Scan your Terraform code for vulnerabilities with TfSec.
The workflow, usually declared in .github/workflows/tfsec.yaml under your Go project repository, looks like:
name: tfsec
on:
pull_request:
branches: [ main ]
jobs:
tfsec:
name: tfsec scanner
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Run TfSec
uses: phogolabs/[email protected]