Take Me to the Docs!API ReferenceRelease NotesSupport Portal
Contact Us

CircleCI Integration (Example)

Overview of Integrating CircleCI with InsightCloudSec IaC Scans

Suggest Edits

As is standard for CircleCI, you can easily define IaC analysis as a step in your pipelines by specifying it in your .circleci/config.yml file.

  • Below is a minimal example of a config.yml for reference.

Terraform (CircleCI)

version: 2
jobs:
  build:
    docker:
      # Here we use Hashicorp's Alpine image with terraform already installed
      - image: hashicorp/terraform:light

    steps:
      - checkout
      - run:
          name: InsightCloudSec IaC Security Scan
          command: |
            # Generate JSON-formatted Terraform plan
            terraform init
            terraform plan -out tf.plan
            terraform show -json tf.plan > tf.plan.json
            cd ..
            
            # Use the mimics Docker image
            docker run -v $(pwd):/data -e MIMICS_BASE_URL=$ICS_BASE_URL -e MIMICS_API_KEY=$ICS_API_KEY public.ecr.aws/rapid7-insightcloudsec/ics/mimics:latest scan data/tf.plan.json -c "My IaC Config Name" --report-formats all --report-path "/data/reports" --no-progress

      # Store results. CircleCI caches this for 30 days.
      - store_artifacts:
          path: /tmp/scan_output.html

Updated 3 months ago