search

Azure / PSRule.Rules.Azure

Rules to validate Azure resources and infrastructure as code (IaC) using PSRule.
https://azure.github.io/PSRule.Rules.Azure/
MIT License
383 stars 83 forks source link

Support for Terraform #1193

Open BernieWhite opened 2 years ago

BernieWhite commented 2 years ago

This is tracking for adding support for Terraform HCL to PSRule originally discussed here Microsoft/PSRule#907 by @jbla9028.

Is your feature request related to a problem? Please describe. It appears that psrule can review a ARM or bicep template from the documentation. It seems like the only open to review terraform is to review the resources after the terraform code has applied the infrastructure. Can we get native terraform support?

Passing a target folder, along with variables, can psrule review a user's terraform code for compliance?

Describe the solution you'd like

Describe alternatives you've considered There are other solutions that will do this but psRule's syntax seems very easy to use, it would be great to leverage it with terraform.

Additional context

Continue reading the FAQ for details on in-flight support for Terraform.

If this issue is important to you please upvote the issue. We plan to investigate this issue to determine if this is something that should be integrated into PSRule for Azure.

Updated: 2023-08-26

Some questions to add to the research effort:

vishalgoyal16444 commented 2 years ago

Having PSRules support for terraform scripts hosted on a repository will be extremely useful to check for rules validation even before we create actual resources on Azure.

vannela commented 2 years ago

Terraform being used widely for Azure as well, support for validating is very useful.

itpropro commented 2 years ago

I think we should focus on the Azure tooling first. There are still multiple problems with bicep and ARM syntax. First party tooling should be the focus and priority by now and maybe after Bicep 1.0, we can focus on third-party tools like Ansible, Pulumi or Terraform.

trstroem commented 1 year ago

Terraform really useful since often used in SAP on Azure implementations...

MohnJadden commented 10 months ago

Being able to test against Azure Policy would help eliminate a lot of Terraform headaches and errors. I bypass ARM entirely by using Terraform and avoid ARM wherever possible - TF is simply easier to use. We use azurerm exclusively.

itpropro commented 9 months ago

Being able to test against Azure Policy would help eliminate a lot of Terraform headaches and errors. I bypass ARM entirely by using Terraform and avoid ARM wherever possible - TF is simply easier to use. We use azurerm exclusively.

You are still using ARM REST APIs in the background, if you are using Terraform, just no ARM templates. If you don't like ARM template syntax, you can always use Bicep for simpler usage and much clearer syntax.