Get a live demo of some examples using tfsec to catch Terraform misconfigurations by the maintainers of the project.
You've heard the stories: S3 buckets, Elasticsearch services, Google buckets, and other cloud resources provisioned while being completely open to the internet. tfsec is a popular, open source, static analysis tool for Terraform code that can alert you before these kinds of mistakes are made.
Owen Rumney from Aqua Security will spend most of this talk demoing tfsec to identify potential issues early in your Terraform workflow and in your CI/CD pipelines. You'll learn:
What constitutes a misconfiguration or sub-optimal configuration?
How can the risks be mitigated
Using tfsec static analysis for Terraform
Using tfsec in a GitHub pipeline
Shifting left and discovering issues before they leave the developers' machines
To see some of the code used in this demo, check out Owen's GitHub repository.