PlatformResourcesSign inSign Up

IaC Resources

Suggest Edits

Fixing Errors in IaC Files

Overview

On the Projects page you will find details of errors found in IaC files scanned by Bridgecrew.
The image below shows entries for errors in multiple files within a repository.

1387

📘

Basic Fixes and Smart Fixes

A Basic Fix is one for which there is only one option for replacing a problematic configuration. For example, changing Encryption = False to Encryption = True .
A Smart Fix is when the value required to correct an error can only be determined based on similar past scenarios. For example, if a resource that was not compliant with Policy A, later passed the check for Policy A. Bridgecrew maintains details of these cases, that is, the delta that enabled the resource to pass, and offers them as possible correction values.
Later, when a resource fails on Policy A, Bridgecrew will propose Smart Fixes using the values learned from previous scans.

Fix Basic Errors

Errors that can be fixed appear with FIX and the suggested correction is shown in the code.

978

To fix an error.

  1. Press Fix on one or more entries.
1553
  1. Press Submit.
1542

Smart Fixes

Smart fixes are offered in cases where the correct value of a problematic parameter is environment- or scenario-specific but which could be derived from previous similar cases. In these cases, Bridgecrew will offer multiple suggestions for fixing the error.

To apply a Smart Fix:

  1. Select one of the options that appear in the Smart Fix list.
  2. Press Fix
    You can repeat steps 1 and 2 for multiple entries.
  3. Press Submit.
2077

Variables and Modules in Terraform Files

Overview

If a configuration in your Terraform files references a Variable or a Module, Bridgecrew Cloud uses a best-effort approach to identify Incidents, detail misconfigurations, and when possible, offer Remediation.

Modules

If a configuration references an external module (for example, from the Terraform Registry), Bridgcrew checks the source and, if a misconfiguration is found, creates an Incident.
The Incident shows the problematic configuration and indicates its source, but no Remediation is offered.

995

If the referenced Module is internal and in the same repository as the Terraform IaC files, the misconfiguration and the proposed fix are displayed, and Remediation is available.

Variables

If a configuration references a variable defined elsewhere but either in the same file or the same repository, the Bridgcrew scan looks at the variable (or even multiple variables in a case of nesting) displays the misconfiguration and the proposed fix and Remediation is available.

977

Updated over 1 year ago