Most modern software systems are using infrustructure as code (IaC) tools. Using IaC tools, DevOps can describe their infrustructure in a declerative and structured way, enabling easy and consistent provisioning / deployments.
Keeping your infrustructure described through code enables you to easily consume it - review, fix and track changes. Mistakes can still be made using IaC, but at least it's easier for automatic tools to find them, which is where we come in.
Spectral IaC scans your IaC files and notifies about misconfigurations that expose your infrustructure in any way. We support a variaty of policies - AWS, Google, Azure, k8s and more. For each such misconfiguration we provide details such as the resource being misconfigured and remediation advice.
To run Spectral IaC:
spectral scan --include-tags iac
Updated 11 months ago