• david_obrien

Shift Cloud Security Left

Preventing cloud security issues before they eventuate is the holy grail of any cloud team.

Security Testing

ARGOS supports all types of organisations and teams to enhance their cloud security posture. ARGOS tests cloud environments in near real time for the presence of the most important issues in the cloud that can put your business at risk.

Shift Left

Integrating security tests into the cloud developer's / cloud engineer's workflow is just as important and an ask of many organisations. This is what people sometimes refer to "shifting left", into the build process of infrastructure.

This is why ARGOS has published, FOR FREE, an API that internally is powered by checkov, an open source static code analysis tool for infrastructure-as-code.

Our API currently supports testing of AWS (CloudFormation in yaml and json) and Azure (ARM templates in json) infrastructure as code.

Our service will check the template against the relevant tests that checkov supports and will return information about any failed tests.

Using the service

Call the API with any tool of your choice (curl, PowerShell, Postman) and pass it the following parameters:

  • framework: "cloudformation" (in the case of AWS) or "arm" (in the case of Azure)

  • file_type: json / yaml

  • body: the template

No need to install a tool locally and you'll get a result back in seconds.

API URL: https://test-iac.argos-security.io/api/iac-test

cURL Example:

PowerShell example:

For more information about using the API, please see https://github.com/argos-au/argos-iac-testing

Call to Action

We are looking for feedback on this API.

Is this helpful to you? Comment, or reach out via Twitter.

170 views0 comments

Recent Posts

See All