Shift Cloud Security Left
Preventing cloud security issues before they eventuate is the holy grail of any cloud team.
ARGOS supports all types of organisations and teams to enhance their cloud security posture. ARGOS tests cloud environments in near real time for the presence of the most important issues in the cloud that can put your business at risk.
Integrating security tests into the cloud developer's / cloud engineer's workflow is just as important and an ask of many organisations. This is what people sometimes refer to "shifting left", into the build process of infrastructure.
This is why ARGOS has published, FOR FREE, an API that internally is powered by checkov, an open source static code analysis tool for infrastructure-as-code.
Our API currently supports testing of AWS (CloudFormation in yaml and json) and Azure (ARM templates in json) infrastructure as code.
Our service will check the template against the relevant tests that checkov supports and will return information about any failed tests.
Using the service
Call the API with any tool of your choice (curl, PowerShell, Postman) and pass it the following parameters:
framework: "cloudformation" (in the case of AWS) or "arm" (in the case of Azure)
file_type: json / yaml
body: the template
No need to install a tool locally and you'll get a result back in seconds.
For more information about using the API, please see https://github.com/argos-au/argos-iac-testing
Call to Action
We are looking for feedback on this API.
Is this helpful to you? Comment, or reach out via Twitter.