Edit a Terrascan Scan Configuration

Note: You can only edit a Terrascan scan configuration in Nessus Expert.

You can update the settings of a Terrascan scan configuration whenever you are not using it to perform a scan.

To edit a Terrascan scan configuration:

  1. Under Resources in the left-side navigation pane, click Terrascan.

    The Terrascan > About page appears.

  2. Below Terrascan, click the Scans tab.

    The Terrascan > Scans page opens.

  3. Do one of the following:

    1. In the scan table, double-click the scan configuration.

      The configuration's scan history page appears.

    2. In the upper-right corner, click Configure.

      The scan configuration page appears.

    or

    1. In the scan table, roll over the scan you want to edit.

    2. In the scan row, click the button.

      The scan configuration page appears.

  4. Edit the scan configuration settings:

  5. Setting Description
    Configuration Name The name of the Terrascan scan configuration.
    Logging
    Command Output Format Determines the output logging format (separate from the actual scan results). You can chose json or console.
    Log Level

    Determines the output verbosity level:

    • info

    • debug

    • warn

    • error

    • panic

    • fatal

    Verbose Violations Determines whether the scan logs violations with details.
    Scanning
    IAC Type

    Determines the Infrastructure as Code (IAC) type.

    • all

    • arm

    • cft

    • docker

    • helm

    • k8s

    • kustomize

    • terraform

    • tfplan

    Minimum Severity Determines the minimum violation severity that Terrascan reports. You can choose low, medium, or high.
    Non-recursive Determines whether the scan recurses into subdirectories of the repository.
    Output Format

    Determines the scan result output format:

    • human

    • json

    • yaml

    • xml

    • junit-xml

    • sarif

    • github-sarif

    Output Passed Rules Determines whether the scan results show passed rules.
    Policy Type

    The policy type or types to include in the scan:

    • all

    • aws

    • azure

    • docker

    • gcp

    • github

    • k8s

    Remote Type

    Determines the remote repository type:

    • git

    • s3

    • gcs

    • http

    • terraform-registry

    Note: You need to make Git available on the Nessus host to select the Git type.
    Remote URL

    The URL of the remote IAC registry.

    Remote URL Branch The branch of the remote IAC registry.
  6. Click Save.

    Nessus Expert saves the new configuration options.