terrascan VS terramate

terrascan — https://github.com/cesar-rodriguez/terrascan (no TF 0.13 support at this time)

initContainers: - args: - >- curl -L https://github.com/terramate-io/terramate/releases/download/v${TERRAMATE_VERSION}/terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz | tar xz command: - sh - -c env: - name: TERRAMATE_VERSION value: 0.4.5 image: curlimages/curl name: get-terramate volumeMounts: - mountPath: /home/curl_user/ name: terramate workingDir: /home/curl_user/ extraVolumes: - name: terramate emptyDir: {} extraVolumeMounts: - name: terramate mountPath: /usr/local/bin/terramate subPath: terramate readOnly: true

‍Terramate is an open-source IaC orchestration tool for Terraform, OpenTofu, Pulumi, Cloudformation, and others, that streamlines and scales your IaC workflows.

Nice, this looks close to https://terramate.io/ stacks

You might want to take a look at Terramate. Compared to other tooling such as Terragrunt we're not a wrapper that will lock you in yet another syntax. Terramate is a code generator and orchestrator that helps you to generate native Terraform that can be executed in whatever environment of your choice.

Another option for Terragrunt could be Terramate. It comes with Code Generation that helps you to automatically generate files such as Terraform, Provider and Backend configurations in various stacks (directories). The upside is that it always generates native Terraform code.

This can be done with a tool such as Terramate or Terragrunt (afaik Terragrunt doesn't come with change detection).

I'd love to add Terramate to the list of alternatives to Terraform Cloud!

That sounds like something Terramate helps with. I've been using it exactly for that purpose (code generation) and it made everything so much easier!