terratag
tfsec
terratag | tfsec | |
---|---|---|
7 | 29 | |
897 | 6,571 | |
1.4% | 0.9% | |
5.3 | 5.2 | |
16 days ago | 4 days ago | |
Go | Go | |
Mozilla Public License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
terratag
-
Top Terraform Tools to Know in 2024
âTerratag is a tool designed to assign tags or labels to a complete collection of Terraform or Terragrunt files. It enables applying tags or labels to resources within AWS, GCP, and Azure.
- Standardized tags across all Azure resources with terraform
-
List of most useful Terraform open-source tools
Terratag (tagging): https://github.com/env0/terratag (disclaimer, I am CEO at env0)
Documentation:
Cost:Infracost (estimation): https://github.com/infracost/infracostTerratag (tagging): https://github.com/env0/terratag (disclaimer, I am CEO at env0)
- Terratag Open Source
- Terratag
-
DevOps tools you should have on your belt
đ· Terratag is a CLI tool allowing for tags or labels to be applied across an entire set of Terraform files.
tfsec
-
Cloud Security and Resilience: DevSecOps Tools and Practices
3. tfsec: https://github.com/aquasecurity/tfsec tfsec uses a suite of security checks to scan your Terraform templates, helping to identify potential security issues before infrastructure is deployed.
-
A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
tfsec Owner/Maintainer: Aqua Security (acquired in 2021) Age: First released on GitHub on March 5th, 2019 License: MIT License tfsec project is no longer actively maintained in favor of the Trivy tool. But because many people still use it and it's quite famous, I added tfsec to this comparison. However, I recommend against using it for new projects.
-
Top Terraform Tools to Know in 2024
âTfsec acts as a Terraform scanning tool. It is a security-focused linter for Terraform that scans code for security flaws, offering an additional layer of security assurance and helping to maintain a strong security posture.
-
DevSecOps with AWS- IaC at scale - Building your own platform - Part 1
... #************************** Terraform ************************************* ARG TERRAFORM_VERSION=1.7.3 RUN set -ex \ && curl -O https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin/ RUN set -ex \ && mkdir -p $HOME/.terraform.d/plugin-cache && echo 'plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"' > ~/.terraformrc #************************* Terragrunt ************************************* ARG TERRAGRUNT_VERSION=0.55.1 RUN set -ex \ && wget https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64 -q \ && mv terragrunt_linux_amd64 /usr/local/bin/terragrunt \ && chmod +x /usr/local/bin/terragrunt #*********************** Terramate **************************************** ARG TERRAMATE_VERSION=0.4.5 RUN set -ex \ && wget https://github.com/mineiros-io/terramate/releases/download/v${TERRAMATE_VERSION}/terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz \ && tar -xzf terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz \ && mv terramate /usr/local/bin/terramate \ && chmod +x /usr/local/bin/terramate #*********************** tfsec ******************************************** ARG TFSEC_VERSION=1.28.5 RUN set -ex \ && wget https://github.com/aquasecurity/tfsec/releases/download/v${TFSEC_VERSION}/tfsec-linux-amd64 \ && mv tfsec-linux-amd64 /usr/local/bin/tfsec \ && chmod +x /usr/local/bin/tfsec \ && terragrunt --version #**********************Terraform docs ************************************ ARG TERRRAFORM_DOCS_VERSION=0.17.0 RUN set -ex \ && curl -sSLo ./terraform-docs.tar.gz https://terraform-docs.io/dl/v${TERRRAFORM_DOCS_VERSION}/terraform-docs-v${TERRRAFORM_DOCS_VERSION}-$(uname)-amd64.tar.gz \ && tar -xzf terraform-docs.tar.gz \ && chmod +x terraform-docs \ && mv terraform-docs /usr/local/bin/terraform-docs #********************* ShellCheck ***************************************** ARG SHELLCHECK_VERSION="stable" RUN set -ex \ && wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${SHELLCHECK_VERSION?}/shellcheck-${SHELLCHECK_VERSION?}.linux.x86_64.tar.xz" | tar -xJv \ && cp "shellcheck-${SHELLCHECK_VERSION}/shellcheck" /usr/bin/ \ && shellcheck --version ...
-
IaC comparison
You can give tfsec a try perhaps
-
What is the best `as Code` tool in 2023?
Great toolchain, including Infracost or tfsec.
-
Top 4 Infrastructure as Code Open-Source Tools for 2023
TFSec is an open-source tool for scanning and detecting potential security vulnerabilities in Terraform code in both HCL and JSON.
-
Terraform Security Best Practices
We use https://github.com/aquasecurity/tfsec we found checkov.io to be quite noisy
-
What are the best static analysis security testing tools for Terraform and infrastructure as code?
Beyond Snyk and Checkov - I have also used https://github.com/aquasecurity/tfsec at a few organizations both for use locally and in CI (PR Review Checks)
- Breve guia de sobrevivĂȘncia com Terraform
What are some alternatives?
NubesGen - Going to production on Azure is only one `git push` away
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
yor - Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.
SonarQube - Continuous Inspection
infracost-atlantis - Atlantis integration for Infracost. Shows cloud cost estimates for Terraform in pull requests.
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
terracognita - Reads from existing public and private cloud providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration
terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
awesome-tf - Curated list of resources on HashiCorp's Terraform and OpenTofu
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan]
personal-zero-trust-hashicorp-vault - Cloudflare for Teams + HashiCorp Vault = Zero Trust Love
cli - a lightweight, security focused, BDD test framework against terraform.