The objective is to create a pipeline to automate the security analysis and execution of infrastructure as code (terraform). The terraform code is just a sample that can be used to perform Checkov analysis.
Checkov is a tool that perform security analysis on terraform code. Using it before environment creation can bring helpfull insites
The terraform code used to demostrate Checkov creates an ECS/Fargate cluster and all the necessary associated resources (e.g. networking, policies)
This demo is used in a pipeline that runs automaticaly every time there is a code commit in the git repository (AWS CodeCommit). The pipeline uses Checkov to analise terraform code and requests a validation of the security team to continue with environment creation/change
See CONTRIBUTING for more information.
This library is licensed under the MIT-0 License. See the LICENSE file.