IaC Supportablility Matrix
Sysdig Infrastructure as Code (IaC) scanning supports specific resource and source types for scanning via Git integrations and the CLI.
Sysdig IaC scanning supports the following Infrastructure as Code frameworks and file types.
Supported Frameworks
| Resource | Source type |
|---|---|
| Terraform | Terraform providers for AWS, Azure, GCP, and Kubernetes |
| OpenTofu | OpenTofu providers for AWS, Azure, GCP, and Kubernetes |
| AWS | Cloud Formation Template (CFT) |
| Terraform AWS provider | |
| Azure | Azure Resource Manager (ARM) |
| Terraform Azure provider | |
| GCP | Terraform Google Cloud Provider |
| Kubernetes Workloads | YAML manifests |
| Kustomize folders | |
| Helm Charts | |
| Terraform Kubernetes provider |
OpenTofu Support
Sysdig Secure provides first-class support for OpenTofu.
- Automatic Discovery: The scanner automatically detects and evaluates
.tofuand.tofu.jsonfiles in your repositories or local directories. - Policy Compatibility: Policies defined for Terraform are automatically applied to OpenTofu files without requiring modification or duplication.
- Inventory: In the Sysdig Secure UI, resources managed by OpenTofu can be filtered using the Source Type filter
OpenTofu.
Terragrunt is currently not supported for IaC scanning.
