{
  "repo": "sample/terraform-demo",
  "scanner": "checkov",
  "framework": "terraform",
  "summary": {
    "passed": 3,
    "failed": 5,
    "skipped": 1
  },
  "failed_checks": [
    {
      "check_id": "CKV_AWS_24",
      "resource": "aws_security_group.web",
      "severity": "HIGH",
      "message": "Ensure no security groups allow ingress from 0.0.0.0:0 to port 22",
      "file": "main.tf",
      "line_range": "10-17"
    },
    {
      "check_id": "CKV_AWS_3",
      "resource": "aws_ebs_volume.data",
      "severity": "HIGH",
      "message": "Ensure all data stored in the EBS is securely encrypted",
      "file": "main.tf",
      "line_range": "20-24"
    },
    {
      "check_id": "CKV_AWS_21",
      "resource": "aws_s3_bucket.artifacts",
      "severity": "MEDIUM",
      "message": "Ensure all data stored in the S3 bucket have versioning enabled",
      "file": "main.tf",
      "line_range": "26-28"
    },
    {
      "check_id": "CKV_SECRET_6",
      "resource": "provider.aws",
      "severity": "CRITICAL",
      "message": "Base64 high entropy string found in source",
      "file": "main.tf",
      "line_range": "1-5"
    },
    {
      "check_id": "CKV_AWS_111",
      "resource": "aws_iam_policy.wildcard",
      "severity": "HIGH",
      "message": "Ensure IAM policies do not allow write access without constraints",
      "file": "main.tf",
      "line_range": "30-40"
    }
  ]
}