📋 IaC Validation

Infracost

Cloud cost estimates for Terraform in pull requests. Shift FinOps Left!

A tool that shows cloud cost estimates for IaC changes, helping engineers understand the cost impact of their work.

For more tool information ➜

Open Policy Agent (OPA)

Policy-based control for cloud native environments.

An open-source, general-purpose policy engine that unifies policy enforcement across the stack.

For more tool information ➜

Datree

Prevent misconfigurations from reaching production.

A CLI tool for preventing misconfigurations in Kubernetes manifests by running automated checks.

For more tool information ➜

env0

The complete infrastructure as code (IaC) platform to manage all of your cloud environments.

An automation platform for IaC that includes policy-as-code and cost management features.

For more tool information ➜

Scalr

The Terraform Automation & Collaboration Platform.

A Terraform automation and collaboration platform with built-in policy-as-code and governance features.

For more tool information ➜

Wiz

The Cloud Security Platform.

A comprehensive cloud security platform that includes IaC scanning as part of its broader capabilities.

For more tool information ➜

Orca Security

The Cloud Security Platform You Can Actually Use.

An agentless cloud security platform that includes shift-left capabilities like IaC security scanning.

For more tool information ➜

tfsec

A static analysis security scanner for your Terraform code.

An open-source static analysis tool for finding security misconfigurations in Terraform code.

For more tool information ➜

Snyk Infrastructure as Code

Find and fix security issues in your Terraform, CloudFormation, Kubernetes, and ARM templates.

A developer-focused tool for finding and fixing security misconfigurations in IaC files.

For more tool information ➜

Trivy

All-in-one, comprehensive security scanner.

A versatile security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in containers, IaC, and more.

For more tool information ➜

Checkov

Prevent cloud misconfigurations during build-time with Checkov, the static analysis tool for infrastructure as code.

An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigurations.

For more tool information ➜

Terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning.

An open-source static code analyzer for IaC that helps detect security and compliance violations.

For more tool information ➜

KICS

Keeping Infrastructure as Code Secure.

An open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in IaC.

For more tool information ➜

Chef InSpec

Turn your compliance, security, and other policy requirements into code.

An open-source testing framework for infrastructure with a human-readable language for specifying compliance and security rules.

For more tool information ➜

TFLint

A Pluggable Terraform Linter.

A linter for Terraform that focuses on best practices, style conventions, and detecting potential errors.

For more tool information ➜

Kyverno

Kubernetes Native Policy Management.

A policy engine designed specifically for Kubernetes, allowing you to manage and validate configurations as policies.

For more tool information ➜

Terratest

The ultimate testing library for infrastructure code.

A Go library that provides patterns and helper functions for writing automated tests for infrastructure code.

For more tool information ➜

Regula

Policy-as-Code for Terraform, CloudFormation, and Kubernetes.

A tool that evaluates IaC for security misconfigurations and compliance violations, powered by Open Policy Agent.

For more tool information ➜

Conftest

Write tests against structured configuration data.

A utility to help you write tests against structured configuration files using the Rego language.

For more tool information ➜

Kubeval

Validate your Kubernetes configuration files.

A tool for validating Kubernetes configuration files against the official Kubernetes OpenAPI schemas.

For more tool information ➜

Kube-score

A tool that performs static code analysis of your Kubernetes object definitions.

A static analysis tool for Kubernetes that checks manifests for reliability and security best practices.

For more tool information ➜

Ansible Lint

Checks playbooks for practices and behavior that could potentially be improved.

A command-line tool for linting Ansible playbooks, roles, and collections.

For more tool information ➜

cfn-lint

Validate CloudFormation templates against the AWS CloudFormation resource specification.

An open-source linter from AWS for validating CloudFormation templates.

For more tool information ➜

Terragrunt

A thin wrapper for Terraform that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state.

A wrapper for Terraform that helps manage complex infrastructure by keeping code DRY and managing remote state.

For more tool information ➜