fix(misconf): do not filter Terraform plan JSON by name

[nikpivkin]

Description

Terraform Plan JSON is detected by content, so filtering files by name is unnecessary.

Related issues

• Close fix(misconf): Improve filtering of terraform JSON #7393

Before

ls
test.json

trivy conf .
2024-08-27T15:57:44+06:00	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-27T15:57:44+06:00	INFO	Detected config files	num=0

After

ls
test.json trivy

./trivy conf .
2024/08/27 15:58:35 WARN Check ID is empty file_path=lib/kubernetes/utils.rego
2024/08/27 15:58:35 WARN Check ID is empty file_path=lib/docker/docker.rego
2024/08/27 15:58:35 WARN Check ID is empty file_path=lib/kubernetes/kubernetes.rego
2024-08-27T15:58:35+06:00	INFO	[misconfig] Misconfiguration scanning is enabled
2024-08-27T15:58:35+06:00	INFO	[terraform scanner] Scanning root modulefile_path="."
2024-08-27T15:58:35+06:00	INFO	Detected config files	num=2

main.tf (terraformplan)

Tests: 3 (SUCCESSES: 1, FAILURES: 2, EXCEPTIONS: 0)
Failures: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 2, CRITICAL: 0)

HIGH: Instance does not require IMDS access to require a token
════════════════════════════════════════════════════════════════════════════════

IMDS v2 (Instance Metadata Service) introduced session authentication tokens which improve security when talking to IMDS.
By default <code>aws_instance</code> resource sets IMDS session auth tokens to be optional.
To fully protect IMDS you need to enable session tokens by using <code>metadata_options</code> block and its <code>http_tokens</code> variable set to <code>required</code>.


See https://avd.aquasec.com/misconfig/avd-aws-0028
────────────────────────────────────────────────────────────────────────────────
 main.tf:8
   via main.tf:5-9 (metadata_options)
    via main.tf:1-10 (aws_instance.bad_example)
────────────────────────────────────────────────────────────────────────────────
   1   resource "aws_instance" "bad_example" {
   2   	ami = "ami-005e54dee72cc1d00"
   3   	instance_type = "t2.micro"
   4   	source_dest_check = true
   5   	metadata_options {
   6   	http_endpoint = "enabled"
   7   	http_protocol_ipv6 = "disabled"
   8 [ 	http_tokens = "optional"
   9   	}
  10   }
────────────────────────────────────────────────────────────────────────────────


HIGH: Root block device is not encrypted.
════════════════════════════════════════════════════════════════════════════════
Block devices should be encrypted to ensure sensitive data is held securely at rest.

See https://avd.aquasec.com/misconfig/avd-aws-0131
────────────────────────────────────────────────────────────────────────────────
 main.tf:1-10
────────────────────────────────────────────────────────────────────────────────
   1 ┌ resource "aws_instance" "bad_example" {
   2 │ 	ami = "ami-005e54dee72cc1d00"
   3 │ 	instance_type = "t2.micro"
   4 │ 	source_dest_check = true
   5 │ 	metadata_options {
   6 │ 	http_endpoint = "enabled"
   7 │ 	http_protocol_ipv6 = "disabled"
   8 │ 	http_tokens = "optional"
   9 │ 	}
  10 └ }
───────────────────────────────────────────────────────────────────────────────

Checklist

• I've read the guidelines for contributing to this repository.
• I've followed the conventions in the PR title.
• I've added tests that prove my fix is effective or that my feature works.
• I've updated the documentation with the relevant information (if needed).
• I've added usage information (if the PR introduces new options)
• I've included a "before" and "after" example to the description (if the PR is a user interface change).

[simar7]

Can we also add a test for this case?

[nikpivkin]

@simar7 Added a test case 5b4ad73