Continuous Terraform security and compliance

Infrastructure as code (IaC) frameworks like Terraform make it easy to scale infrastructure quickly and consistently across providers and cloud environments. Terraform adds another layer of abstraction to building and managing cloud resources, and without the right approach, can actually end up introducing new risks.

Bridgecrew makes it easy to enforce cloud security and compliance policies in Terraform with continuous code scanning to prevent misconfigured cloud resources from being deployed.

Get started for free

Our approach

Terraform security 101

Because it introduces additional layers of configuration and abstraction to provisioning cloud resources, Terraform presents new risks, as well as opportunities to automate and codify cloud security.

Terraform security risks

Oftentimes, Terraform modules are built with functionality and performance in mind, and security gets left behind. If misconfigured Terraform modules are applied, misconfigurations can make their way to the cloud, introducing risk. In order to prevent misconfigurations, a proactive approach to cloud security is crucial.

Codified security opportunity

For all its risks, Terraform also presents a unique opportunity to make cloud security more proactive. By embedding cloud security feedback and guardrails earlier in the development lifecycle through continuous and automated scanning, you can actually prevent misconfigurations from being deployed.

Cloud DevSecOps Workshop with Terraform

Get hands-on experience building a security automation workflow using Terraform, Bridgecrew, and your favorite developer tools.

Check out the workshop

How it works

Scan your Terraform to secure your cloud

Through an ecosystem of plugins and integrations, Bridgecrew embeds across the development lifecycle to surface security feedback early and provide actionable code fixes.

Terraform

Connect your VCS Terraform repositories to instantly start scanning for security issues and misconfigurations.

Learn more →

Terraform Cloud

Leverage Terraform Cloud Run Tasks to enforce Bridgecrew policies between the plan and apply stages.

Learn more →

Terraform Enterprise

Embed hundreds of security policies on top of Sentinel, Terraform’s policy-as-code engine.

Learn more →

Platform

Codified and automated Terraform security

Enforce cloud security best practices

Terraform policies and fixes across AWS, Google Cloud, and Azure

Get deep Terraform module coverage

Graph-based policies for dependent module scanning and fixes

Embed security into your workflow

Integrated into developer tools including Terraform Cloud

Screenshot of Bridgecrew platform showing IaC security results

Get started with Bridgecrew for Terraform

Sign up for a free 14-day Bridgecrew trial or get a Prisma Cloud Code Security demo.

Start a free trial Request a demo

Resources

Learn more about Terraform security best practices

Basic Terraform security best practices

Learn basic best practices to start automating and streamlining your Terraform security.

4 supply chain risks in Terraform

Find out how to prevent these software supply chain risks within your Terraform templates.

Advanced Terraform security tips

Get these advanced security best practices to level up your Terraform security methodology.
Read more on our blog