SonarSource / sonar-iac
Static Code Analyser for Infrastructure-as-Code languages such as CloudFormation and Terraform as well as DevOps like Docker and Kubernetes
☆24Updated this week
Related projects: ⓘ
- This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to id…☆72Updated 9 months ago
- CloudCustodian Rules engine for cloud security and governance, DSL in yaml for policies to query, filter, and take actions on resources☆16Updated last year
- ☆14Updated last year
- AWS Cloudformation Hook for OPA-powered infrastructure policy enforcement☆36Updated 6 months ago
- ☆36Updated last month
- Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov☆24Updated last year
- SonarQube Terraform Module for AWS☆38Updated 10 months ago
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆131Updated this week
- AWS I&A Terraform Module Standards☆16Updated 9 months ago
- Docker Scout GitHub Action☆82Updated 2 weeks ago
- This Repository holds a list of public Chaos Engineering stories from major institutions around the world☆45Updated 2 weeks ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated 11 months ago
- Slack alert bot for matching Github Audit Events☆10Updated last month
- Github action to run dependency check☆69Updated last month
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated last year
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆42Updated last month
- CICD Using GitHub Action and Harness☆14Updated last year
- SCP management tool☆123Updated 10 months ago
- This repository includes a collection of solutions and tools for the AWS Elastic Disaster Recovery (DRS) service. You can use one or all …☆22Updated last month
- ☆13Updated 2 years ago
- AWS Label Module☆31Updated 2 months ago
- A tool to check the security settings of Github Organizations.☆68Updated last year
- Scan artifacts with Amazon Inspector from GitHub Actions workflows.☆22Updated last week
- ☆13Updated 7 months ago
- AWS Observability Accelerator☆18Updated 3 months ago
- This is a project to quickly accelerate the adoption of CloudFormation Guard syntax for use in AWS Config rules. The advantage of CloudF…☆10Updated 9 months ago
- Utility functions for use with Terraform in the AWS environment☆43Updated 2 weeks ago
- ☆14Updated 2 months ago
- Enrich SBOMs with data from third party services☆108Updated 3 weeks ago
- A github action which will run code formatters against PRs, and commit any resulting changes • This repository is defined and managed in …☆15Updated last week