Skip to Content
Insightcloudsec- CircleCI Integration (Example)

CircleCI Integration (Example)

As is standard for CircleCI, you can easily define IaC analysis as a step in your pipelines by specifying it in your .circleci/config.yml file.

Below is a minimal example of a config.yml for reference.

Terraform (CircleCI)

CircleCI config.yml example

version: 2 jobs: build: docker: # Here we use Hashicorp's Alpine image with terraform already installed - image: hashicorp/terraform:light steps: - checkout - run: name: InsightCloudSec IaC Security Scan command: | # Generate JSON-formatted Terraform plan terraform init terraform plan -out tf.plan terraform show -json tf.plan > tf.plan.json cd .. # Use the mimics Docker image docker run -v $(pwd):/data -e MIMICS_BASE_URL=$ICS_BASE_URL -e MIMICS_API_KEY=$ICS_API_KEY public.ecr.aws/rapid7-insightcloudsec/ics/mimics:latest scan data/tf.plan.json -c "My IaC Config Name" --report-formats all --report-path "/data/reports" --no-progress # Store results. CircleCI caches this for 30 days. - store_artifacts: path: /tmp/scan_output.html