Easy Infra[structure as Code]
easy_infra is a docker container that simplifies and secures Infrastructure as Code deployments.
Getting Started¶
In order to run your code from within the container, volume mount your files
into /iac
and pass your command, such as terraform validate
, as such:
docker run -v $(pwd):/iac seiso/easy_infra terraform validate
Secure by default¶
This container provides security features by default. Let’s say you are looking to deploy an environment using terraform:
docker run -v $(pwd):/iac seiso/easy_infra /bin/bash -c "terraform init && terraform validate && terraform apply"
What actually happens is that a security scan of your terraform code will be
run prior to executing the first terraform
command, regardless of what it is.
If an issue is detected, it will exit with a non-zero status, preventing any
subsequent execution of terraform
.
While it’s not suggested, if you’d like to disable this behavior you have some options:
Set the
SKIP_TFSEC
environment variable totrue
.
docker run --env SKIP_TFSEC=true -v $(pwd):/iac seiso/easy_infra /bin/bash -c "terraform init && terraform apply"
- Pass the
--skip-tfsec
argument to specificterraform
commands. This argument is processed by easy_infra and removed prior to passing parameters to the
terraform
command.
- Pass the
docker run -v $(pwd):/iac seiso/easy_infra /bin/bash -c "terraform --skip-tfsec init && terraform apply --skip-tfsec"