tfignore is not considered [aws-rds-enable-iam-auth]

[tb102122]

Discussed in #8015

^{Originally posted by tb102122 November 29, 2024}

Description

The tfsecc:ignore flag is ignored.
[aws-rds-enable-iam-auth][MEDIUM] - Instance does not have IAM Authentication enabled

Desired Behavior

tfsec runs successful

Actual Behavior

tfsec fails with warning

Reproduction Steps

1. run the below tf code

# tfsec:ignore:aws-rds-enable-iam-auth
module "db" {
  source  = "terraform-aws-modules/rds/aws"
  version = "~> 6"

  identifier = var.name
  db_name    = var.odoo_db_name
  username   = var.db_root_username
  tags       = var.tags

  instance_use_identifier_prefix = false
  create_db_option_group         = false
  create_db_parameter_group      = false

  engine         = "postgres"
  engine_version = var.postgres_version

  instance_class        = var.db_instance_type
  allocated_storage     = var.db_size
  max_allocated_storage = var.db_max_size

  port                   = var.db_port
  db_subnet_group_name   = var.database_subnet_group
  vpc_security_group_ids = [module.db_security_group.security_group_id]

  skip_final_snapshot     = true
  backup_window           = var.db_backup_window
  backup_retention_period = var.backup_retention_period
  copy_tags_to_snapshot   = true
  deletion_protection     = true

  performance_insights_enabled          = true
  performance_insights_retention_period = 31

}

### Target

AWS

### Scanner

Misconfiguration

### Output Format

None

### Mode

Standalone

### Debug Output

```bash
n/a

Operating System

linux_amd64

Version

Terraform v1.9.7 
tfsec v1.28.11
tflint version 0.54.0

Checklist

• Run trivy clean --all
• Read the troubleshooting

[github-actions]

Please see https://aquasecurity.github.io/trivy/latest/community/contribute/issue/