Terrascan – Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
- GitHub Repo: https://github.com/accurics/terrascan
- Documentation: https://docs.accurics.com
- Discuss: https://community.accurics.com
Features
- 500+ Policies for security best practices
- Scanning of Terraform 12+ (HCL2)
- Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3
- Support for AWS, Azure, GCP, Kubernetes and GitHub
Installing
Terrascan’s binary for your architecture can be found on the releases page. Here’s an example of how to install it:
$ curl --location https://github.com/accurics/terrascan/releases/download/v1.2.0/terrascan_1.2.0_Darwin_x86_64.tar.gz --output terrascan.tar.gz
$ tar -xvf terrascan.tar.gz
  x CHANGELOG.md
  x LICENSE
  x README.md
  x terrascan
$ install terrascan /usr/local/bin
$ terrascanIf you have go installed, Terrascan can be installed with go get
$ export GO111MODULE=on
$ go get -u github.com/accurics/terrascan/cmd/terrascan
  go: downloading github.com/accurics/terrascan v1.2.0
  go: found github.com/accurics/terrascan/cmd/terrascan in github.com/accurics/terrascan v1.2.0
  ...
$ terrascan
Install via brew
Homebrew users can install by:
$ brew install terrascanDocker
Terrascan is also available as a Docker image and can be used as follows
$ docker run accurics/terrascanBuilding Terrascan
Terrascan can be built locally. This is helpful if you want to be on the latest version or when developing Terrascan.
$ git clone [email protected]:accurics/terrascan.git
$ cd terrascan
$ make build
$ ./bin/terrascanGetting started
To scan your code for security issues you can run the following (defaults to scanning Terraform).
$ terrascan scanTerrascan will exit 3 if any issues are found.
The following commands are available:
$ terrascan
Terrascan
An advanced IaC (Infrastructure-as-Code) file scanner written in Go.
Secure your cloud deployments at design time.
For more information, please visit https://www.accurics.com
Usage:
  terrascan [command]
Available Commands:
  help        Help about any command
  init        Initialize Terrascan
  scan        Scan IaC (Infrastructure-as-Code) files for vulnerabilities.
  server      Run Terrascan as an API server
Flags:
  -c, --config-path string   config file path
  -h, --help                 help for terrascan
  -l, --log-level string     log level (debug, info, warn, error, panic, fatal) (default "info")
  -x, --log-type string      log output type (console, json) (default "console")
  -o, --output-type string   output type (json, yaml, xml) (default "yaml")
  -v, --version              version for terrascan
Use "terrascan [command] --help" for    more information about a command.Documentation
To learn more about Terrascan check out the documentation https://docs.accurics.com where we include a getting started guide, Terrascan’s architecture, a breakdown of it’s commands, and a deep dive into policies.
Developing Terrascan
To learn more about developing and contributing to Terrascan refer to the contributing guide.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.


![[BRAINCIPHER] - Ransomware Victim: cdom[.]org 3 image](https://www.redpacketsecurity.com/wp-content/uploads/2024/09/image-300x300.png) 
                       
