Automated Approach to IaC Code Inspection Using Python-Based DevSecOps Tool

Abstract

One of main benefits enabled by DevOps ideology is to automatize activities and operations related to development, testing, integration and deployment of software, to fulfill the needs of relevant organization’s goals. On the other side, quality of code, security, together with compliance according to given standards represent highly relevant considerations. In this paper, we present an open-source Python-based tool with web-based graphical interface which enables automation of static code analysis and checks when it comes to Infrastructure as Code (IaC) scripts. The proposed tool is evaluated in several scenarios when it comes to terraform scripts.