Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
4ee5e04 Accept notification webhook configs as CLI args (#1042) 056c30c Add support for getting line numbers for all attributes (#1055) 474f1b6 Add support for repo-url and branch name in CLI flags and scan output (#1059) 0719c9c Fix notification webhook flow (#1051) f81d81f Update atlantis base image (#1054) a3e7161 Update mkdocs from 1.2.2 to 1.2.3 (#1058) 1b60b11 Update mkdocs-material from 7.3.2 to 7.3.3 (#1057) 9c89ec1 Update mkdocs-material from 7.3.3 to 7.3.4 (#1060) 743756d release v1.12.0 (#1066) 835f90b update container image version in helm and kustomize sources (#1050)
eaf5927 Adds additional dockerfile policies (#984) b6337a0 Adds: e2e tests for vulnerability (#1009) 56b6964 Adds: support for harbor registry vulnerability fetching (#1015) de98118 Optimized disk encryption check code. (#1037) b11c43a Update README.md with instsall instructions for ArchLinux / Manjaro (#1011) a400d98 Update docs for AWS.LambdaFunction.Logging.Low.0472 policy (#1027) 683be27 Update mkdocs-material from 7.2.4 to 7.2.6 (#1012) ec87a48 Update mkdocs-material from 7.2.6 to 7.3.2 (#1043) c11052e accepted 2xx in response code as success (#1040) d76a41a fix #1046: helm chart breaking due to invalid configfile name extension (#1047) 362aa86 fix permission issues in creating webhook mode logs file persistence 2bf4cdb fix: added null check before value conversion to avoid panic (#1020) db18509 release v1.11.0 (#1048)
d1a11f3 Adds additional policies for dockerfile (#996) cecdd6e Adds: e2e test for docker IaC provider (#968) 687863e Bump github.com/hashicorp/go-getter from 1.5.2 to 1.5.7 (#993) d24a8b8 Bump github.com/hashicorp/hcl/v2 from 2.10.0 to 2.10.1 (#972) 68c36a1 Bump github.com/pelletier/go-toml from 1.8.1 to 1.9.3 (#999) e55a624 Bump github.com/spf13/afero from 1.5.1 to 1.6.0 (#970) 6ae1274 Extract Docker images from Terraform templates (#937) b42be70 Extract Docker images from k8s YAML files (#905) 256facf Extract images from Dockerfiles (#1002) 309e9f5 Fix dependency issue that caused dependabot to fail (#966) 05a65a3 Fixes supported Kustomize version (should be v4) (#932) 01184ad Initial support for image scanning (#989) 81495a9 Revert "update resource type to map[string]bool (#992)" (#1001) c3458b1 Update helm.sh/helm/v3 v3.6.1 (#1000) 1269301 Update mkdocs-material from 7.2.2 to 7.2.3 (#978) e9017b1 Update mkdocs-material from 7.2.3 to 7.2.4 (#985) a559f4b added binary based support for kustomize v2 and v3 (#988) 5077005 adds brew instructions to release checklist (#987) c9f7483 bump up version to 1.10 (#1008) ced64a2 fix(policies): removing false-positive for K8s namespaces (#961) a2b9bd2 modify wait logic for service account creation (#979) 5c6a2c1 terrascan should exit with non zero exit code when scan error are present (#994) 9aea292 update changelog (#1005) 3e8d964 update resource type to map[string]bool (#992)
c1b2d57 Add support for CFT nested stacks (#949) 7fb8bb4 Adds Terrascan pre-commit (#953) 5477227 Adds support for using Terraform modules cached locally (#940) 11db729 Dockerfile support (#849) f922d00 Update README.md (#945) 485d577 Update mkdocs-material from 7.1.11 to 7.2.0 (#939) aaacce2 Update mkdocs-material from 7.2.0 to 7.2.1 (#947) af9deed Update mkdocs-material from 7.2.1 to 7.2.2 (#954) d1d21fc fix - config only option used with remote repo scan generates panic (#948) fad5d92 release v1.9.0 (#965) a3e0b6e temporary fix for k8s policy filtering issue (#963) b0c9873 update helm chart progress checklist (#943)
35afbe6 Add support for arm linked templates (#903) 2443118 Do not initiate policy engine incase of --config-only flag cf582eb Remove unnecessary KMS deletion window code (#918) 35c7ca1 Update mkdocs from 1.2.1 to 1.2.2 (#935) dbf90e8 Update mkdocs-material from 7.1.10 to 7.1.11 (#938) 29201a7 Update mkdocs-material from 7.1.9 to 7.1.10 (#929) ef959f1 Update overview.md (#919) 656744d Updating the dax cluster policy (#909) 8bba815 add github-sarif writer for github suited sarif output (#907) 89555e5 add integrations overview and minor fixes (#913) 80c00e0 fix error log message for terraform file (#914) c9d73e0 fix go mod files (#941) 73bcc12 fix(sws/cloudfront): wrong check tls version (#928) d231a43 fixed e2e test cases for --config-only 5513a0f fixes: broken doc links (#921) 1721cde minor-doc-fix (#916) c299d50 policy to detect a service without selector (#931) bf23634 release v1.8.1 (#942) 87efa51 terraform 0.15 support (#860) aba0d62 update getting started and Usage, fix links (#920)
325985d Add ID Field in Azure Policies (#872)
9e962b9 Add Microsoft Azure ARM as an IaC Provider (#736)
95b02c4 Added "id" field support & policy validation tests (#843)
7a4de55 Addind AWS Network Security Policies (#866)
32a4c15 Adding Id fix for github policies (#874)
6e3cc71 Adding missing Id field for GCP policies (#870)
6b7b83f Bugfix/az nw sec policies (#862)
4bbb647 Bugfix/k8s id field (#873)
bcc4cf2 Change api, Add support for s3 bucket resource and better cft loader (#865)
9f050b3 Fix authorization header for http request (#877)
b8fda7c Fixes incorrect filepath reporting in sarif output & added e2e tests for sarif output (#863)
7fd8ba0 Minor documentation fixes (#908)
1b58346 Spilt usage docs (#890)
c3f372f Update Integration Docs.md (#885)
c43ec4a Update cicd.md (#901)
51a71f8 Update cicd.md (#902)
4bf9b35 Update mkdocs from 1.1.2 to 1.2.1 (#886)
1db0999 Update mkdocs-material from 7.1.4 to 7.1.8 (#859)
0734df7 Update mkdocs-material from 7.1.8 to 7.1.9 (#895)
a74765d Update usage.md (#893)
decb1e9 Updates documentation on Terrascan github action (#894)
c04acd4 Updating network security policies for GCP (#869)
bedfaa1 Use CGO independent package for sqlite (#906)
40c0aa8 add in-file instrumentation segment (#910)
36ca6eb add proper values via metadata (#888)
7d20723 adding ID field (#871)
c642063 fix broken link to usage.md
(#855)
80902fa fix error messages reported from hcl diags (#911)
2ca5eb1 fix(pkg/policies/opa/rego/azure/azurerm_container_registry/containerregistryresourcelock.rego): check correct fields (#858)
617ef74 fixed sarif unit tests hardcoding code smell (#857)
cee9ab4 fixes: recursive loop when parent and child module has same local block (#900)
4fd7642 improves: filename in remote module (#867)
2fdc14d k8s policies refactor (#879)
0f0be20 mod policies to achieve parity with siac (#878)
1f316eb release v1.8.0 (#912)
95aba12 Add AWS CFT as an IaC Provider (#815)
a4d7af9 1. fix failing test due to log message assertion (#812)
b899922 Add ID Field for AWS Policies' Metadata (#831)
48f92ef Add ID Field for K8s Policies' Metadata (#826)
cb2be19 Add module name
in violation summary for terraform scans (#774)
07c1e4f Add a kustomize based guide for setting up terrascan server and validating webhook in kubernetes (#739)
0a1912f Add e2e tests for k8s admission control validating webhook (#772)
1d7e5b9 Add webhook setup capability and remote repo scan capability in the helm charts (#778)
940a446 Added source_range 0.0.0.0/0 (any) to avoid rule violations (#776)
3f02324 Adding Aws new policies cloudTrail (#810)
5f4b15a Adds support to scan config resources with applicable policies & Refactors filteration (#803)
5057073 Adds: in-file instrumentation for resource prioritizing (#802)
05e4db3 Automate generation of TLS Certs using Helm (#779)
8fc20b2 Bugfix/use ref id old format (#846)
0f03866 Bump up to Go 1.16 (#836)
9adfe1d Do not trim resource id from tfplan json (#825)
53eda39 Documentation (#768)
37cef51 Feature/az id field (#808)
72e3ebc Fix accurics.azure.AKS.3 (#712)
0eae483 Fixing the bug for google_kms_crypto_key policies (#848)
01c8d78 Initial addition of terrascan helm chart (#688)
636515e JSON and Rego updated (#787)
82e5242 Support for spaces in policy reference_id (#833)
0cf4ed6 Update mkdocs-material from 7.1.2 to 7.1.4 (#746)
9db3868 Update mkdocs-redirects from 1.0.1 to 1.0.3 (#710)
d7e16f6 Update policy description to match correct port. (#777)
9ac1667 Update usage.md (#765)
1839b24 [feat.] Merge Webhook and Server Helm Chart (#817)
1229942 [fix] Add Alternate names for k8s services (#834)
9ff6f2f add check for env vars and kms, fixes #682 (#827)
0d8bc97 add id field for matching policies siac/terrascan (#824)
0ed8ef7 add logging middleware for server (#785)
afc2a18 add support for YAML format for terrascan config file (#816)
fafdda4 add support for sarif format violation reports (#806)
dc0b428 add validation for tls private key and cert file values (#771)
971845a bucket policy check false positive fix (#828)
358fc67 check for loopback addresses in endpoint slice (#830)
a3f26c1 config file changes for terrascan server (#780)
b012204 enhancing aws policies (#829)
23bb0ae fix multierror variable issue for helm, kustomize and k8s (#818)
cbbde51 fix terraform inner block reference resolution (#844)
0c3c547 fix: add validation for module local source dir in terraform iac (#793)
0e4c830 fix: modified docker file to use UID of user (#773)
eff166f fix: moves the pending test to running (#819)
5060bbb fixing the policy (#847)
ff2c2a5 improve unit tests for config reader package (#820)
66159bd making file paths relative for k8s IaC (#821)
e4ae20c policy metadata changes to include policy_type
and resource_type
(#792)
9316d5d reference ids with & and