atmos
kics
atmos | kics | |
---|---|---|
8 | 13 | |
581 | 1,901 | |
6.4% | 1.9% | |
8.6 | 9.9 | |
2 days ago | 5 days ago | |
Go | Open Policy Agent | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
atmos
-
AWS Landing zone creation: manual or AWS Control Tower?
This is why we created atmos to make it easier to manage large multi-account architectures. As a result, our components are reusable across organizations, regardless of how many accounts and regions they operate, and we minimize the snowflakes. And we avoid code generation, which is hard to thoroughly test in an automated fashion. Without naming names, lots of tools for terraform rely on code generation, but I see it as an anti-pattern that should be avoided.
- How to manage terraform code for large projects?
-
Terraform | Take your Terraform skills to the next level!
sorry did not find anything advanced. A better tool to make terraform scaleable is https://atmos.tools
-
Terraform docs say longstanding deployments should not use workspaces. what are your thoughts?
Workspaces are incredibly practical, and we leveraging them at-scale with literally thousands of workspaces using atmos for terraform. There is so much FUD around workspaces that is either ill-informed or based on outdated information. Any company using terraform at scale will rely on tooling and conventions. It's up to that tooling to ensure you are using terraform safely. Atmos is one of those tools. I'm not saying that you have to use workspaces, but just that there's nothing wrong with workspaces themselves.
-
List of most useful Terraform open-source tools
Check out atmos for a fresh take at managing terraform configurations and terraform workflows. Instead of managing HCL `.tfvar` files manually for configuration, it uses YAML, and supports concepts of imports (via deep merging), remote imports (anything supported by gogetter), mixins, inheritance, multiple-inheritance, vendoring of root modules, workflows, task runners (via custom subcommands), and much more. There's a bit of a learning curve and mind-shift required if coming from a Terragrunt background, but the experience is mindblowing after switching to it. Also, it's not limited to terraform.
-
Why does Hashicorp advise against using workspaces to manage environments?
We obviously don't have a project for your exact use case, but we have an open-source example repo that shows a fairly advanced scenario of using the Terraform Spacelift Provider https://github.com/spacelift-io/demo-preview-environments-manager, a simple quickstart of using it https://github.com/spacelift-io/terraform-starter and you can also see the CloudPosse Atmos project, for a very advanced scenario which generates lot's of Stacks based on your component specifications https://github.com/cloudposse/atmos.
- Atmos
- Atmos: Universal Tool for DevOps and Cloud Automation (Terraform, Helm, etc.)
kics
-
A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
KICS (stands for "Keeping Infrastructure as Code Secure"): Owner/Maintainer: Checkmarx Age: First released on GitHub on November 30th, 2020 License: Apache License 2.0
-
What are the best static analysis security testing tools for Terraform and infrastructure as code?
The ones I remember being alright from a bunch of trials/PoC we did at my job were Snyk https://snyk.io/product/infrastructure-as-code-security/ and The one Gitlab Ultimate uses, https://github.com/Checkmarx/kics
-
Securing the software supply chain in the cloud
KICS – Scan for Infrastructure-as-Code vulnerabilities
- Looking for Tips on Open Sourcing a kubernetes security tool
-
Implement DevSecOps to Secure your CI/CD pipeline
Checkov, Terrascan, and Kics can be used to scan our Infrastructure code. It supports Terraform, Cloudformation, and Azure ARM resources.
-
List of most useful Terraform open-source tools
kics: https://github.com/Checkmarx/kics
Cost:
-
KICS (Keep Infrastructure as Code Secure) community meetings
Details about the meeting on this thread: https://github.com/Checkmarx/kics/discussions/5675
-
Terraform AWS 4.0 Provider migration
We have a request in KICS (Keep IaC secure, https://github.com/Checkmarx/kics) to support AWS 4.0 provider and I wondered how fast did people adopt it and did the required changes.
- Question for the Argo-Verse
What are some alternatives?
terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
terramate - Terramate CLI is an open-source Infrastructure as Code (IaC) orchestration tool for Terraform, OpenTofu, Terragrunt, Kubernetes, Pulumi, Cloud Formation, CDK, Azure Resource Manager (ARM), and others.
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
terraform-starter - Starter repository to play with Spacelift
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
demo-preview-environments-manager
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
akk-stack - Containerized EverQuest Emulator Server Environment
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan]
ops-examples - A repository of basic and advanced examples using Ops
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.