Get Started

Getting Started

Deploy

Onboard and Manage Accounts

Amazon Web Services (AWS)

Google Cloud Platform (GCP)

Microsoft Azure

Oracle Cloud Infrastructure (OCI)

Additional Providers

Collect and Integrate Data

Harvesting & Event-Driven Harvesting

Integrations

Understand Data

Visibility & Reporting

Inventory

Query Filters & Insights

Manage and Act on Data

Bots & Automation

Infrastructure as Code (IaC) Security

Cloud IAM Governance

Vulnerability Management

Workload Security

Manage System Settings

InsightCloudSec System Configuration

Developer Resources

APIs

Support

CircleCI Integration (Example)

As is standard for CircleCI, you can easily define IaC analysis as a step in your pipelines by specifying it in your .circleci/config.yml file.

Below is a minimal example of a config.yml for reference.

Terraform (CircleCI)

CircleCI config.yml example


yaml
1
version: 2
2
jobs:
3
  build:
4
    docker:
5
      # Here we use Hashicorp's Alpine image with terraform already installed
6
      - image: hashicorp/terraform:light
7

8
    steps:
9
      - checkout
10
      - run:
11
          name: InsightCloudSec IaC Security Scan
12
          command: |
13
            # Generate JSON-formatted Terraform plan
14
            terraform init
15
            terraform plan -out tf.plan
16
            terraform show -json tf.plan > tf.plan.json
17
            cd ..
18
            
19
            # Use the mimics Docker image
20
            docker run -v $(pwd):/data -e MIMICS_BASE_URL=$ICS_BASE_URL -e MIMICS_API_KEY=$ICS_API_KEY public.ecr.aws/rapid7-insightcloudsec/ics/mimics:latest scan data/tf.plan.json -c "My IaC Config Name" --report-formats all --report-path "/data/reports" --no-progress
21

22
      # Store results. CircleCI caches this for 30 days.
23
      - store_artifacts:
24
          path: /tmp/scan_output.html
25

26

Did this page help you?

Infrastructure as Code (IaC) Security

Jenkins Integration (Example)

Cloud IAM Governance

Understanding Cloud IAM Governance