Infrastructure as Code Security

This skill enables comprehensive security scanning of Infrastructure as Code configurations including Terraform, CloudFormation, Kubernetes manifests, Helm charts, Pulumi, and ARM templates using tools like Checkov, tfsec, Terrascan, KICS, and kubesec.

When to Use This Skill

This skill should be invoked when:

• Scanning Terraform configurations for security misconfigurations
• Auditing CloudFormation templates
• Validating Kubernetes manifests and Helm charts
• Checking ARM templates for Azure security
• Verifying compliance with CIS benchmarks
• Integrating security scanning into CI/CD pipelines
• Reviewing infrastructure changes before deployment

Trigger Phrases

• "scan this Terraform for security issues"
• "audit my CloudFormation template"
• "check Kubernetes manifests for misconfigurations"