Prevent cloud misconfigurations during build-time for Terraf | Opensource Findings

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov (Чехов).

Checkov is a static code analysis tool for infrastructure-as-code.

It scans cloud infrastructure provisioned using Terraform, Cloudformation, Kubernetes, Serverless or ARM Templates and detects security and compliance misconfigurations.

Features:
- Over 400 built-in policies cover security and compliance best practices for AWS, Azure and Google Cloud.
- Scans Terraform, CloudFormation and Kubernetes, Serverless framework and ARM template files.
- Detects AWS credentials in EC2 Userdata, Lambda environment variables and Terraform providers.
- Evaluates Terraform Provider settings to regulate the creation, management, and updates of IaaS, PaaS or SaaS managed through Terraform.
- Policies support evaluation of variables to their optional default value.
- Supports in-line suppression of accepted risks or false-positives to reduce recurring scan failures. Also supports global skip from using CLI.
- Output currently available as CLI, JSON, JUnit XML and github markdown and link to remediation guides.

https://github.com/bridgecrewio/checkov

#python #devops #k8s

Opensource Findings

🙋 4.68K
Technologies

Links and concise reviews on open-source tools, news, and talks about language-design, trends and fundamentals. Write-only. If you like this project, you can sponsor it directly: https://github.com/sp...

Join
▲ Vote (1)

​​Prevent cloud misconfigurations during build-time for Terraf | Opensource Findings

Login

Prevent cloud misconfigurations during build-time for Terraf | Opensource Findings