Bridgecrew Open Source Projects

At Bridgecrew, we love automating solutions for manual and repetitive issues. We also love open source—we’re the proud creators of several open-source tools and contribute to a slew of others.

Our open-source tools

So far we’ve built three tools in the IaC space. Used together or in isolation, each promotes IaC best practices with a focus on security and compliance.

Checkov scans IaC templates written in Terraform, CloudFormation, Serverless Framework, Kubernetes, and Helm. It’s designed to be fully extensible to help identify misconfigurations in build-time before cloud resources get deployed.

AirIAM transforms AWS IAM policies into right-sized Terraform configuration. With AirIAM you can identify unused roles and groups, over-privileged users, and more to help to be and maintain the principle of least-privilege.

Yor automatically tags IaC templates with tags that get carried to cloud resources. With built-in trace and attribution tags and the ability to write custom taggers, Yor helps with triaging incidents, risk management, cost allocation, and more.

Our open-source training projects

Our IaC training projects are designed to help you learn what misconfigurations look like and how to prevent them in your own codebase.

We're better together

The Bridgecrew platform is built on top of our open-source projects and made better by the community's contributions.

  • Powered by Checkov’s ever-growing index of IaC policies across frameworks and clouds.
  • Extends infrastructure security from code to cloud made enabled by Yor tracing IDs.
  • Enforces least-privilege IAM with the help of AirIAM’s right-sizing technology.

Get started with Bridgecrew

Bridgecrew is free to get started