oowy/tfsec
Tfsec Docker image base on Alpine linux, for efficient container management.
50K+
Maintained by:
Oowy team
Where to get help:
the Docker Community Slack, Server Fault, Unix & Linux, or Stack Overflow
Based on Alpine Linux 3.19
latest
1.28.11-alpine3.19
1.28.10-alpine3.19
1.28.9-alpine3.19
1.28.8-alpine3.19
1.28.6-alpine3.19
1.28.5-alpine3.19
1.28.4-alpine3.19
1.28.3-alpine3.19
1.28.2-alpine3.19
1.28.1-alpine3.19
1.28.0-alpine3.19
Based on Alpine Linux 3.18
1.28.11-alpine3.18
1.28.10-alpine3.18
1.28.9-alpine3.18
1.28.8-alpine3.18
1.28.6-alpine3.18
1.28.5-alpine3.18
1.28.4-alpine3.18
1.28.3-alpine3.18
1.28.2-alpine3.18
1.28.1-alpine3.18
1.28.0-alpine3.18
amd64
, arm64v8
Tfsec is an open-source, static analysis (also known as code scanning) tool specifically designed for Terraform files. Terraform is a popular Infrastructure as Code (IaC) tool used to provision, manage, and maintain cloud infrastructure through configuration files. Tfsec analyzes these Terraform files to catch potential security issues before deployment, helping to identify and fix potential vulnerabilities.
The team publishes a Docker image to this repository for each official release of Tfsec. Each versioned image includes the Tfsec release with the same version number.
These images wrap the Tfsec executable, allowing you to run Tfsec subcommands by passing in their names and arguments as part of docker run.
For example, the command below uses the 'latest' tag to generate a 'plan' using the most recent version of Tfsec:
docker run -i -t oowy/tfsec:latest
Note that for production use, we recommend specifying a specific version instead of using latest.
You will likely need to further configure your container so that Tfsec can access your configuration files and provider credentials. This could include mounting your configuration into the container, setting the working directory to refer to your configuration, and passing in environment variables and credentials files for the providers you intend to use. The docker run documentation lists the options you can use to customize the container environment. You could also use these images as a base for your own images. For example, this would be helpful if you wanted to to pre-set CLI Configuration settings as part of your image.
Open issues about Tfsec binary on the main Tfsec repository.
docker pull oowy/tfsec