From 185ce8ab66cbd96b10d9b9194e1b28e4a12cef19 Mon Sep 17 00:00:00 2001
From: gruebel <33207684+gruebel@users.noreply.github.com>
Date: Mon, 10 Nov 2025 23:02:12 +0000
Subject: [PATCH 1/4] chore: update release notes

---
 CHANGELOG.md | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5dffde9ddf..f6178b680f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # CHANGELOG
 
-## [Unreleased](https://github.com/bridgecrewio/checkov/compare/3.2.491...HEAD)
+## [Unreleased](https://github.com/bridgecrewio/checkov/compare/3.2.492...HEAD)
+
+## [3.2.492](https://github.com/bridgecrewio/checkov/compare/3.2.491...3.2.492) - 2025-11-10
+
+### Bug Fix
+
+- **terraform:** get_resource_tags handles more cases - [#7365](https://github.com/bridgecrewio/checkov/pull/7365)
 
 ## [3.2.491](https://github.com/bridgecrewio/checkov/compare/3.2.490...3.2.491) - 2025-11-09
 

From 4dbc89ab731e97890fa7ac2d28b5699b07b81e50 Mon Sep 17 00:00:00 2001
From: Max Amelchenko <maxamel2002@gmail.com>
Date: Wed, 12 Nov 2025 12:11:05 +0200
Subject: [PATCH 2/4] feat(general): support skips for module for_each and
 count (#7368)

support skips for module for_each and count

Co-authored-by: Max Amelchenko <mamelchenko@paloaltonetworks.com>
---
 checkov/common/output/report.py                              | 4 ++++
 .../runner_registry/test_runner_registry_plan_enrichment.py  | 5 ++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/checkov/common/output/report.py b/checkov/common/output/report.py
index d8da7c3b85..51af285332 100644
--- a/checkov/common/output/report.py
+++ b/checkov/common/output/report.py
@@ -574,6 +574,10 @@ def handle_skipped_checks(
 
             if record.resource_address and record.resource_address.startswith("module."):
                 module_path = record.resource_address[module_address_len:record.resource_address.index('.', module_address_len + 1)]
+                # For module with for_each or count, the module path will be module.module_name[(.*)]. We can
+                # ignore the index and the for_each value and just use the module name as it's not possible to
+                # skip checks for a specific instance of a module
+                module_path = module_path.split('[')[0]
                 module_enrichments = enriched_resources.get(module_path, {})
                 for module_skip in module_enrichments.get("skipped_checks", []):
                     if record.check_id in module_skip["id"]:
diff --git a/tests/common/runner_registry/test_runner_registry_plan_enrichment.py b/tests/common/runner_registry/test_runner_registry_plan_enrichment.py
index c591867858..84cdfecf7f 100644
--- a/tests/common/runner_registry/test_runner_registry_plan_enrichment.py
+++ b/tests/common/runner_registry/test_runner_registry_plan_enrichment.py
@@ -132,12 +132,11 @@ def test_enrichment_of_plan_report_with_for_each(self):
 
         report = runner_registry.run(repo_root_for_plan_enrichment=[repo_root], files=[str(valid_plan_path)])[0]
 
-        # TODO: after fixing module enrichment with skipped checks the failed checks will become skipped
-        self.assertEqual(len(report.failed_checks), 3)
+        self.assertEqual(len(report.failed_checks), 0)
 
         self.assertEqual(len(report.passed_checks), 0)
 
-        self.assertEqual(len(report.skipped_checks), 2)
+        self.assertEqual(len(report.skipped_checks), 5)
 
 
     def test_skip_check(self):

From 0099d2c00fa195ba1d5045adde5957730f505f0e Mon Sep 17 00:00:00 2001
From: Max Amelchenko <mamelchenko@paloaltonetworks.com>
Date: Tue, 11 Nov 2025 09:51:13 +0200
Subject: [PATCH 3/4] support skips for module for_each and count

---
 checkov/version.py          | 2 +-
 kubernetes/requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/checkov/version.py b/checkov/version.py
index 7fa419854d..1ade9a5b6c 100644
--- a/checkov/version.py
+++ b/checkov/version.py
@@ -1 +1 @@
-version = '3.2.492'
+version = '3.2.493'
diff --git a/kubernetes/requirements.txt b/kubernetes/requirements.txt
index 616e6ab57e..d26f47dc23 100644
--- a/kubernetes/requirements.txt
+++ b/kubernetes/requirements.txt
@@ -1 +1 @@
-checkov==3.2.492
+checkov==3.2.493

From 7674ea27a2b337dcad3009feae7363765f42f716 Mon Sep 17 00:00:00 2001
From: gruebel <33207684+gruebel@users.noreply.github.com>
Date: Wed, 12 Nov 2025 23:02:19 +0000
Subject: [PATCH 4/4] chore: update release notes

---
 CHANGELOG.md | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f6178b680f..f72f723325 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # CHANGELOG
 
-## [Unreleased](https://github.com/bridgecrewio/checkov/compare/3.2.492...HEAD)
+## [Unreleased](https://github.com/bridgecrewio/checkov/compare/3.2.493...HEAD)
+
+## [3.2.493](https://github.com/bridgecrewio/checkov/compare/3.2.492...3.2.493) - 2025-11-12
+
+### Feature
+
+- **general:** support skips for module for_each and count - [#7368](https://github.com/bridgecrewio/checkov/pull/7368)
 
 ## [3.2.492](https://github.com/bridgecrewio/checkov/compare/3.2.491...3.2.492) - 2025-11-10