{
  "results": {
    "passed_rules": [
      {
        "rule_name": "ensurePrivateIP",
        "description": "Vulnerable to CVE-2020-8554",
        "rule_id": "AC_K8S_0002",
        "severity": "MEDIUM",
        "category": "Network Security"
      },
      {
        "rule_name": "noHttps",
        "description": "TLS disabled can affect the confidentiality of the data in transit",
        "rule_id": "AC_K8S_0001",
        "severity": "HIGH",
        "category": "Network Security"
      },
      {
        "rule_name": "amiNotEncrypted",
        "description": "Enable AWS AMI Encryption",
        "rule_id": "AC_AWS_0001",
        "severity": "MEDIUM",
        "category": "Encryption \u0026 KeyManagement"
      },
      {
        "rule_name": "rdsCAExpired",
        "description": "Ensure Certificate used in RDS instance is updated",
        "rule_id": "AC_AWS_0006",
        "severity": "HIGH",
        "category": "Data Security"
      }
    ],
    "violations": [
      {
        "rule_name": "rdsHasStorageEncrypted",
        "description": "Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance.",
        "rule_id": "AC_AWS_0003",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi6",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 82
      },
      {
        "rule_name": "rdsHasStorageEncrypted",
        "description": "Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance.",
        "rule_id": "AC_AWS_0003",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi2",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 25
      },
      {
        "rule_name": "rdsHasStorageEncrypted",
        "description": "Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance.",
        "rule_id": "AC_AWS_0003",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi3",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 39
      },
      {
        "rule_name": "rdsHasStorageEncrypted",
        "description": "Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance.",
        "rule_id": "AC_AWS_0003",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi1",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 10
      },
      {
        "rule_name": "rdsHasStorageEncrypted",
        "description": "Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance.",
        "rule_id": "AC_AWS_0003",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi4",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 55
      },
      {
        "rule_name": "rdsHasStorageEncrypted",
        "description": "Ensure that your RDS database instances encrypt the underlying storage. Encrypted RDS instances use the industry standard AES-256 encryption algorithm to encrypt data on the server that hosts RDS DB instances. After data is encrypted, RDS handles authentication of access and description of data transparently with minimal impact on performance.",
        "rule_id": "AC_AWS_0003",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi5",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 69
      },
      {
        "rule_name": "rdsIamAuthEnabled",
        "description": "Ensure that your RDS database has IAM Authentication enabled.",
        "rule_id": "AC_AWS_0004",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi2",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 25
      },
      {
        "rule_name": "rdsIamAuthEnabled",
        "description": "Ensure that your RDS database has IAM Authentication enabled.",
        "rule_id": "AC_AWS_0004",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi3",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 39
      },
      {
        "rule_name": "rdsIamAuthEnabled",
        "description": "Ensure that your RDS database has IAM Authentication enabled.",
        "rule_id": "AC_AWS_0004",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi6",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 82
      },
      {
        "rule_name": "rdsIamAuthEnabled",
        "description": "Ensure that your RDS database has IAM Authentication enabled.",
        "rule_id": "AC_AWS_0004",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi4",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 55
      },
      {
        "rule_name": "rdsIamAuthEnabled",
        "description": "Ensure that your RDS database has IAM Authentication enabled.",
        "rule_id": "AC_AWS_0004",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi5",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 69
      },
      {
        "rule_name": "rdsIamAuthEnabled",
        "description": "Ensure that your RDS database has IAM Authentication enabled.",
        "rule_id": "AC_AWS_0004",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi3",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 39
      },
      {
        "rule_name": "rdsPubliclyAccessible",
        "description": "RDS Instance publicly_accessible flag is true",
        "rule_id": "AC_AWS_0002",
        "severity": "HIGH",
        "category": "Network Security",
        "resource_name": "PtShGgAdi3",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 39
      },
      {
        "rule_name": "rdsAutoMinorVersionUpgradeEnabled",
        "description": "RDS Instance Auto Minor Version Upgrade flag disabled",
        "rule_id": "AC_AWS_0005",
        "severity": "HIGH",
        "category": "Data Security",
        "resource_name": "PtShGgAdi3",
        "resource_type": "aws_db_instance",
        "module_name": "root",
        "file": "main.tf",
        "root_path": "./",
        "line": 39
      }
    ],
    "skipped_violations": null,
    "scan_summary": {
      "file/folder": "/Users/apple/go/src/github.com/patilpankaj212/terrascan/test/e2e/test_data/iac/aws/aws_db_instance_violation",
      "iac_type": "terraform",
      "scanned_at": "2021-03-03 07:01:04.624061 +0000 UTC",
      "policies_validated": 8,
      "violated_policies": 14,
      "low": 0,
      "medium": 0,
      "high": 14
    }
  }
}