Found a bug? You're welcome to 
Problem: The KICS SAST scan flagged the 'S3 Bucket Policy Accepts HTTP Requests' vulnerability. During remediation testing, I discovered that the KICS parser only successfully evaluates static policy documents. If the policy document contains dynamic Terraform blocks (like count or for_each), KICS fails to parse them and cannot detect the SSL enforcement rule.
Expected Behavior
(Which results are expected from KICS?)
No positive for KICS scan finding 'S3 Bucket Policy Accepts HTTP Requests'
Found a bug? You're welcome to
Problem: The KICS SAST scan flagged the 'S3 Bucket Policy Accepts HTTP Requests' vulnerability. During remediation testing, I discovered that the KICS parser only successfully evaluates static policy documents. If the policy document contains dynamic Terraform blocks (like count or for_each), KICS fails to parse them and cannot detect the SSL enforcement rule.
Expected Behavior
(Which results are expected from KICS?)
No positive for KICS scan finding 'S3 Bucket Policy Accepts HTTP Requests'