feat(misconf): support https_traffic_only_enabled in Az storage account (#9784)

Signed-off-by: nikpivkin <[email protected]>

Author: nikpivkin

pkg/iac/adapters/terraform/azure/storage/adapt.go

@@ -176,8 +176,10 @@ func adaptAccount(resource *terraform.Block) storage.Account {
 		account.NetworkRules = append(account.NetworkRules, adaptNetworkRule(networkBlock))
 	}
 
-	httpsOnlyAttr := resource.GetAttribute("enable_https_traffic_only")
-	account.EnforceHTTPS = httpsOnlyAttr.AsBoolValueOrDefault(true, resource)
+	account.EnforceHTTPS = resource.GetFirstAttributeOf(
+		"enable_https_traffic_only",
+		"https_traffic_only_enabled", // provider above version 4
+	).AsBoolValueOrDefault(true, resource)
 
 	// Adapt blob properties
 	blobPropertiesBlock := resource.GetBlock("blob_properties")

pkg/iac/terraform/block.go

@@ -16,6 +16,7 @@ import (
 
 	"github.com/aquasecurity/trivy/pkg/iac/terraform/context"
 	iacTypes "github.com/aquasecurity/trivy/pkg/iac/types"
+	"github.com/aquasecurity/trivy/pkg/set"
 )
 
 type Block struct {
@@ -303,11 +304,18 @@ func (b *Block) GetAttributes() []*Attribute {
 }
 
 func (b *Block) GetAttribute(name string) *Attribute {
-	if b == nil || b.hclBlock == nil {
+	return b.GetFirstAttributeOf(name)
+}
+
+func (b *Block) GetFirstAttributeOf(names ...string) *Attribute {
+	if b == nil || b.hclBlock == nil || len(names) == 0 {
 		return nil
 	}
+
+	nameSet := set.New(names...)
+
 	for _, attr := range b.attributes {
-		if attr.Name() == name {
+		if ok := nameSet.Contains(attr.Name()); ok {
 			return attr
 		}
 	}