No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

You can use Trivy/Grype to scan for vulnerabilities in you programming language. And you can use Pulumi Policy as Code (CrossGuard <https://www.pulumi.com/docs/guides/crossguard/>) to check for best practices / compliance and security violations.

There is also also AWSGuard support (<https://www.pulumi.com/docs/guides/crossguard/awsguard/>)

I also thought about to transform some of the AquaSec rules (<https://github.com/aquasecurity/defsec>) from their engine they use in Trivy and tfsec.