ansible-role-tfsec

Ansible role for tfsec. Available on Ansible Galaxy.

MIT License

Stars
4
View Code on GitHub Visit Website
Ecosystems: Ansible, Ansible Roles, Terraform

Ansible Role: tfsec

Role to install (by default) tfsec on Debian/Ubuntu and EL systems. tfsec is a static analysis (security based) for scanning terraform code. originally developed by Liam Galvin.

Requirements

None.

Role Variables

Available variables are listed below (located in defaults/main.yml):

Variables list:

tfsec_app: tfsec
tfsec_version: 1.28.11
tfsec_os: "{{ ansible_system | lower }}"
tfsec_architecture_map:
  amd64: amd64
  arm: arm64
  x86_64: amd64
  armv6l: armv6
  armv7l: armv7
  aarch64: arm64
  32-bit: "386"
  64-bit: amd64
tfsec_dl_url: https://github.com/aquasecurity/{{ tfsec_app }}/releases/download/v{{ tfsec_version }}/{{ tfsec_app }}-{{ tfsec_os }}-{{ tfsec_architecture_map[ansible_architecture] }}
tfsec_bin_path: "/usr/local/bin/{{ tfsec_app }}"
tfsec_file_owner: root
tfsec_file_group: root
tfsec_file_mode: '0755'

Variables table:

Variable Description
tfsec_app Defines the app to install i.e. tfsec
tfsec_version Defined to dynamically fetch the desired version to install. Defaults to: 1.28.11
tfsec_os Defines os type. Used for obtaining the correct type of binaries based on OS type.
tfsec_architecture_map Defines os architecture. Used to set the correct type of binaries based on OS System Architecture.
tfsec_dl_url Defines URL to download the tfsec binary from.
tfsec_bin_path Defined to dynamically set the appropriate path to store tfsec binary into. Defaults to (as generally available on any user's PATH): /usr/local/bin/tfsec
tfsec_bin_permission_mode Defines the permission mode level for the file.
tfsec_file_owner Owner for the binary file of tfsec.
tfsec_file_group Group for the binary file of tfsec.
tfsec_file_mode Mode for the binary file of tfsec.

Dependencies

None

Example Playbook

For default behaviour of role (i.e. installation of tfsec) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.tfsec

For customizing behavior of role (i.e. specifying the desired tfsec version) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.tfsec
  vars:
    tfsec_version: 0.18.0

For customizing behavior of role (i.e. placing binary of tfsec package in different location) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.tfsec
  vars:
    tfsec_bin_path: /bin/

License

MIT

Author Information

This role was created by Ali Muhammad.

Badges
Extracted from project README
build-test release Maintainability Rating Reliability Rating Security Rating
Related Projects
ansible-role-terraform

Ansible role for Hashicorp Terraform. Available on Ansible Galaxy.

14 Jul 2019 4
ansible-role-terraform_agent

Install and configure Terraform Agent (for TFC or TFE) on your system.

16 Feb 2024 3
ansible-role-terrascan

Ansible role for 'terrascan'. Available on Ansible Galaxy.

08 Jun 2022 2