xortim
commented
3 years ago Preferably against the plan file :)
Open prabhu opened 3 years ago
xortim
commented
3 years ago Preferably against the plan file :)
prabhu
commented
3 years ago @xortim could you kindly elaborate? Which plan file are you thinking to use with opa?
xortim
commented
3 years ago Sorry about the nebulous comment. I'd love to have my terraform plan file scanned using fugue/regula or accurics/terrascan. I'm currently using terrascan separately since there's a comprehensive best set of rules, but regula is natively compatible with OPA, not just the Rego policy language. Meaning, regula uses Rego and OPA itself to normalize the input, whereas terrascan normalizes using their tool to accomplish a similar task.
prabhu
commented
3 years ago @xortim interesting! I looked at terrascan sometime back and wasn't that impressed so stuck with checkov. Is it working better than checkov in your tests?
Let's add support for opa and rego to support interesting things