Writing Terraform configurations is like writing any programming language; you must ensure your code is formatted correctly, linted, validated, and secure.
Formatting: This is similar to running prettier to adhere to a standard format, making the configurations more readable.
Linting with tflint
: The tflint tool will scan for configuration errors and unused resource declarations and enforce naming conventions. There are rulesets for each of the major cloud providers (AWS, GCP, Azure).
Security check with tfsec
/trivy: The tfsec tool scans for misconfigurations and, more importantly, to see if secrets such as access keys or tokens are included in the Terraform.
Validation: Before deploying your Terraform configurations, let's make sure everything is in order. This step will check the syntax and whether the configuration is internally consistent.
Designed to work with zsh, this script will run the above steps:
You can use it as a git pre-commit hook if you setup the TFLINT_CONFIG
variable.
Top comments (0)