Products | Sep 16, 2020

Terrascan extends Policy as Code to Kubernetes

Terrascan for Kubernetes

Accurics is excited to announce Terrascan v1.1.0, with Kubernetes (k8s) support!  Cloud native apps and infrastructure are notoriously complex and difficult to secure with traditional tools.  Kubernetes adds automation and orchestration that escalate those problems to another level.  Practically speaking, security automation is mandatory.  It’s not realistic to expect humans to comprehend such complex, dynamic environments.

Terrascan is an extensible open source tool that enables teams to detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.  By adding k8s support to Terrascan, we’re ensuring that all teams, regardless of budget, have access to the tools they need to secure their cloud native apps and infrastructure well before they are ever deployed in the cloud.

Release 1.1.0 helps you manage security risks in your k8s YAML and JSON configurations.  Future releases will add support for k8s infrastructure managed through other IaC providers such as Terraform.

Keep reading to learn how to get started, or view our quick-start video.

Using Terrascan with Kubernetes

Terrascan is available as a portable Go binary and a Docker container.  To use it, simply run terrascan from a directory where your Kubernetes project lives.  The command line interface is easy to run from a terminal, a script, from within a pipeline, and numerous other contexts.  

$ terrascan scan -t k8s 

Terrascan defaults to scanning YAML and JSON files in the current directory and subdirectories.  If your project spans multiple directories, you can use the -d option one or more times to specify which directories to scan.

By default, output is sent to the terminal in YAML format.

Terrascan K8s output

The structured output includes a summary of the results as well as the details needed to prioritize and fix the findings.  It’s suitable for humans to read, and for programmatic processing.

We’re just getting started, and we’re excited about the opportunity to help teams secure their cloud native apps and infrastructure.  Join us in the community forums for more Terrascan tips and tricks, and stay tuned for more exciting announcements about new technologies and policies that cover even more of the cloud native landscape.

Embedding Policy Guardrails into CI/CD Pipelines

Terrascan Leverages OPA to Make Policy as Code Extensible

We use cookies to ensure you get the best experience on our website. By continuing to browse this site, you acknowledge the use of cookies.