732c7 policy download refactor (#618)
adf9e7f release v1.5.0 (#689)
9baf154 resolve complex variable types for terraform and add unit tests (#657)
9fe74b4 revert k8s old changes (#608)
538b9ed update helm default chart name and namespace values (#589)
99dc630 updating documentation for k8s admission control (#679)
71a677f v1.4.0 doc updates (#588)
v1.4.0
Changelog
2a7627a Adding code of conduct
2296d3a Adds support for scanning tfplan json file (#562)
e838bb5 Bump github.com/spf13/cobra from 1.0.0 to 1.1.1 (#493)
91c018a Fixed incorrect description of a rego policy for RDS encryption
bbe97ce Initial changes for e2e testing framework (#553)
7b3593f Merge pull request #501 from dev-gaur/severity_flag
efeed62 Merge pull request #527 from patilpankaj212/support-junitXML
dabcffb Merge pull request #532 from nathannaveen/nathan/fix/Initializes_Terrascan
f14d608 Merge pull request #534 from dev-gaur/update_readme
1afca98 Merge pull request #537 from accurics/docs/v1.3.2
c406568 Merge pull request #541 from patilpankaj212/log-level-fixes
9f3569b Merge pull request #542 from alex-petrov-vt/issue538
b785481 Merge pull request #545 from jlk/add-code-of-conduct
10d6706 Merge pull request #552 from dev-gaur/fix_terrascan_init
f9aea57 Merge pull request #558 from dev-gaur/bump_versions
f4d7465 Update CHANGELOG.md
b579bec Update mkdocs-material from 6.2.7 to 6.2.8 (#539)
98e57b3 Update mkdocs-material from 6.2.8 to 7.0.1 (#567)
69541fb add options to specify desired severity level of violations to be reported
237c04e add writer for junit-xml
58e5f45 added tests for NewExecutor func
bda153e adds e2e test scenarios for help and scan command (#564)
bbb4a56 adds e2e tests for api server (#585)
6728908 adds support to display passed rules (#572)
b93b508 bump versions to v1.3.3
6b79a9c changed the description message (#559)
26bae02 enhancement: scan terraform registry modules as remote type (#513)
78f6458 fix - improved description for init command
1027346 fix filepaths and home directory lookup (#566)
b24b89b fix the 'repo already exist' bug and improve error logging for terrascan init
fa44485 fix: renamed the json file to remove spaces (#560)
f390891 fixes typo
3ef25b6 include docs for latest policy updates
3ffda3e incorporate review changes
3e5170b log level changes for load iac functions
ab29871 release 1.4.0 (#586)
6d9e34e reverts to master version
065e010 support for config_only option in api server file scan output (#579)
57ade8a updated go module files (#557)
82dc401 updated readme for v1.3.2
bdfcba8 updates changelog for v1.3.2
ba304e5 updates with new version
v1.3.3
Changelog
1d244a6 Adding code of conduct
4d16e32 Bump github.com/spf13/cobra from 1.0.0 to 1.1.1 (#493)
54f740b Fixed incorrect description of a rego policy for RDS encryption
9088544 Merge pull request #509 from accurics/amirbenv-patch-1
62069cb Merge pull request #514 from accurics/pyup-update-mkdocs-material-6.2.5-to-6.2.6
78dd045 Merge pull request #515 from harkirat22/policy/k8s-improvement
ae9effc Merge pull request #516 from harkirat22/policy/aws-launch-config
47d55e0 Merge pull request #517 from gaurav-gogia/fix_405
fd73ed6 Merge pull request #518 from gaurav-gogia/fix_376
31bd625 Merge pull request #520 from harkirat22/harkirat22/bug-fix
dd0643a Merge pull request #522 from harkirat22/aws-instance-policies
7682371 Merge pull request #523 from gauravgahlot/docs-fixes
5641824 Merge pull request #524 from accurics/pyup-update-mkdocs-material-6.2.6-to-6.2.7
0b0e9ec Merge pull request #526 from harkirat22/fix_391
40a9ac6 Merge pull request #529 from dev-gaur/fix#521
4febd3b Merge pull request #531 from dev-gaur/init_hot_fix
8c8afcd Update CHANGELOG.md
372796a Update CHANGELOG.md
270f7fd Update README.md
d6827b2 Update mkdocs-material from 6.2.5 to 6.2.6
9265b67 Update mkdocs-material from 6.2.6 to 6.2.7
439de58 Update mkdocs-material from 6.2.7 to 6.2.8 (#539)
b7f17a1 add support for pod container
fcec126 adding new rule to fix bug #391
029a082 bump terrascan version to v1.3.2
1d869c1 bump versions to v1.3.3
6e7a4dd fix - improved description for init command
8cb8e7c fix the 'repo already exist' bug and improve error logging for terrascan init
9b134e8 fix typos in docs
aba0c76 fixes #376
4eb3d33 fixes #405
ed57996 fixes typo
471b58e include docs for latest policy updates
92942a9 incorporate review changes
0868005 log level changes for load iac functions
7deaf8e made rule reference ids unique, solves bug#519
afb7ec5 new set of policies for EC2 instance
0fda427 policy for instance profile (launch config)
52625fd policy to check launch config has imdsv1
cc306bc policy to check monitoring for launch config
e2ff0a7 policy to check security group for lauch config
24bdc7a refactor init command for robust policy download checks
1fa832f removed irrelevant error
0afa877 removed local policy testing folder
31cff39 reverts to master version
df1bd8a terrascan init will download new policies
1d25c62 updated CHANGELOG.md
3869f87 updated go module files (#557)
6d348fe updated readme for v1.3.2
25ce756 updates changelog for 1.3.1
226f00e updates changelog for v1.3.2
cde0357 updates docs with 1.3.1 version
0c72906 updates with new version
v1.3.2
Changelog
9088544 Merge pull request #509 from accurics/amirbenv-patch-1
62069cb Merge pull request #514 from accurics/pyup-update-mkdocs-material-6.2.5-to-6.2.6
78dd045 Merge pull request #515 from harkirat22/policy/k8s-improvement
ae9effc Merge pull request #516 from harkirat22/policy/aws-launch-config
47d55e0 Merge pull request #517 from gaurav-gogia/fix_405
fd73ed6 Merge pull request #518 from gaurav-gogia/fix_376
31bd625 Merge pull request #520 from harkirat22/harkirat22/bug-fix
dd0643a Merge pull request #522 from harkirat22/aws-instance-policies
7682371 Merge pull request #523 from gauravgahlot/docs-fixes
5641824 Merge pull request #524 from accurics/pyup-update-mkdocs-material-6.2.6-to-6.2.7
0b0e9ec Merge pull request #526 from harkirat22/fix_391
40a9ac6 Merge pull request #529 from dev-gaur/fix#521
4febd3b Merge pull request #531 from dev-gaur/init_hot_fix
fed8436 Merge pull request #533 from dev-gaur/release_v1.3.2
372796a Update CHANGELOG.md
270f7fd Update README.md
d6827b2 Update mkdocs-material from 6.2.5 to 6.2.6
9265b67 Update mkdocs-material from 6.2.6 to 6.2.7
b7f17a1 add support for pod container
fcec126 adding new rule to fix bug #391
029a082 bump terrascan version to v1.3.2
9b134e8 fix typos in docs
aba0c76 fixes #376
4eb3d33 fixes #405
7deaf8e made rule reference ids unique, solves bug#519
afb7ec5 new set of policies for EC2 instance
0fda427 policy for instance profile (launch config)
52625fd policy to check launch config has imdsv1
cc306bc policy to check monitoring for launch config
e2ff0a7 policy to check security group for lauch config
24bdc7a refactor init command for robust policy download checks
0afa877 removed local policy testing folder
df1bd8a terrascan init will download new policies
25ce756 updates changelog for 1.3.1
cde0357 updates docs with 1.3.1 version
v1.3.1
Changelog
3bc7f14 1. initial changes for registry module support 2. fix issue of remote module containing local modules
390eed3 1. initial changes for registry module support 2. fix issue of remote module containing local modules
bfbd608 1. initial changes for registry module support 2. fix issue of remote module containing local modules
78fd1d2 1. initial changes for registry module support 2. fix issue of remote module containing local modules
5885f2c Bump github.com/hashicorp/go-getter from 1.5.1 to 1.5.2
181d5b3 Bump github.com/hashicorp/go-retryablehttp from 0.6.6 to 0.6.8
e153cde Merge branch 'master' into dependabot/go_modules/github.com/hashicorp/go-getter-1.5.2
13670d7 Merge branch 'remote-module-support' of https://github.com/patilpankaj212/terrascan into remote-module-support
3589f96 Merge branch 'remote-module-support' of https://github.com/patilpankaj212/terrascan into remote-module-support
8e3e41b Merge pull request #495 from accurics/dependabot/go_modules/github.com/hashicorp/go-getter-1.5.2
a8461cf Merge pull request #496 from accurics/dependabot/go_modules/github.com/hashicorp/go-retryablehttp-0.6.8
26c7ee4 Merge pull request #503 from accurics/readme_skip
51aaf1f Merge pull request #505 from patilpankaj212/remote-module-support
51b686e Merge pull request #507 from williepaul/fix-darwin-arm64-build
6a282a9 Merge pull request #508 from kanchwala-yusuf/v1.3.1
64e6608 Update README.md
e6691bb Update README.md
ee2a46d Update README.md
1abfc7a Update README.md
b452f0a Update README.md
bf49487 Update README.md
4b7462e fix dependencies that were breaking the darwin/arm64 build
bc015ac fix static check failure
8cb68f1 fix static check failure
f784302 fix static check failure
4ccc1d0 go mod tidy
1fe039d refactor DownloadRemoteModule func and more tests
19128c9 refactor DownloadRemoteModule func and more tests
e64db7f refactor DownloadRemoteModule func and more tests
88073ee release v1.3.1
3b70d88 tests for remote module
48ae5d9 tests for remote module
32c1196 tests for remote module
7f02c6b tests for remote module