Terrascan - Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure

Terrascan - Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure
2020-12-02 05:30:00 Author: www.blogger.com(查看原文) 阅读量:148 收藏

tag:blogger.com,1999:blog-8317222231133660547.post-9572220107665866782020-12-01T17:30:00.001-03:002020-12-01T17:30:07.935-03:00Terrascan - Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-J43lE5Mob-8/X8XCwy2VdHI/AAAAAAAAUgk/uC2Gkf16wgoRp0IIZ189Y5ymsr2FWY1NACNcBGAsYHQ/s1007/terrascan.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="330" data-original-width="1007" height="210" src="https://1.bp.blogspot.com/-J43lE5Mob-8/X8XCwy2VdHI/AAAAAAAAUgk/uC2Gkf16wgoRp0IIZ189Y5ymsr2FWY1NACNcBGAsYHQ/w640-h210/terrascan.png" width="640" /></a></div> Detect <a href="https://www.kitploit.com/search/label/Compliance" target="_blank" title="compliance">compliance</a> and security violations across Infrastructure as Code to mitigate risk before <a href="https://www.kitploit.com/search/label/Provisioning" target="_blank" title="provisioning">provisioning</a> <a href="https://www.kitploit.com/search/label/Cloud%20Native" target="_blank" title="cloud native">cloud native</a> infrastructure. <ul> <li>GitHub Repo: <a href="https://github.com/accurics/terrascan" rel="nofollow" target="_blank" title="https://github.com/accurics/terrascan">https://github.com/accurics/terrascan</a></li> <li>Documentation: <a href="https://docs.accurics.com" rel="nofollow" target="_blank" title="https://docs.accurics.com">https://docs.accurics.com</a></li> <li>Discuss: <a href="https://community.accurics.com" rel="nofollow" target="_blank" title="https://community.accurics.com">https://community.accurics.com</a></li></ul><a name='more'></a><div> </div>Features <ul> <li>500+ Policies for security best practices</li> <li>Scanning of Terraform 12+ (HCL2)</li> <li>Scanning of <a href="https://www.kitploit.com/search/label/Kubernetes" target="_blank" title="Kubernetes">Kubernetes</a> (JSON/YAML), Helm v3, and Kustomize v3</li> <li>Support for AWS, Azure, GCP, Kubernetes and GitHub</li> </ul> Installing Terrascan's binary for your architecture can be found on the <a href="https://github.com/accurics/terrascan/releases" rel="nofollow" target="_blank" title="releases">releases</a> page. Here's an example of how to install it: <div><pre><code>$ curl --location https://github.com/accurics/terrascan/releases/download/v1.2.0/terrascan_1.2.0_Darwin_x86_64.tar.gz --output terrascan.tar.gz $ tar -xvf terrascan.tar.gz x CHANGELOG.md x LICENSE x README.md x terrascan $ install terrascan /usr/local/bin $ terrascan</code></pre></div> If you have go installed, Terrascan can be installed with <code>go get</code> <pre><code>$ export GO111MODULE=on $ go get -u github.com/accurics/terrascan/cmd/terrascan go: downloading github.com/accurics/terrascan v1.2.0 go: found github.com/accurics/terrascan/cmd/terrascan in github.com/accurics/terrascan v1.2.0 ... $ terrascan </code></pre> Install via <code>brew</code> <a href="https://brew.sh/" rel="nofollow" target="_blank" title="Homebrew">Homebrew</a> users can install by: <div><pre><code>$ brew install terrascan</code></pre></div> Docker Terrascan is also available as a Docker image and can be used as follows <div><pre><code>$ docker run accurics/terrascan</code></pre></div> Building Terrascan Terrascan can be built locally. This is helpful if you want to be on the latest version or when developing Terrascan. <div><pre><code>$ git clone [email protected]:accurics/terrascan.git $ cd terrascan $ make build $ ./bin/terrascan</code></pre></div> Getting started To scan your code for security issues you can run the following (defaults to scanning Terraform). <div><pre><code>$ terrascan scan</code></pre></div> Terrascan will exit 3 if any issues are found. The following commands are available: <div><pre><code>$ terrascan Terrascan An advanced IaC (Infrastructure-as-Code) file scanner written in Go. Secure your cloud deployments at design time. For more information, please visit https://www.accurics.com Usage: terrascan [command] Available Commands: help Help about any command init Initialize Terrascan scan Scan IaC (Infrastructure-as-Code) files for vulnerabilities. server Run Terrascan as an API server Flags: -c, --config-path string config file path -h, --help help for terrascan -l, --log-level string log level (debug, info, warn, error, panic, fatal) (default "info") -x, --log-type string log output type (console, json) (default "console") -o, --output-type string output type (json, yaml, xml) (default "yaml") -v, --version version for terrascan Use "terrascan [command] --help" for more information about a command.</code></pre></div> Documentation To learn more about Terrascan check out the documentation <a href="https://docs.accurics.com" rel="nofollow" target="_blank" title="https://docs.accurics.com">https://docs.accurics.com</a> where we include a getting started guide, Terrascan's architecture, a breakdown of it's commands, and a deep dive into policies. Developing Terrascan To learn more about developing and contributing to Terrascan refer to the <a href="https://github.com/accurics/terrascan/blob/master/CONTRIBUTING.md" rel="nofollow" target="_blank" title="contributing guide">contributing guide</a>. <div style="text-align: center;"><a class="kiploit-download" href="https://github.com/accurics/terrascan" rel="nofollow" target="_blank" title="Download Terrascan">Download Terrascan</a></div>Zion3R[email protected]

文章来源: http://www.blogger.com/feeds/8317222231133660547/posts/default/957222010766586678
如有侵权请联系:admin#unsafe.sh