Terraform

We already have some scripts in the scripts directory. It would be good to run them for every PR.
This is also a great task for beginners.

The cors_config.origin_override argument is shown in the example on the aws_cloudfront_response_headers_policy resource reference page. But the cors_config.origin_override is missing in the cors_config Argument Reference section.

I suggest adding MongoDB Atlas to the supported cloud as a feather.

Currently there is no way to customize the terraform or terragrunt command you are running in each session when you go through the functions in terraform package, such as terraform.Apply or terraform.TgApplyAll if it isn't supported in terraform.Options. This is limiting if your code depends on flags like parallelism or terragrunt flags like --terragrunt-include-external-dependencies.

Currently, terragrunt hclfmt will tell you if there are errors with your hcl file, but not display what they are if you are using --terragrunt-check flag. Example:
terragrunt hclfmt --terragrunt-check --terragrunt-log-level error

terraform fmt has this functionality with the -diff switch to show you what changes it would end up doing, which is great for CI and the end-user feedback l

The current blue links are sometimes not easy to read, e.g. see the first screenshot from a user vs the second screenshot from my terminal (iTerm2):

![Screen Shot 2021-12-03 at 7 17 55 PM](https://user-images.githubusercontent.com/638577/144636188-c01e185d-c4eb-4ad8-bfbc-0a8cd8b40fee

Is your feature request related to a problem? Please describe.
We're trying to switch our CI system from amd64 machines to arm64, to save money on AWS. We're running into a problem with our builds that use tfsec, because the docker image for tfsec is only published for amd64 architecture.

Describe the solution you'd like
If there was an arm64 version of the [tfsec docker image](https:

CKV_AWS_116 flags any Lambda without a dead-letter queue (DLQ) enabled. There's no explanation given for this recommendation:

https://docs.bridgecrew.io/docs/ensure-that-aws-lambda-function-is-configured-for-a-dead-letter-queue-dlq

AWS has retired it from their Foundational Security Best Practices controls on August 31, 2021:

https://docs.aws.amazon.com/securityhub/latest/userguide/securi

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

Description

We all have an aws_api_gateway_account resource inside each region of AWS that will by default output as unmanaged. We s