False positive with AWS provider >=4.x style bucket resources

[wyardley]

• terrascan version: 1.14.0
• Operating System: OS X

Description

Using the >=4.0 AWS provider, bucket encryption / versioning is now specified like so:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-4-upgrade#s3-bucket-refactor

With a config like this:

resource "aws_s3_bucket" "foo" {
  bucket = "foo"

  lifecycle {
    prevent_destroy = true
  }
}

resource "aws_s3_bucket_versioning" "foo" {
  bucket = aws_s3_bucket.foo.id

  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_server_side_encryption_configuration" "foo" {
  bucket = aws_s3_bucket.foo.id

  rule {
    bucket_key_enabled = false

    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}

Rules AC_AWS_0497,AC_AWS_0214, and AC_AWS_0207 all get triggered

What I Did

% terrascan scan -t aws       

	
Scan Errors - 

	IaC Type            :	arm
	Directory           :	/Users/wby/test_tfscan
	Error Message       :	ARM files not found in the directory /Users/wby/test_tfscan
	
	-----------------------------------------------------------------------
	
	IaC Type            :	docker
	Directory           :	/Users/wby/test_tfscan
	Error Message       :	Dockerfile not found in the directory /Users/wby/test_tfscan
	
	-----------------------------------------------------------------------
	
	IaC Type            :	cft
	Directory           :	/Users/wby/test_tfscan
	Error Message       :	cft files not found in the directory /Users/wby/test_tfscan
	
	-----------------------------------------------------------------------
	
	IaC Type            :	k8s
	Directory           :	/Users/wby/test_tfscan
	Error Message       :	kubernetes files not found in the directory /Users/wby/test_tfscan
	
	-----------------------------------------------------------------------
	
	IaC Type            :	kustomize
	Directory           :	/Users/wby/test_tfscan
	Error Message       :	kustomization.y(a)ml file not found in the directory /Users/wby/test_tfscan
	
	-----------------------------------------------------------------------
	
	IaC Type            :	helm
	Directory           :	/Users/wby/test_tfscan
	Error Message       :	no helm charts found in directory /Users/wby/test_tfscan
	
	-----------------------------------------------------------------------
	
	

Violation Details -
    
	Description    :	Enabling S3 versioning will enable easy recovery from both unintended user actions, like deletes and overwrites
	File           :	s3.tf
	Module Name    :	root
	Plan Root      :	./
	Line           :	1
	Severity       :	HIGH
	-----------------------------------------------------------------------
	
	Description    :	Ensure that S3 Buckets have server side encryption at rest enabled with KMS key to protect sensitive data.
	File           :	s3.tf
	Module Name    :	root
	Plan Root      :	./
	Line           :	1
	Severity       :	HIGH
	-----------------------------------------------------------------------
	
	Description    :	Ensure S3 buckets have access logging enabled.
	File           :	s3.tf
	Module Name    :	root
	Plan Root      :	./
	Line           :	1
	Severity       :	MEDIUM
	-----------------------------------------------------------------------
	

Scan Summary -

	File/Folder         :	/Users/wby/test_tfscan
	IaC Type            :	terraform
	Scanned At          :	2022-04-15 01:16:39.200675 +0000 UTC
	Policies Validated  :	10
	Violated Policies   :	3
	Low                 :	0
	Medium              :	1
	High                :	2

[wyardley]

Appears to be resolved now.