Checkov : Prevent Cloud Misconfigurations During Build-Time For Terraform

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts, Kustomize, Dockerfile, Serverless, Bicep or ARM Templates and detects security and compliance misconfigurations using graph-based scanning. Checkov also powers Bridgecrew, the developer-first platform that codifies and streamlines cloud security throughout the development lifecycle. Bridgecrew identifies, fixes, and prevents misconfigurations in cloud resources and infrastructure-as-code files. …

Terraform AWS Secure Baseline : To Set Up Your AWS Account

Terraform Aws Secure Baseline is a terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations. Terraform Module Registry A terraform module to set up your AWS account with the reasonably secure configuration baseline. Most configurations are based on CIS Amazon Web Services Foundations v1.2.0. …