Terrascan

Static code analysis for your terraform code

Prevent security weaknesses in your terraform code

Scans it.

Terrascan assesses your infrastructure code for common security weaknesses and misconfigurations including: encryption, public exposure, logging and monitoring, and security groups misconfigurations.

In your pipeline.

You can integrate terrascan into your CI/CD pipeline to further prevent issues being merged into your version control repository.

On your desktop.

By using terrascan as a pre-commit hook. You can prevent security weaknesses as early as possible in your software development. The pre-commit will provide you with immediate feedback, so you’re able to quickly remediate any findings.

Install.

Terrascan is published as a python package on pypi. Installing terrascan is as easy as doign a “pip install terrascan”.

Learn More