Skip to content

hmcts/terraform-utils

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
.github
.github
 
 
.idea
.idea
 
 
tfwhitelist
tfwhitelist
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
tf-utils-build.yaml
tf-utils-build.yaml
 
 

Repository files navigation

Terraform utils

Terraform utilities to help with the maintenance of Terraform related code.

Currently available utilities:

  • tfwhitelist: allows to scan all Terraform resources and modules used in a project and verify that they match a given whitelist.

tfwhitelist

To match Terraform infrastructure against a whitelist of resources and modules, the following command can be used:

tf-utils --whitelist <terraform-infra-dir-path> <whitelist-file-path>...<whitelist-file-path>

where the first argument is a Terraform definitions directory and the second argument is a list of whitelist files which are merged as first step. A whitelist is a json file containing allowed resources and modules. Having multiple files merged allows to have a global whitelist which can be specialised in case that is needed in isolated specific cases. For example:

{
  "resources": [
    {"type": "azurerm_key_vault_secret"},
    {"type": "azurerm_resource_group"}
  ],
  "module_calls": [
    {"source":  "[email protected]:hmcts/cnp-module-webapp?ref=master"},
    {"source":  "[email protected]:hmcts/cnp-module-postgres?ref=master"}
  ]
}

This tool uses the terraform-config-inspect library by Hashicorp.

About

Terraform tools

Resources

Readme

License

MIT license

Contributing

Contributing
Activity
Custom properties

Stars

1 star

Watchers

19 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages