Closed exequielrafaela closed 5 months ago
@diego-ojeda-binbash I'll create a new issue for:
π€ Terraform Policy as Code Engine => https://github.com/bridgecrewio/checkov
And I'll close this one π€ β
@eze-godoy ,
Regarding the integration of Checkov as discussed, in case a project request it we can start with a minimal setup in one of the layers to iterate in the future as project-specific security needs evolve. In the time being we'll close this issue.
Hereβs a brief plan in case the need arises:
Initial Integration: Let's incorporate a basic Checkov scan into our GitHub Actions, focusing on high-priority security rules based on the implementation we've already done:
Iterative Enhancement: We will assess the initial results and refine the setup in future iterations, expanding the ruleset and integration points based on our findings and requirements.
Documentation and Tracking: Update the README.md CI documentation to reflect the Checkov integration steps and results interpretation.
What?
Test and integrate via dockerized Makefile cmds (https://github.com/binbashar/le-tf-infra-aws/blob/master/%40bin/makefiles/terraform12/Makefile.terraform12-cont) new security analysis in the CI PR automated process
Possible tools:
π Infra Security
π° Cost
π€ Terraform Policy as Code Enginer
Why?
Read More
Other References