diff --git a/rules/S6317/terraform/how-to-fix-it/aws-iam.adoc b/rules/S6317/terraform/how-to-fix-it/aws-iam.adoc
index 8522b399fc..a552b6decc 100644
--- a/rules/S6317/terraform/how-to-fix-it/aws-iam.adoc
+++ b/rules/S6317/terraform/how-to-fix-it/aws-iam.adoc
@@ -6,7 +6,7 @@ In this example, the IAM policy allows an attacker to update the code of any Lam
 
 ==== Noncompliant code example
 
-[source,terraform]
+[source,terraform,diff-id=1,diff-type=noncompliant]
 ----
 resource "aws_iam_policy" "example" {
   name = "example"
@@ -32,7 +32,7 @@ EOF
 
 The policy is narrowed such that only updates to the code of certain Lambda functions (without high privileges) are allowed.
 
-[source,terraform]
+[source,terraform,diff-id=1,diff-type=compliant]
 ----
 resource "aws_iam_policy" "example" {
   name = "example"