πŸ—‚οΈ Navigation
πŸ“ Infrastructure as Code
πŸ“‹ Infrastructure Linting

πŸ“‹ Infrastructure Linting

22 tools compared

πŸ”§ Tools in Infrastructure Linting

Kubescape

The first open-source tool for testing if Kubernetes is deployed securely.

An open-source Kubernetes security platform for risk analysis, security compliance, and misconfiguration scanning.

For more tool information ➜

Infracost

Cloud cost estimates for Terraform in pull requests.

A tool that shows cloud cost estimates for infrastructure changes before they happen, integrating with CI/CD.

For more tool information ➜

Datree

Prevent Kubernetes misconfigurations from reaching production.

A CLI tool that runs automated checks on Kubernetes configuration files to ensure they follow policies and best practices.

For more tool information ➜

Snyk IaC

Find and fix security issues in your Terraform, CloudFormation, Kubernetes, and Azure Resource Manager configurations.

An IaC security tool that finds and fixes misconfigurations in cloud native application infrastructure.

For more tool information ➜

Checkov

Prevent cloud misconfigurations during build-time.

An open-source static analysis tool for scanning Infrastructure as Code (IaC) files for misconfigurations.

For more tool information ➜

Trivy

A comprehensive and versatile security scanner.

A versatile security scanner that finds vulnerabilities, IaC misconfigurations, and secrets in various targets.

For more tool information ➜

Prisma Cloud (by Palo Alto Networks)

The industry’s most complete Cloud-Native Application Protection Platform (CNAPP).

A comprehensive CNAPP that includes IaC scanning, cloud security posture management, and workload protection.

For more tool information ➜

SonarQube

The essential tool for Code Quality and Code Security.

A leading static analysis platform that supports IaC scanning for Terraform, CloudFormation, Kubernetes, and more.

For more tool information ➜

TFLint

A Pluggable Terraform Linter.

A linter focused on finding possible errors, best practice deviations, and enforcing naming conventions in Terraform code.

For more tool information ➜

Terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

An open-source static code analyzer that scans IaC for security vulnerabilities and compliance violations.

For more tool information ➜

KICS

Keeping Infrastructure as Code Secure.

An open-source solution for static analysis of IaC, finding security vulnerabilities, compliance issues, and misconfigurations.

For more tool information ➜

tfsec

Security scanner for your Terraform code.

An open-source static analysis tool that scans Terraform templates for security misconfigurations.

For more tool information ➜

Open Policy Agent (OPA)

Policy-based control for cloud native environments.

An open-source, general-purpose policy engine that can be used to enforce policies on IaC.

For more tool information ➜

Regula

A tool that evaluates infrastructure as code for security misconfigurations and compliance violations.

An open-source tool that checks Terraform and CloudFormation templates for compliance with controls from frameworks like CIS.

For more tool information ➜

cfn-lint

Validate CloudFormation templates against the AWS CloudFormation Resource Specification.

An AWS-supported open-source tool for linting and validating AWS CloudFormation templates.

For more tool information ➜

KubeLinter

A static analysis tool that checks Kubernetes YAML files and Helm charts for production readiness and security best practices.

An open-source static analysis tool for Kubernetes manifests and Helm charts, checking for best practices.

For more tool information ➜

Ansible-lint

Checks playbooks for practices and behavior that could potentially be improved.

A command-line tool for linting Ansible playbooks, roles, and collections.

For more tool information ➜

Puppet-lint

Check your Puppet manifests for style guide conformity.

A tool that validates Puppet code against the official Puppet language style guide.

For more tool information ➜

Terragrunt

A thin wrapper for Terraform that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state.

A tool to keep Terraform code DRY (Don't Repeat Yourself) by managing remote state and locking configurations.

For more tool information ➜

CloudQuery

The open-source cloud asset inventory powered by SQL.

An open-source tool that extracts, transforms, and loads cloud asset data into databases for analysis.

For more tool information ➜

Terratest

A Go library that provides patterns and helper functions for testing infrastructure, with first-class support for Terraform, Packer, Docker, and more.

A Go library for writing automated tests for Infrastructure as Code, not a linter but a testing framework.

For more tool information ➜

OPA Gatekeeper

Policy Controller for Kubernetes.

A Kubernetes admission controller that enforces policies created with Open Policy Agent (OPA).

For more tool information ➜