From db8fb1866fdb9ceff25487d6b513083ebfb0d5d0 Mon Sep 17 00:00:00 2001
From: Steve Vaknin <62605534+SteveVaknin@users.noreply.github.com>
Date: Thu, 14 Mar 2024 08:52:52 +0200
Subject: [PATCH] fix(terraform): prevent side effects when updating variable
 rendering (#6087)

* fix(terraform): prevent side effects when updating variable rendering

* keep the structure

---------

Co-authored-by: Steve Vaknin <svaknin@paloaltonetworks.com>
---
 checkov/terraform/graph_builder/local_graph.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/checkov/terraform/graph_builder/local_graph.py b/checkov/terraform/graph_builder/local_graph.py
index 2389960befc..0708682bdd5 100644
--- a/checkov/terraform/graph_builder/local_graph.py
+++ b/checkov/terraform/graph_builder/local_graph.py
@@ -729,7 +729,8 @@ def update_list_attribute(
 
     if len(key_parts) == 1:
         idx = force_int(key_parts[0])
-        inner_config = config[0]
+        # Avoid changing the config and cause side effects
+        inner_config = pickle_deepcopy(config[0])
 
         if idx is not None and isinstance(inner_config, list):
             if not inner_config:
@@ -737,7 +738,7 @@ def update_list_attribute(
                 return config
 
             inner_config[idx] = new_value
-            return config
+            return [inner_config]
     entry_to_update = int(key_parts[0]) if key_parts[0].isnumeric() else -1
     for i, config_value in enumerate(config):
         if entry_to_update == -1: