Skip to content
/ pa2588-devsecops-iac-security Public template

Playground for learning a bit about securing Infrastructure as Code

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bth-dipt-teaching/pa2588-devsecops-iac-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.github/workflows
.github/workflows
 
 
iac
iac
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

PA2588 DevSecOps: Playground for Infrastructure as Code Security

This is part of the course DevSecOps.

Warning

This playground is not complete yet. Because you need to interact with AWS, this guide needs to be tested and adapted to work with the free tier.

Preparation

  1. Click on Use this template to create a new repository in your GitHub account (don't fork it), and make sure to set the visibility to "Public".
  2. Go to "Settings" > "Secrets and variables" > "Actions"
  3. Create Repository Secrets AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

Enable IaC Scanning with tfsec

  1. In .github/workflows/tfsec.yml, uncomment the block labeled "Version 1" to enable tfsec.
    • After the next successful run of the GitHub actions, you should now see about a dozen of security issues being reported.
  2. In iac/terraform.tfvars, remove the existing cidr line and uncomment the "Version 2" block.
    • After the next successful run of the GitHub actions, you should now see two of the security issues being resolved.

About

Playground for learning a bit about securing Infrastructure as Code

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages