Presentation

Shifting Terraform Configuration Security Left

Published 8:00 AM UTC Feb 26, 2020

Try some static analysis of your Terraform code.

How do you know if the HCL you're writing will result in secure infrastructure? How can you write tests to catch common problems? One of the advantages of infrastructure as code is that you can reason about the code before you run it. In this talk Gareth Rushgrove will look at the area of configuration security, discuss some of the issues around static analysis of Terraform, and look at some open source tools that can help with testing your Terraform code.

Slides here

Sign up for the latest HashiCorp news

More resources like this one

3/15/2023Presentation

Advanced Terraform techniques

2/3/2023Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

2/1/2023Case Study

Should My Team Really Need to Know Terraform?

1/20/2023Case Study

Packaging security in Terraform modules

View all resources