From 561655fc138285f7f4d9a34c1529c590157fdebb Mon Sep 17 00:00:00 2001
From: Cesar Rodriguez <cesar@accurics.com>
Date: Tue, 2 Mar 2021 22:06:23 -0500
Subject: [PATCH] adds documentation for tfplan scanning

---
 README.md                     |  6 +++---
 docs/getting-started/usage.md | 18 ++++++++++++++----
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 6a6c3bdb2..d57ed26e8 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@
 [![codecov](https://codecov.io/gh/accurics/terrascan/branch/master/graph/badge.svg)](https://codecov.io/gh/accurics/terrascan)
 [![community](https://img.shields.io/discourse/status?server=https%3A%2F%2Fcommunity.accurics.com)](https://community.accurics.com)
 [![Documentation Status](https://readthedocs.com/projects/accurics-terrascan/badge/?version=latest)](https://docs.accurics.com/projects/accurics-terrascan/en/latest/?badge=latest)
-[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg)](code_of_conduct.md) 
+[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg)](code_of_conduct.md)
 
 Terrascan detects security vulnerabilities and compliance violations across your Infrastructure as Code. Mitigate risks before provisioning cloud native infrastructure. Run locally or integrate with your CI\CD.
 
@@ -17,7 +17,7 @@ Terrascan detects security vulnerabilities and compliance violations across your
 
 ## Features
 * 500+ Policies for security best practices
-* Scanning of Terraform (HCL2)
+* Scanning of Terraform (HCL2 and terraform plan output)
 * Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3
 * Support for AWS, Azure, GCP, Kubernetes and GitHub
 
@@ -144,7 +144,7 @@ RUN git clone https://github.com/accurics/terrascan && cd terrascan \
 To learn more about developing and contributing to Terrascan refer to the [contributing guide](CONTRIBUTING.md).
 
 ## Code of Conduct
-We believe having an open and inclusive community benefits all of us. Please note that this project is released with a [Contributor Code of Conduct](code_of_conduct.md). By participating in this project you agree to abide by its terms. 
+We believe having an open and inclusive community benefits all of us. Please note that this project is released with a [Contributor Code of Conduct](code_of_conduct.md). By participating in this project you agree to abide by its terms.
 
 ## License
 
diff --git a/docs/getting-started/usage.md b/docs/getting-started/usage.md
index 6d89dd4dd..389c79153 100644
--- a/docs/getting-started/usage.md
+++ b/docs/getting-started/usage.md
@@ -107,13 +107,14 @@ Flags:
   -h, --help                      help for scan
   -d, --iac-dir string            path to a directory containing one or more IaC files (default ".")
   -f, --iac-file string           path to a single IaC file
-  -i, --iac-type string           iac type (helm, k8s, kustomize, terraform)
-      --iac-version string        iac version (helm: v3, k8s: v1, kustomize: v3, terraform: v12, v13, v14)
+  -i, --iac-type string           iac type (helm, k8s, kustomize, terraform, tfplan)
+      --iac-version string        iac version (helm: v3, k8s: v1, kustomize: v3, terraform: v12, v13, v14, tfplan: v1)
   -p, --policy-path stringArray   policy path directory
   -t, --policy-type strings       policy type (all, aws, azure, gcp, github, k8s) (default [all])
-  -r, --remote-type string        type of remote backend (git, s3, gcs, http)
+  -r, --remote-type string        type of remote backend (git, s3, gcs, http, terraform-registry)
   -u, --remote-url string         url pointing to remote IaC repository
       --scan-rules strings        one or more rules to scan (example: --scan-rules="ruleID1,ruleID2")
+      --severity string           minimum severity level of the policy violations to be reported by terrascan
       --skip-rules strings        one or more rules to skip while scanning (example: --skip-rules="ruleID1,ruleID2")
       --use-colors string         color output (auto, t, f) (default "auto")
   -v, --verbose                   will show violations with details (applicable for default output)
@@ -122,7 +123,7 @@ Global Flags:
   -c, --config-path string   config file path
   -l, --log-level string     log level (debug, info, warn, error, panic, fatal) (default "info")
   -x, --log-type string      log output type (console, json) (default "console")
-  -o, --output string        output type (human, json, yaml, xml) (default "human")
+  -o, --output string        output type (human, json, yaml, xml, junit-xml) (default "human")
 ```
 
 By default Terrascan will output human friendly format. This can be changed to YAML, JSON, or XML by using the `-o` flag.
@@ -139,6 +140,15 @@ $ terrascan scan -t aws -r git -u git@github.com:accurics/KaiMonkey.git//terrafo
 
 The URLs for the remote should follow similar naming as the source argument for modules in Terraform. More details [here](https://www.terraform.io/docs/modules/sources.html).
 
+#### Terraform plan output
+For a deeper scan, where the interpolation of variables has been resolves, Terrascan can evaluate the output of the `terraform plan` command when it's converted to JSON. Here's an example on how to accomplish this:
+
+``` Bash
+$ terraform plan -out tfplan.out
+$ terraform show -json tfplan.out > tfplan.json
+$ terrascan scan -i tfplan -t aws -f tfplan.json
+```
+
 #### Helm
 
 Helm chart can be scanned by specifying "helm" on the -i flag as follows: