This VS Code extension is for tfsec. A static analysis security scanner for your Terraform code that discovers problems with your infrastructure before hackers do.
The Findings Explorer displays an an organised view the issues that have been found in the current workspace.
The code runs tfsec in a VS Code integrated terminal so you can see the the output - when it is complete, press the refresh button to reload.
Right clicking on an tfsec code will let you view the associated page on https://aquasecurity.github.io/tfsec/latest
Issues can be ignored by right clicking the location in the explorer and selecting ignore this issue.
Ignore codes will be automatically resolved and the description of the error will be displayed inline.
In the Explorer view, you can right click on a folder or .tf file and select Ignore path during tfsec runs. This will pass the path to --exclude-path when running tfsec and is only applicable to this workspace on this machine.
To remove ignores, edit the tfsec.excludedPath in the .vscode/settings.json file of the current workspace.
- Add findings to the Problems tab
- Fix Windows filepaths
- Fix issue with file path names in the explorer
- Add context support for locally ignoring files and directories
- Support new tfsec filesystem (relative path resolution)
- Maintain support older versions of tfsec
- Add snippets support
- using
tfsec-check-filein a yaml file to create custom check - using
tfsec-custom-checkin the existing check file to add a new custom check
- using
- Add icon on toolbar to get the version
- Update the severity icons inline with Aqua colours
- Fix the icons for Severity and tfsec checkname
- Fix issue with tfsec
v1.0.0-rc.2
- Fix issue with glob
- Minify the extension
- Support multi folder workspaces
- Save results in a folder with unique names
- Refactor the runner to clean up extension code
- clean up some redundant code