|about 1 month ago||3 days ago|
|-||Apache License 2.0|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Does anybody else find Helm charts pretty useless?
5 projects | reddit.com/r/kubernetes | 19 Jan 2022
You can find some example in our repository
GitOps opinion piece (it sucks at scale) and webinar announcement: GitOps from the trenches (community-debate on GitOps pros and cons)
1 project | reddit.com/r/devops | 3 Mar 2021
If you are unfamiliar with Kapitan, you can check out our example repo here: https://github.com/kapicorp/kapitan-reference
Allow ECS Task Role to assume any role or invoke any lambda function. Yay or nay?
1 project | reddit.com/r/aws | 18 May 2022
Terraform Best Practices for Better Infrastructure Management
9 projects | dev.to | 15 May 2022
checkov – Terraform static analysis tool
Terraform policy generator?
2 projects | reddit.com/r/Terraform | 15 Apr 2022
Finding and Fixing Cloud Misconfigurations with open source
1 project | dev.to | 7 Apr 2022
The IaC scanner called Checkov, helps prevent misconfigured and insecure configurations prior to being released in the wild, leveraging a policy as code for everyone approach.
Ways to test terraform scripts
2 projects | reddit.com/r/Terraform | 26 Jan 2022
- Security and Compliance testing for terraform: - https://github.com/bridgecrewio/checkov
Learn About Infrastructure as Code in 5 Minutes and Why You Should Use It
6 projects | dev.to | 21 Jan 2022
Errors in IaC files can be a serious problem if they are not detected prior to deploying IaC definitions. Therefore, it is recommended to automatically and continuously scan IaC files, ensuring that verification occurs whenever an IaC definition is created or updated. You can do it using such tools as Checkov, TFLint, Accurics.
5 projects | dev.to | 5 Dec 2021
Policyer is an open source project (more like a vision) I created after inspired by policy engines that become very popular lately (OPA,Checkov) Policyer going to focus on providing platform to run and create meaningful reports, data engagement and plugin system to let you provide any data, some time it can be k8s yaml and in other it can be user data.
Container security best practices: Comprehensive guide
17 projects | dev.to | 16 Nov 2021
If you are using infrastructure as code, incorporate IaC scanning tools like Apolicy, Checkov, tfsec, or cfn_nag to validate the configuration of your infrastructure before it is created or updated. Similar to other linting tools, apply IaC scanning tools locally and in your pipeline, and consider blocking changes that introduce security issues.
Testing Terraform The Right Way
4 projects | dev.to | 25 Oct 2021
checkov — https://github.com/bridgecrewio/checkov/
Kubernetes Security Checklist 2021
28 projects | dev.to | 18 Oct 2021
Workload configuration should be audited regularly (Kics, Kubeaudit, Kubescape, Conftest, Kubesec, Checkov)
What are some alternatives?
tfsec - Security scanner for your Terraform code [Moved to: https://github.com/aquasecurity/tfsec]
terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
tflint - A Pluggable Terraform Linter
terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
atlantis - Terraform Pull Request Automation
tfsec - Security scanner for your Terraform code
cfn_nag - Linting tool for CloudFormation templates
inspec - InSpec: Auditing and Testing Framework
driftctl - Detect, track and alert on infrastructure drift
conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language