πŸ’š Nonprofit β€Ί Infrastructure as Code β€Ί Infrastructure Linting
πŸ“‹

Infrastructure Linting

Compare 22 infrastructure linting tools to find the right one for your needs

πŸ”§ Tools

Compare and find the best infrastructure linting for your needs

Kubescape

The first open-source tool for testing if Kubernetes is deployed securely.

An open-source Kubernetes security platform for risk analysis, security compliance, and misconfiguration scanning.

View tool details β†’

Infracost

Cloud cost estimates for Terraform in pull requests.

A tool that shows cloud cost estimates for infrastructure changes before they happen, integrating with CI/CD.

View tool details β†’

Datree

Prevent Kubernetes misconfigurations from reaching production.

A CLI tool that runs automated checks on Kubernetes configuration files to ensure they follow policies and best practices.

View tool details β†’

Snyk IaC

Find and fix security issues in your Terraform, CloudFormation, Kubernetes, and Azure Resource Manager configurations.

An IaC security tool that finds and fixes misconfigurations in cloud native application infrastructure.

View tool details β†’

Checkov

Prevent cloud misconfigurations during build-time.

An open-source static analysis tool for scanning Infrastructure as Code (IaC) files for misconfigurations.

View tool details β†’

Trivy

A comprehensive and versatile security scanner.

A versatile security scanner that finds vulnerabilities, IaC misconfigurations, and secrets in various targets.

View tool details β†’

Prisma Cloud (by Palo Alto Networks)

The industry’s most complete Cloud-Native Application Protection Platform (CNAPP).

A comprehensive CNAPP that includes IaC scanning, cloud security posture management, and workload protection.

View tool details β†’

SonarQube

The essential tool for Code Quality and Code Security.

A leading static analysis platform that supports IaC scanning for Terraform, CloudFormation, Kubernetes, and more.

View tool details β†’

TFLint

A Pluggable Terraform Linter.

A linter focused on finding possible errors, best practice deviations, and enforcing naming conventions in Terraform code.

View tool details β†’

Terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

An open-source static code analyzer that scans IaC for security vulnerabilities and compliance violations.

View tool details β†’

KICS

Keeping Infrastructure as Code Secure.

An open-source solution for static analysis of IaC, finding security vulnerabilities, compliance issues, and misconfigurations.

View tool details β†’

tfsec

Security scanner for your Terraform code.

An open-source static analysis tool that scans Terraform templates for security misconfigurations.

View tool details β†’

Open Policy Agent (OPA)

Policy-based control for cloud native environments.

An open-source, general-purpose policy engine that can be used to enforce policies on IaC.

View tool details β†’

Regula

A tool that evaluates infrastructure as code for security misconfigurations and compliance violations.

An open-source tool that checks Terraform and CloudFormation templates for compliance with controls from frameworks like CIS.

View tool details β†’

cfn-lint

Validate CloudFormation templates against the AWS CloudFormation Resource Specification.

An AWS-supported open-source tool for linting and validating AWS CloudFormation templates.

View tool details β†’

KubeLinter

A static analysis tool that checks Kubernetes YAML files and Helm charts for production readiness and security best practices.

An open-source static analysis tool for Kubernetes manifests and Helm charts, checking for best practices.

View tool details β†’

Ansible-lint

Checks playbooks for practices and behavior that could potentially be improved.

A command-line tool for linting Ansible playbooks, roles, and collections.

View tool details β†’

Puppet-lint

Check your Puppet manifests for style guide conformity.

A tool that validates Puppet code against the official Puppet language style guide.

View tool details β†’

Terragrunt

A thin wrapper for Terraform that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state.

A tool to keep Terraform code DRY (Don't Repeat Yourself) by managing remote state and locking configurations.

View tool details β†’

CloudQuery

The open-source cloud asset inventory powered by SQL.

An open-source tool that extracts, transforms, and loads cloud asset data into databases for analysis.

View tool details β†’

Terratest

A Go library that provides patterns and helper functions for testing infrastructure, with first-class support for Terraform, Packer, Docker, and more.

A Go library for writing automated tests for Infrastructure as Code, not a linter but a testing framework.

View tool details β†’

OPA Gatekeeper

Policy Controller for Kubernetes.

A Kubernetes admission controller that enforces policies created with Open Policy Agent (OPA).

View tool details β†’