Architecture
Change Management

Infrastructure code must pass security linting checks to merge PRS to convergence branches

Requiring infrastructure code to pass security linting checks before merging pull requests (PRs) to convergence branches is a critical security measure that can help prevent security issues from being introduced into the production environment.

Summary

Requiring infrastructure code to pass security linting checks before merging pull requests (PRs) to convergence branches is a critical security measure that can help prevent security issues from being introduced into the production environment. This enables the detection and prevention of security misconfigurations at build time to prevent vulnerable/misconfigured infrastructure from ever being deployed. Insecure changes will be prevented before any infrastructure is actually spun up and real-time, actionable feedback can be provided to the user. By catching security issues early, the risk of security incidents is greatly reduced.

Applicable To

To all IaC

Resources

all

Maturity

Medium

Functions
Security
Reliability
CSPS

AWS

Author

Adam Cotenoff

Additional Links
View on GitHubContribute on GitHub
Back to Home