query(terraform): wanting to exclude Keyvault References #7247

stusklinar · 2024-09-02T13:45:08Z

Platform

Terraform

Provider

Azure

Description

I'm trying to exclude KeyVault References from showing as high/secrets when included in Terraform.

I've written an allow rule - allow anything that starts with @Microsoft.KeyVault. which is the pattern

then included that in my run

`{
"allowRules": [
{
"description": "Allow Keyvault References",
"regex": "^@Microsoft.KeyVault.*"
}

]
}`

--secrets-regexes-path /path/Pipelines/templates/kics/queries.json

It works, by virtue of now allowing everything.

I tried changing my reference to @@ expecting that to fail - but it seems to blanket allow all now.

The format for AppSettings KeyVault references is as so:

@Microsoft.KeyVault(VaultName=fMyVault;SecretName=mySecret

Thanks

The text was updated successfully, but these errors were encountered:

stusklinar added community Community contribution query New query feature labels Sep 2, 2024

github-actions bot added terraform Terraform query azure PR related with Azure Cloud labels Sep 2, 2024

stusklinar changed the title ~~query(Terraform/Azure): Wanting to exclude Keyvault References~~ query(Terraform/Azure): wanting to exclude Keyvault References Sep 2, 2024

stusklinar changed the title ~~query(Terraform/Azure): wanting to exclude Keyvault References~~ query(terraform): wanting to exclude Keyvault References Sep 2, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

query(terraform): wanting to exclude Keyvault References #7247

query(terraform): wanting to exclude Keyvault References #7247

stusklinar commented Sep 2, 2024

query(terraform): wanting to exclude Keyvault References #7247

query(terraform): wanting to exclude Keyvault References #7247

Comments

stusklinar commented Sep 2, 2024

Platform

Provider

Description