This is a extension with a simple implementation of Cloud One Conformity template scanner right from the IDE.
This extension has a really simple feature: a preventative measure to ensure your AWS infrastructure remains compliant by detecting risks in template files before they are launched into AWS.
More info about the scanner over here.
You need to configure your API Key and you might need to configure the endpoint region, as it defaults to us-west-2. To do so, see the Extension Settings below:
This extension contributes the following settings:
cc.apikey
: a string with your Cloud Conformity apikeycc.region
: Defaults tous-west-2
. Change it to your Cloud Conformity used endpoint.cc.output
: Defaults totab
. Valid options aretab
,table
,json
orcsv
.cc.defaultAccountId
: Optional. Dafaults to null. Set a default AccountID if you don't want to use the dafault.cc.defaultProfileId
: Optional. Dafaults to null. Set a default ProfileID if you don't want to use the dafault.
If you need help on how to edit these settings, you can find more info here.
First, open VS Code Command Palette (⇧⌘P on Mac or Ctrl+⇧+P on Windows). Then:
1 - You can scan the current open file through:
"Cloud One Conformity: Scan Current Open Template."
2 - You can scan any other template right-clicking the file and selecting:
"Cloud One Conformity: Scan Selected Template."
If you are using the extension to scan Serverless Framework templates, make sure to package your application before running the scan. This capability is only available to AWS applications.
None. Please, open an issue if you find one!
Pull Requests are encouraged!
- Using Actions to automatically update the Extension whenever new rules are made available.
- Fixed a bug that the Knowledge Base url was broken for certain services.
- Support to scan templates against Account and Profile configurations.
- Typos and branding corrections.
- "New Tab" output format supported and used by default. This allows for greater visibility of the findings, but also links the detections back to the Conformity Knowledge Base.
- Serverless Framework for AWS projects support.
- Proper message if the template is clean
- Order the detections by risk level.
- Bug fixes
- Adding an icon to the extension.
- Better README.md
- First public release