tfsec | Security scanner for your Terraform code | Security library

 by   aquasecurity Go Version: v1.28.1 License: MIT

X-RayKey FeaturesCode SnippetsCommunity Discussions(3)VulnerabilitiesInstallSupport

kandi X-RAY | tfsec Summary

kandi X-RAY | tfsec Summary

tfsec is a Go library typically used in Security, Terraform applications. tfsec has no bugs, it has no vulnerabilities, it has a Permissive License and it has medium support. You can download it from GitHub.

tfsec uses static analysis of your terraform templates to spot potential security issues. Now with terraform CDK support.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              tfsec has a medium active ecosystem.
              It has 5959 star(s) with 503 fork(s). There are 70 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 102 open issues and 795 have been closed. On average issues are closed in 42 days. There are 14 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of tfsec is v1.28.1

            kandi-Quality Quality

              tfsec has 0 bugs and 0 code smells.

            kandi-Security Security

              tfsec has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              tfsec code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              tfsec is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              tfsec releases are available to install and integrate.
              Installation instructions, examples and code snippets are available.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of tfsec
            Get all kandi verified functions for this library.

            tfsec Key Features

            No Key Features are available at this moment for tfsec.

            tfsec Examples and Code Snippets

            No Code Snippets are available at this moment for tfsec.

            Community Discussions

            Trending Discussions on tfsec

            GCP + Terraform : Service account access is granted to a user at project level
            How to create custom checks in tfsec
            Azure pipelines failing stating Incorrect task refrence

            QUESTION

            GCP + Terraform : Service account access is granted to a user at project level
            Asked 2022-Feb-02 at 19:27

            I have an issue when trying to execute this terraform file on GCP.
            ...

            ANSWER

            Answered 2022-Feb-02 at 19:27

            Granting this role "iam.serviceAccountTokenCreator" causes the warning.

            That role allows users to use a service account for Privilege Escalation

            Protecting against privilege-escalation threats

            Source https://stackoverflow.com/questions/70952595

            QUESTION

            How to create custom checks in tfsec
            Asked 2021-Jun-07 at 03:05

            I have the following policy that I wish to implement in my IaC code scan using tfsec:

            Custom Check: GCP Firewall rule allows all traffic on Telnet port (23)

            The below is my custom check in .json format:

            ...

            ANSWER

            Answered 2021-Mar-18 at 19:07

            I think now looking at it formatted its clear that source_ranges is a child of the google_compute_firewall resource. The ports attribute is a child of the allow. Your check is assuming that ports is a sibling of source_ranges.

            I think this check is achievable with the following - it does a predicate check that there is source_range as required AND there is a block called allow, with an attribute ports containing 23

            Source https://stackoverflow.com/questions/66695911

            QUESTION

            Azure pipelines failing stating Incorrect task refrence
            Asked 2020-Dec-01 at 08:55

            My Azure pipeline is as below:

            ...

            ANSWER

            Answered 2020-Dec-01 at 08:54

            Well it looks like you want to refer to task: TerraformTaskV1@0 (based on the syntax) and the you should use as this:

            Source https://stackoverflow.com/questions/65071711

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install tfsec

            You can also grab the binary for your system from the releases page.

            Support

            If you need to support versions of terraform which use HCL v1 (terraform <0.12), you can use v0.1.3 of tfsec, though support is very limited and has fewer checks.
            Find more information at:

            Reuse Trending Solutions

            build-a-realtime-voice-to-image-generator-using-generative-ai
            build-a-realtime-voice-to-image-generator-using-generative-ai
            Build a Realtime Voice-to-Image Generator using Generative AI
            image-resizing-using-opencv-in-python
            image-resizing-using-opencv-in-python
            Image Resizing using OpenCV in Python
            build-your-own-gpt4all-content-generator
            build-your-own-gpt4all-content-generator
            Build your own Custom GPT Content Generator (Open-Source ChatGPT Alternative)
            validate-an-email-address-in-javascript
            validate-an-email-address-in-javascript
            How to Validate an Email Address in JavaScript
            age-calculator-using-javascript
            age-calculator-using-javascript
            Age Calculator using JavaScript
            addressing-bias-in-ai---toolkit-for-fairness,-explainability-and-privacy
            addressing-bias-in-ai---toolkit-for-fairness,-explainability-and-privacy
            Addressing Bias in AI - Toolkit for Fairness, Explainability and Privacy
            javascript-node-js-payment-processing
            javascript-node-js-payment-processing
            15 best JavaScript Node.js Payment libraries
            build-credit-risk-predictor-using-federated-learning
            build-credit-risk-predictor-using-federated-learning
            Build Credit Risk predictor using Federated Learning
            top-10-javascript-tours-and-guides-libraries-in-2023
            top-10-javascript-tours-and-guides-libraries-in-2023
            10 Best JavaScript Tours and Guides Libraries in 2023
            disease-predictor
            disease-predictor
            Disease Predictor using Pandas & Scikit
            python-face-recognition
            python-face-recognition
            28 best Python Face Recognition libraries

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/aquasecurity/tfsec.git

          • CLI

            gh repo clone aquasecurity/tfsec

          • sshUrl

            git@github.com:aquasecurity/tfsec.git

            • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            SecurityTerraform

            Reuse Security Kits

            14 best Anti-spam Anti-spam libraries
            See all related Kits

            Reuse Security Kits

            15 best Ruby Server Side Scripting libraries
            DDoS Attack Detection
            11 best Python Proof of work libraries
            Highly Secured WiFi Router
            OTP Verification System
            See all related Kits

            Consider Popular Security Libraries

            SecLists

            by danielmiessler

            tutorials

            by eugenp

            eladmin

            by elunez

            Mobile-Security-Framework-MobSF

            by MobSF

            bettercap

            by bettercap

            See all Security Libraries

            Try Top Libraries by aquasecurity

            trivy

            by aquasecurityGo

            kube-bench

            by aquasecurityGo

            kube-hunter

            by aquasecurityPython

            tracee

            by aquasecurityGo

            cloudsploit

            by aquasecurityJavaScript

            See all Learning Libraries

            Open Weaver – Develop Applications Faster with Open Source

            kandi

            Community and Support

            Company

            Follow

            • © 2023 Open Weaver Inc.