terrascan

Overview Versions Insights

build-test release Ansible Role Maintainability Rating Reliability Rating Security Rating GitHub tag (latest SemVer) GitHub repo size

Ansible Role: terrascan

Role to install (by default) terrascan on Debian/Ubuntu and EL systems. terrascan detects compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Requirements

None.

Role Variables

Available variables are listed below (located in defaults/main.yml):

Variables list:

terrascan_app: terrascan
terrascan_version: 1.19.1
terrascan_os: "{{ ansible_system }}"
terrascan_architecture_map:
  amd64: x86_64
  arm: arm64
  x86_64: x86_64
  armv6l: armv6
  armv7l: armv7
  aarch64: arm64
  32-bit: "i386"
  64-bit: x86_64
terrascan_dl_url: https://github.com/tenable/{{ terrascan_app }}/releases/download/v{{ terrascan_version }}/{{ terrascan_app }}_{{ terrascan_version }}_{{ terrascan_os }}_{{ terrascan_architecture_map[ansible_architecture] }}.tar.gz
terrascan_bin_path: /usr/local/bin
terrascan_file_owner: root
terrascan_file_group: root
terrascan_file_permission_mode: '0755'

Variables table:

Variable Description
terrascan_app Defines the app to install i.e. terrascan
terrascan_version Defined to dynamically fetch the desired version to install. Defaults to: 1.19.1
terrascan_os Defines os type.
terrascan_architecture_map Defines os architecture.
terrascan_dl_url Defines URL to download the terrascan binary from.
terrascan_bin_path Defined to dynamically set the appropriate path to store terrascan binary into. Defaults to (as generally available on any user's PATH): /usr/local/bin
terrascan_file_owner Owner for the binary file of terrascan.
terrascan_file_group Group for the binary file of terrascan.
terrascan_file_permission_mode Defines the permission mode level for the file. Defaults to: 0755

Dependencies

None

Example Playbook

For default behaviour of role (i.e. installation of terrascan) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.terrascan

For customizing behavior of role (i.e. specifying the desired terrascan version) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.terrascan
  vars:
    terrascan_version: 1.15.0

For customizing behavior of role (i.e. placing binary of terrascan package in different location) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.terrascan
  vars:
    terrascan_bin_path: /bin/

License

MIT

Author Information

This role was created by Ali Muhammad.

About

Installs/Uninstalls 'terrascan'. Terrascan Detect compliance and security violations across IaC.

role terrascan terraform aws kubernetes docker helm kustomize security system os
Install
ansible-galaxy install darkwizard242/ansible-role-terrascan
GitHub repository
2 stars
0 forks
0 open issues
License
mit
Downloads
1688
Owner
Ali Muhammad
Senior DevOps/CloudOps Engineer. Dedicated to Automating everything I come across. Love to work on and learn new technologies/tools everyday!