terraformcheckov

Receiving a parsing error while using Checkov


Below is an attempt to run a checkov scan on a plan file

terraform init
terraform plan -out tf.plan
terraform show -json tf.plan  > tf.json 
checkov -f tf.json`

Below is the beginning of what the output shows:

cloudformation scan results:

Passed checks: 0, Failed checks: 0, Skipped checks: 0, Parsing errors: 1

Error parsing file tf.json
terraform_plan scan results:

Passed checks: 32, Failed checks: 4, Skipped checks: 0

I am trying to remove the Parsing Error from file tf.json. The JSON file is located in the link https://terraform-plan-file-1.s3.amazonaws.com/tf.json. The closest thing to my error that I found was in the link below https://issueexplorer.com/issue/bridgecrewio/checkov/1903 However removing nulls manually does not seem like a good fix. Also if I remove them, what should I replace them with?


Solution

  • If you're scanning a plan file, I think it makes sense to specify the framework flag like so:

    checkov -f tfplan.json --framework terraform_plan
    

    That should get rid of the parsing error. The parsing error occurs since checkov tries to scan the json plan file assuming it's cloudformation json and fails.