ValidIaC combines the best open-source tools to help ensure Terraform best practices, hygiene & security.
- Lint - Lint your Terraform HCL files with tflint
- Secure - Scan your Terraform templates for security vulnerabilities with tfsec
- Cost - Get a breakdown of your cloud costs with infracost
- Map - Chart a map of your cloud infrastructure with inframap
ValidIaC is an open-source solution, so please feel free to add more capabilities or tools :)
A free online instance of ValidIaC is available for anyone to use at https://www.validiac.com. The program can both be deployed as an AWS Lambda function, or be used directly from the command line.
- AWS CLI with access to your AWS
- Yarn
- NPM
- Serverless CLI
- Golang v1.17
The validiac binary can be used in three different ways:
- As a CLI utility.
- As an HTTP server.
- As an AWS Lambda handler.
To compile the binary:
- Download dependencies with
make deps - Build validiac with
make build - Run validiac:
bin/validiac --help
Other make tasks:
- run unit tests:
make test - run static code analysis:
make lint(requires golangci-lint) - clean validiac binary:
make clean - clean all binaries, including dependencies:
make clean-all
The versions used for the four base tools are defined in the Makefile. Simply change the version number of the relevant tool and rebuild (the validiac binary will need to be rebuilt as well).