oowy/tfsec

By oowy

Updated 3 days ago

Tfsec Docker image base on Alpine linux, for efficient container management.

Image
Security

50K+

Quick reference

Supported tags

Based on Alpine Linux 3.19

  • latest
  • 1.28.11-alpine3.191.28.10-alpine3.191.28.9-alpine3.191.28.8-alpine3.191.28.6-alpine3.191.28.5-alpine3.191.28.4-alpine3.191.28.3-alpine3.191.28.2-alpine3.191.28.1-alpine3.191.28.0-alpine3.19

Based on Alpine Linux 3.18

  • 1.28.11-alpine3.181.28.10-alpine3.181.28.9-alpine3.181.28.8-alpine3.181.28.6-alpine3.181.28.5-alpine3.181.28.4-alpine3.181.28.3-alpine3.181.28.2-alpine3.181.28.1-alpine3.181.28.0-alpine3.18

Quick reference (cont.)

  • Supported architectures: amd64, arm64v8

What is Tfsec?

Tfsec is an open-source, static analysis (also known as code scanning) tool specifically designed for Terraform files. Terraform is a popular Infrastructure as Code (IaC) tool used to provision, manage, and maintain cloud infrastructure through configuration files. Tfsec analyzes these Terraform files to catch potential security issues before deployment, helping to identify and fix potential vulnerabilities.

Tfsec Docker Images

The team publishes a Docker image to this repository for each official release of Tfsec. Each versioned image includes the Tfsec release with the same version number.

These images wrap the Tfsec executable, allowing you to run Tfsec subcommands by passing in their names and arguments as part of docker run.

For example, the command below uses the 'latest' tag to generate a 'plan' using the most recent version of Tfsec:

  docker run -i -t oowy/tfsec:latest

Note that for production use, we recommend specifying a specific version instead of using latest.

Configuration

You will likely need to further configure your container so that Tfsec can access your configuration files and provider credentials. This could include mounting your configuration into the container, setting the working directory to refer to your configuration, and passing in environment variables and credentials files for the providers you intend to use. The docker run documentation lists the options you can use to customize the container environment. You could also use these images as a base for your own images. For example, this would be helpful if you wanted to to pre-set CLI Configuration settings as part of your image.

Community

Open issues about Tfsec binary on the main Tfsec repository.

Docker Pull Command

docker pull oowy/tfsec