Image Credit: Pixabay on Pexels

Securing Terraform and You, Part 3

 By Morgan Lucas

This is a post intended for this site, as a way to get a feel of using it consistently. Older posts are here.


I went back to tfsec after seeing the simple start guide posted here, by Liam Galvin at Ghost Security.

There are two aspects of my code: 

 The initial guide only has "don't allow buckets that are exactly named this", but that's all I needed to actually get going!

Troubleshooting using Trivy and Terraform

The problems could have been;

Remember - tfsec has been bought by Aqua Security, the people behind Trivy; This code could probably work if I put in the correct metadata tags and use the right command.

Q&A

You went back and forth between two programs (tfsec and Trivy) - Why did you stick with coding this solution in rego instead of another language that was compatible with the software?

 

 Probably sunk cost fallacy and feeling that rego, even with its difficulty, was easier to read for me to read as code than Python is.

Part 1 | Part 2 | Part 3