Using the Checkov Plugin

Documentation Index

Fetch the complete documentation index at: https://docs.envzero.com/llms.txt

Use this file to discover all available pages before exploring further.

​

Overview

This plugin executes the checkov CLI and integrates Infrastructure-as-Code security best practices within your env zero deployments. The plugin will install the checkov binary and execute it. For more information, check out the Checkov Plugin git repository. For an example repository that integrates the Checkov plugin, click here.

​

Inputs

To use the Checkov plugin, you need to pass the following inputs:

1. directory (Required) - the path to the directory with the IaC code to scan (the root folder is your project’s root folder)
   flags - a string containing additional flags as one string
2. flags - a string containing additional flags as one string

​

Suggested Blog Content

What is tfsec: Benefits, Key Features, and Examples What is Checkov: Benefits, Key Features, and Examples What is Terrascan: Benefits, Key Features, and Examples Best IaC Scanning Tools

​

Next steps

• Using the TFsec Plugin - Scan Terraform code for security misconfigurations.
• Using the Trivy Plugin - Run Trivy config scans on your IaC directory.
• Using the OPA Plugin - Enforce policies with Open Policy Agent.
• Manage Policies - Define and apply governance policies across environments.