Your Terraform Is Probably Insecure — Here Are 90 Patterns to Check

Cloud misconfigurations were responsible for 15% of all initial attack vectors in data breaches last year. Not zero-days. Not sophisticated exploits. Misconfigurations. Public S3 buckets, overprivileged IAM roles, security groups that allow the entire internet to SSH in. The infrastructure-as-code revolution was supposed to fix this — codify your infrastructure, review it like application code, catch mistakes in PRs. But terraform plan tells you what will change. It does not tell you if what you're deploying is secure. I built CloudGuard to close that gap. 90 security patterns for Terraform and CloudFormation files. Here's what it checks and why. 1. Public S3 Buckets and Storage Access # The pattern — public-read ACL with no block resource "aws_s3_bucket" "assets" { bucket = "company-assets" acl = "public-read" # Anyone on the internet can read this } # The fix — block public access explicitly resource "aws_s3_bucket" "assets" { bucket = "company-assets" } resource "aws_s3_bucket_publi

Your Terraform Is Probably Insecure — Here Are 90 Patterns to Check

Related Articles

Why 60,000 Repos Adopted AGENTS.md

Intel and LG Display may have beaten Apple and Qualcomm with the best laptop battery life ever

FiberBills: A Complete Billing & Collection System for ISPs and Subscription Businesses

Prompting as Probabilistic Programming

La historia de Ramiro..

Related Articles

News
Why 60,000 Repos Adopted AGENTS.md
Medium Programming • 5d ago

News
Intel and LG Display may have beaten Apple and Qualcomm with the best laptop battery life ever
The Verge • 5d ago

News
FiberBills: A Complete Billing & Collection System for ISPs and Subscription Businesses
Medium Programming • 5d ago

News
Prompting as Probabilistic Programming
Medium Programming • 5d ago

News
La historia de Ramiro..
Dev.to • 5d ago