Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
You might be referring to checkov ? https://github.com/bridgecrewio/checkov
A Pluggable Terraform Linter
Sounds like tflint to me!
Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.
TFLint ruleset for Terraform Language
It’s got a few included rulesets that can be used to enforce things like what you describe.
a lightweight, security focused, BDD test framework against terraform. (by terraform-compliance)
You could also look at terraform compliance
Terraform Security Best Practices
2 projects | /r/devops | 21 Mar 2023
1 project | /r/devopspro | 13 Feb 2023
Enforcing naming conventions in Terraform
2 projects | /r/Terraform | 9 Jul 2022
Terraform Tools and Testing
5 projects | /r/Terraform | 30 Jun 2022
Alternative to Terraform Sentinel
3 projects | /r/Terraform | 24 Jun 2022