iac

Currently, Trivy traverses all paths and looks for all Gemfile.lock in a container image. However, the image sometimes has only Gemfile.lock and doesn't install gems listed in the Gemfile.lock. I think a gem should have *.gemspec file if it is installed. e.g. rake.gemspec has the information about rake.

To avoid false positives from Gemfile.lock, we are probably able to take advantage of `*

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

Description
To complete #554, it can make sense to add resource source details for missing resources

Example
Follow pull-request attached to issues #874 #875 #876 for examples of implementation

Add error handling during credentials onChange event so that the Scan Account feature does not activate if credentials are invalid

Because having to type the whole commands is a pain!

$ terratag -tags=var.default_tags
2020/09/24 23:09:46 Processing file cluster/ecs.tf
panic: invalid character 'v' looking for beginning of value

Is your feature request related to a problem? Please describe.
I need a way to skip tagging individual files/resources instead of only directories.

Describe the solution you'd like
Add a new parameter or modify existing skip-dirs parameter to accept file names or terraform resource IDs.

We should add support for other types of virtual networks like:

• Routed
• Open
• Isolated

In my ubuntu 20.04.2.0, i have python 2.7.18 and pip3 20.0.2.
I was trying to install prancer-basic via pip3 install prancer-basic
It get installed successfully with below warning:

WARNING: The scripts populate_json, prancer, register_key_in_azure_vault, terraform_to_json and validator are installed in '/home/r4redu/.local/bin' which is not on PATH.
  Consider adding this director