π IaC Testing
121 tools compared
π Subcategories
π§ Tools in IaC Testing
Kubescape
An open-source Kubernetes security platform for risk analysis, security compliance, and misconfiguration scanning.
ControlMonkey
A platform that discovers, codifies, and automates cloud infrastructure using existing IaC tools.
Infracost
A tool that shows cloud cost estimates for IaC changes, helping engineers understand the cost impact of their work.
Infracost
A tool that shows cloud cost estimates for IaC changes, integrating into CI/CD pipelines.
Scalr
A Terraform automation platform that provides a hierarchical structure for managing environments, credentials, and variables.
Spacelift
A specialized CI/CD platform for IaC that includes a powerful Policy as Code framework using OPA.
Infracost
A tool that shows cloud cost estimates for infrastructure changes before they happen, integrating with CI/CD.
env0
An automated, collaborative platform for managing Terraform, Terragrunt, and other IaC frameworks.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine that unifies policy enforcement across the stack.
env0
An automation platform for IaC that enables self-service, governance, and cost management for Terraform and Terragrunt.
Spacelift
A specialized CI/CD platform for IaC that provides collaboration, control, and automation for Terraform, Pulumi, and more.
env0
An IaC automation platform that provides governance, cost management, and self-service capabilities for Terraform, Terragrunt, and other IaC tools.
Spacelift
A specialized CI/CD and management platform for Terraform, Pulumi, and other IaC tools, with a focus on policy and collaboration.
env0
An automation platform for managing IaC environments, focusing on governance, cost management, and collaboration.
Kubescape
An open-source Kubernetes security posture management tool that scans for misconfigurations and vulnerabilities.
Datree
A CLI tool for preventing misconfigurations in Kubernetes manifests by running automated checks.
Datree
A CLI tool that runs automated checks on Kubernetes configuration files to ensure they follow policies and best practices.
Spacelift
A specialized CI/CD platform for IaC that provides drift detection, policy enforcement, and workflow automation.
CloudQuery
An open-source tool that extracts, transforms, and loads cloud asset data into SQL databases for analysis.
env0
An automation platform for IaC that includes policy-as-code and cost management features.
Styra DAS
An enterprise management plane for Open Policy Agent (OPA) that helps operationalize policy as code.
Infracost
A CLI tool and API that shows cloud cost estimates for Terraform projects, helping developers see the cost impact of their changes.
Kyverno
A policy engine designed specifically for Kubernetes, allowing policies to be managed as Kubernetes resources.
Snyk IaC
An IaC security tool that finds and fixes misconfigurations in cloud native application infrastructure.
Scalr
A Terraform automation and collaboration platform with built-in policy-as-code and governance features.
Scalr
A Terraform automation and collaboration platform with a hierarchical model for policy and workspace management.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine that can be used to enforce policies on Terraform plans.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine that can be used for enforcing policies on IaC.
Scalr
A Terraform automation and collaboration platform with a focus on hierarchical configuration and environment management.
Checkov
An open-source static analysis tool for scanning Infrastructure as Code (IaC) files for misconfigurations.
Open Policy Agent (OPA)
A general-purpose policy engine that can be used for a wide range of policy enforcement use cases.
Wiz
A comprehensive CNAPP that includes IaC scanning as part of its cloud security solution.
Wiz
A comprehensive cloud security platform that includes IaC scanning as part of its broader capabilities.
Firefly
A platform for managing cloud assets, discovering resources, and codifying infrastructure.
Snyk IaC
A developer-focused security tool that scans IaC files for misconfigurations and provides context and remediation advice.
Trivy
A versatile security scanner that finds vulnerabilities, IaC misconfigurations, and secrets in various targets.
Orca Security
An agentless CNAPP that provides security and compliance across the full cloud-native application lifecycle, including IaC scanning.
Orca Security
An agentless cloud security platform that includes shift-left capabilities like IaC security scanning.
Datadog Cloud Security Management
A cloud security platform that includes IaC scanning, posture management (CSPM), and workload security (CWS).
Terraform Cloud
The official managed service from HashiCorp for running Terraform, providing collaboration, governance, and automation features.
Snyk Infrastructure as Code
A developer-first security tool that scans IaC files for misconfigurations and security issues.
Prisma Cloud (by Palo Alto Networks)
A comprehensive CNAPP that includes IaC scanning, cloud security posture management, and workload protection.
Terraform Cloud
HashiCorp's managed service for using Terraform in production, providing collaboration and governance features.
Snyk IaC
A developer-first security tool that finds and fixes misconfigurations in IaC files.
Snyk IaC
A developer-focused IaC security tool that finds and helps fix misconfigurations in code.
tfsec
An open-source static analysis tool for finding security misconfigurations in Terraform code.
tfsec
An open-source static analysis tool that checks Terraform code for security misconfigurations and compliance violations.
SonarQube
A leading static analysis platform that supports IaC scanning for Terraform, CloudFormation, Kubernetes, and more.
Checkov
An open-source static analysis tool for scanning IaC for misconfigurations.
HashiCorp Sentinel
A policy as code framework from HashiCorp that integrates with its Enterprise products.
Terraform Cloud
HashiCorp's managed service offering for using Terraform in production.
Snyk Infrastructure as Code
A developer-focused tool for finding and fixing security misconfigurations in IaC files.
Terrascan
An open-source static code analyzer for IaC that helps detect security vulnerabilities and compliance violations.
TFLint
A linter focused on finding possible errors, best practice deviations, and enforcing naming conventions in Terraform code.
Trivy
A versatile security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in containers, IaC, and more.
Azure Policy
A service in Azure that you use to create, assign, and manage policies for your Azure resources.
Lacework
A CNAPP that uses anomaly detection to secure cloud environments, with IaC security features to shift left.
Prisma Cloud (Bridgecrew)
A comprehensive cloud security platform that includes IaC scanning, drift detection, and compliance monitoring.
Checkov
An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigurations.
Terrascan
An open-source static code analyzer that scans IaC for security vulnerabilities and compliance violations.
Trivy
A comprehensive open-source security scanner for vulnerabilities, misconfigurations, secrets, and more.
tfsec
An open-source static analysis tool for finding security misconfigurations in Terraform code.
Pulumi CrossGuard
A policy as code framework for the Pulumi IaC platform, allowing policies to be written in general-purpose languages.
Datadog Cloud Security Management
A security and compliance solution within the Datadog platform that includes IaC scanning.
tfsec
A static analysis security scanner for Terraform code to detect potential security misconfigurations.
Terrascan
An open-source static code analysis tool for scanning IaC against security and compliance policies.
Chef InSpec
An open-source testing framework for infrastructure with a human-readable language for specifying compliance and security rules.
Checkov
An open-source static analysis tool for scanning IaC files for misconfigurations and security vulnerabilities.
Chef InSpec
An open-source testing framework for infrastructure with a human-readable language for specifying compliance and security rules.
Pulumi
An IaC platform that lets you use general-purpose programming languages to provision cloud infrastructure.
Checkov
An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigurations.
KICS
An open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in IaC.
KICS
An open-source IaC scanning tool by Checkmarx that finds security vulnerabilities, compliance issues, and misconfigurations.
Checkov
An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigurations.
Terrascan
An open-source static code analyzer for IaC that helps detect security and compliance violations.
Chef InSpec
An open-source testing framework for infrastructure with a human-readable language for specifying compliance and security rules.
KICS
An open-source static analysis tool from Checkmarx that scans IaC for security vulnerabilities, compliance issues, and misconfigurations.
Terrascan
An open-source static code analyzer for IaC that helps detect security and compliance violations.
KICS
An open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in IaC.
cfn-lint
An open-source linter from AWS for validating CloudFormation templates.
Terragrunt
A wrapper for Terraform that helps manage complex infrastructure by keeping code DRY and managing remote state.
Ansible Lint
A command-line tool for linting Ansible playbooks, roles, and collections.
Terratest
A Go library that provides patterns and helper functions for writing automated tests for infrastructure code.
Ansible Lint
A command-line tool for linting Ansible playbooks, roles, and collections.
Terratest
A Go library that provides patterns and helper functions for testing infrastructure, with first-class support for Terraform.
cfn-lint
An open-source linter from AWS for validating CloudFormation templates.
Ansible Lint
A command-line tool for linting Ansible playbooks, roles, and collections.
TFLint
A linter for Terraform that focuses on best practices, style conventions, and detecting potential errors.
Kyverno
A policy engine designed specifically for Kubernetes, allowing you to manage and validate configurations as policies.
Terratest
A Go library that provides patterns and helper functions for writing automated tests for infrastructure code.
Regula
A tool that evaluates IaC for security misconfigurations and compliance violations, powered by Open Policy Agent.
Regula
An open-source tool by Fugue (now Snyk) that checks IaC for misconfigurations using Rego.
Conftest
A utility to help you write tests against structured configuration files using the Rego language.
TFLint
A linter for Terraform that checks for errors, best practices, and naming conventions.
tflint
A linter for Terraform that focuses on checking for potential errors, best practices, and enforcing conventions.
Atlantis
An open-source, self-hosted application for automating Terraform via pull requests, enabling a GitOps workflow.
OPA Gatekeeper
A Kubernetes-native admission controller that enforces policies created with Open Policy Agent (OPA).
Terragrunt
A CLI tool that acts as a thin wrapper on Terraform to help manage complex projects by keeping code DRY and managing remote state.
driftctl
A CLI tool that scans cloud environments, compares them to your IaC state, and reports any unmanaged resources or drift.
Kubeval
A tool for validating Kubernetes configuration files against the official Kubernetes OpenAPI schemas.
Regula
An open-source tool that evaluates Terraform and CloudFormation for security misconfigurations and compliance with standards like CIS.
conftest
A utility that uses the Rego language from Open Policy Agent to write tests against configuration files, including Terraform.
kitchen-terraform
A set of plugins for the Test Kitchen framework that enables integration and acceptance testing of Terraform code.
Terratag
An open-source CLI tool from env0 that helps manage and apply tags to all resources within a Terraform project.
Yor
An open-source tool that automatically adds tags to IaC files, enriching them with context like git repository and commit details.
Kube-score
A static analysis tool for Kubernetes that checks manifests for reliability and security best practices.
Terratest
A Go library that provides patterns and helper functions for writing automated tests for infrastructure code.
AWS CloudFormation Guard
An open-source policy as code tool for checking compliance of AWS CloudFormation templates and other structured data.
KICS
An open-source solution for static analysis of IaC, finding security vulnerabilities, compliance issues, and misconfigurations.
tfsec
An open-source static analysis tool that scans Terraform templates for security misconfigurations.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine that can be used to enforce policies on IaC.
Regula
An open-source tool that checks Terraform and CloudFormation templates for compliance with controls from frameworks like CIS.
cfn-lint
An AWS-supported open-source tool for linting and validating AWS CloudFormation templates.
KubeLinter
An open-source static analysis tool for Kubernetes manifests and Helm charts, checking for best practices.
Ansible-lint
A command-line tool for linting Ansible playbooks, roles, and collections.
Puppet-lint
A tool that validates Puppet code against the official Puppet language style guide.
Terragrunt
A tool to keep Terraform code DRY (Don't Repeat Yourself) by managing remote state and locking configurations.
CloudQuery
An open-source tool that extracts, transforms, and loads cloud asset data into databases for analysis.
Terratest
A Go library for writing automated tests for Infrastructure as Code, not a linter but a testing framework.
OPA Gatekeeper
A Kubernetes admission controller that enforces policies created with Open Policy Agent (OPA).
driftctl
An open-source CLI that detects, tracks, and alerts on infrastructure drift.