Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
checkov — https://github.com/bridgecrewio/checkov/
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan] (by cesar-rodriguez)
terrascan — https://github.com/cesar-rodriguez/terrascan (no TF 0.13 support at this time)
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
This repository contains free labs for setting up an entire workflow and DevOps environment from a real-world perspective in AWS
Terraform code. If you don't have any, you can clone and use this repo.
Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
terratest — Terratest | Automated tests for your infrastructure code. (gruntwork.io)
checkov VS terrascan - a user suggested alternative
2 projects | 8 Aug 2021
Terraform best practices for reliability at any scale
3 projects | news.ycombinator.com | 4 Aug 2023
From Pulumi and Terragrunt back to Terraform
1 project | /r/aws | 5 Jun 2023
How to manage terraform code for large projects?
4 projects | /r/Terraform | 30 May 2023
Tf apply/wait & multiple tf configurations management
1 project | /r/Terraform | 17 Apr 2023