Hero

tfsec

A static analysis security scanner for your Terraform code


tfsec is a developer-first security scanner for Terraform templates. It uses static analysis and deep integration with the official HCL parser to ensure security issues can be detected before your infrastructure changes take effect.

Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible

Browse Checks

Chose an option that you need help with or search above

AWS

Browse checks for the AWS provider

Azure

Browse checks for the Azure provider

GCP

Browse checks for the Google Cloud provider

Frequently asked questions

Answers to the questions most commonly asked

Getting Started
Checks
Config
GitHub Actions