https://pulumi.com logo
Title
f

fast-island-38778

11/25/2022, 7:13 AM
Does Pulumi have a security scanner such as tfsec? https://github.com/aquasecurity/tfsec
m

many-telephone-49025

11/26/2022, 11:20 AM
You can use Trivy/Grype to scan for vulnerabilities in you programming language. And you can use Pulumi Policy as Code (CrossGuard https://www.pulumi.com/docs/guides/crossguard/) to check for best practices / compliance and security violations. There is also also AWSGuard support (https://www.pulumi.com/docs/guides/crossguard/awsguard/) I also thought about to transform some of the AquaSec rules (https://github.com/aquasecurity/defsec) from their engine they use in Trivy and tfsec.