Allow excluding some paths from scanning

[parabolala]

• terrascan version: v1.15.2
• Operating System: Linux_x86_64

Description

Terrascan should allow explicitly specifying files/directories to exclude from scanning.

One of terraform config dependency modules (happens to be terraform-google-workload-identity, but doesn't really matter) comes with a bunch of examples in its directory that show up under .terraform/<my obj name>-workload-identity/examples/acm-terraform-blog-part3/config-root/wordpress-bundle.yaml.

Some of these example files don't pass terrascan scans, which is expected. We also really have no control over examples' contents, so end up getting lots of terrascan findings in these /examples/ subdirectories under .terraform.

While the underlying issue in this case is including examples in the module distribution, a reasonable solution is to complement the -d flag that specifies directories to consider with another one to provide the list or pattern of directories to exclude from scan.

[AnhQKatalon]

Having precisely the same problem. The terrascan returns too many HIGH violations related to the example directory. And we really don't need the terrascan to scan on these dirs.

[TitanRob16]

Any update? It's coming up to 2 years and this would be a great feature to have.