Continuous Terraform security and compliance
Infrastructure as code (IaC) frameworks like Terraform make it easy to scale infrastructure quickly and consistently across providers and cloud environments. Terraform adds another layer of abstraction to building and managing cloud resources, and without the right approach, can actually end up introducing new risks.
Bridgecrew makes it easy to enforce cloud security and compliance policies in Terraform with continuous code scanning to prevent misconfigured cloud resources from being deployed.
Terraform security 101
Because it introduces additional layers of configuration and abstraction to provisioning cloud resources, Terraform presents new risks, as well as opportunities to automate and codify cloud security.
Terraform security risks
Oftentimes, Terraform modules are built with functionality and performance in mind, and security gets left behind. If misconfigured Terraform modules are applied, misconfigurations can make their way to the cloud, introducing risk. In order to prevent misconfigurations, a proactive approach to cloud security is crucial.
Codified security opportunity
For all its risks, Terraform also presents a unique opportunity to make cloud security more proactive. By embedding cloud security feedback and guardrails earlier in the development lifecycle through continuous and automated scanning, you can actually prevent misconfigurations from being deployed.
Cloud DevSecOps Workshop with Terraform
Get hands-on experience building a security automation workflow using Terraform, Bridgecrew, and your favorite developer tools.
How it works
Scan your Terraform to secure your cloud
Through an ecosystem of plugins and integrations, Bridgecrew embeds across the development lifecycle to surface security feedback early and provide actionable code fixes.
Connect your VCS Terraform repositories to instantly start scanning for security issues and misconfigurations.
Leverage Terraform Cloud Run Tasks to enforce Bridgecrew policies between the plan and apply stages.
Embed hundreds of security policies on top of Sentinel, Terraform’s policy-as-code engine.
Codified and automated Terraform security
Enforce cloud security best practices
Terraform policies and fixes across AWS, Google Cloud, and Azure
Get deep Terraform module coverage
Graph-based policies for dependent module scanning and fixes
Embed security into your workflow
Integrated into developer tools including Terraform Cloud
Get started with Bridgecrew for Terraform
Sign up for a free 14-day Bridgecrew trial or get a Prisma Cloud Code Security demo.
Learn more about Terraform security best practices
Basic Terraform security best practices
Learn basic best practices to start automating and streamlining your Terraform security.
4 supply chain risks in Terraform
Find out how to prevent these software supply chain risks within your Terraform templates.
Advanced Terraform security tips
Get these advanced security best practices to level up your Terraform security methodology.