tenable/terrascan
Terrascan is a static code analyzer for Infrastructure as Code. Terrascan allows you to:
Using the Terrascan docker image to scan the current directory
$ docker run -v `pwd`:`pwd` -w `pwd` accurics/terrascan scan .
Running Terrascan in server mode
$ docker run --rm --name terrascan -p 9010:9010 accurics/terrascan
Accessing Terrascan's help command
$ docker run accurics/terrascan help
Terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
For more information, please visit https://docs.accurics.com
Usage:
terrascan [command]
Available Commands:
help Help about any command
init Initializes Terrascan and clones policies from the Terrascan GitHub repository.
scan Detect compliance and security violations across Infrastructure as Code.
server Run Terrascan as an API server
version Terrascan version
Flags:
-c, --config-path string config file path
-h, --help help for terrascan
-l, --log-level string log level (debug, info, warn, error, panic, fatal) (default "info")
-x, --log-type string log output type (console, json) (default "console")
-o, --output string output type (human, json, yaml, xml, junit-xml, sarif, github-sarif) (default "human")
--temp-dir string temporary directory path to download remote repository,module and templates
Use "terrascan [command] --help" for more information about a command.
Refer to the Terrascan documentation for more details.
A docker image is published and tagged for each release of Terrascan's releases.
The latest
tag will container the latest changes in Terrascan's default branch. Using latest
is not recommended for production.
docker pull tenable/terrascan