Prevent new incidents
Beta program
Please note that the IaC prevention features are currently in beta.
Install ggshield
ggshield
is an open source CLI application that runs in your local environment or in a CI environment to help you detect more than 100+ types of IaC vulnerabilities in your code. Follow these steps to get started!
Minimum required version
Please note that you will need version 1.17.0
or higher of ggshield, that provides the ggshield iac
command.
Start scanning for IaC vulnerabilities
- To detect IaC vulnerabilities in a local directory containing Infrastructure as Code files, start by executing the following command:
ggshield iac scan all PATH_TO_IAC_FOLDER
- To detect IaC vulnerabilities in a CI/CD pipeline, start by executing the following command from the CI:
ggshield iac scan ci
CLI Reference
For more information, please check the CLI Reference