Here is the markdown description:

TFSEC

Pricing information

Including values from .tfvars

You can include values from a tfvars file in the scan, using, for example: --tfvars-file terraform.tfvars.

Included Checks

tfsec supports many popular cloud and platform providers

Checks
AWS Checks
Azure Checks
GCP Checks
CloudStack Checks
DigitalOcean Checks
GitHub Checks
Kubernetes Checks
OpenStack Checks
Oracle Checks

Running in CI

tfsec is designed for running in a CI pipeline. You may wish to run tfsec as part of your build without coloured output. You can do this using --no-colour (or --no-color for our American friends).

Output options

You can output tfsec results as JSON, CSV, Checkstyle, Sarif, JUnit or just plain old human-readable format. Use the --format flag to specify your desired format.

GitHub Security Alerts

If you want to integrate with Github Security alerts and include the output of your tfsec checks you can use the tfsec-sarif-action Github action to run the static analysis then upload the results to the security alerts tab.

Support for older terraform versions

If you need to support versions of terraform which use HCL v1 (terraform <0.12), you can use v0.1.3 of tfsec, though support is very limited and has fewer checks.

Contributing

We always welcome contributions; big or small, it can be documentation updates, adding new checks or something bigger. Please check the Contributing Guide for details on how to help out.

Some People who have contributed

Made with contributors-img.

tfsec is an Aqua Security open source project. Learn about our open source work and portfolio here. Join the community, and talk to us about any matter in GitHub Discussion or Slack.

> Visit TFSec Website <