IaC Scan Runner
Service that scans your Infrastructure as Code for common vulnerabilities.
|Tool name||IaC Scan Runner|
Table of Contents
Purpose and description
The IaC Scan Runner is a REST API service used to scan IaC (Infrastructure as Code) package and perform various code checks in order to find possible vulnerabilities and improvements. Explore the docs for more info.
This section explains how to run the REST API.
Run with Docker
You can run the REST API using a public xscanner/runner Docker image as follows:
# run IaC Scan Runner REST API in a Docker container and # navigate to localhost:8080/swagger or localhost:8080/redoc $ docker run --name iac-scan-runner -p 8080:80 xscanner/runner
Or you can build the image locally and run it as follows:
# build Docker container (it will take some time) $ docker build -t iac-scan-runner . # run IaC Scan Runner REST API in a Docker container and # navigate to localhost:8080/swagger or localhost:8080/redoc $ docker run --name iac-scan-runner -p 8080:80 iac-scan-runner
Run from CLI
To run using the IaC Scan Runner CLI:
# install the CLI $ python3 -m venv .venv && . .venv/bin/activate (.venv) $ pip install iac-scan-runner # print OpenAPI specification (.venv) $ iac-scan-runner openapi # install prerequisites (.venv) $ iac-scan-runner install # run IaC Scan Runner REST API (.venv) $ iac-scan-runner run
Run from source
To run locally from source:
# install prerequisites $ python3 -m venv .venv && . .venv/bin/activate (.venv) $ pip install -r requirements.txt (.venv) $ ./install-checks.sh # run IaC Scan Runner REST API (add --reload flag to apply code changes on the way) (.venv) $ uvicorn src.iac_scan_runner.api:app
This work is licensed under the Apache License 2.0.
You can contact the xOpera team by sending an email to firstname.lastname@example.org.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 101000162 (PIACERE).