Tool integration

terraform-compliance Integration Guide

BDD-style compliance testing for Terraform plans using Gherkin

Get a Free API Key

Integrate terraform-compliance with Vulnetix. Write BDD-style compliance tests in Gherkin for your Terraform plans and export JSON results for upload to Vulnetix.

TerraformCLI toolJSON

Install & scan

$ # Install with pip
pip install terraform-compliance

# Or via uv
uv run --with terraform-compliance terraform-compliance --help
$ # Generate Terraform plan JSON first
terraform plan -out=tfplan
terraform show -json tfplan > plan.json

# Run compliance tests
terraform-compliance   -f ./compliance-tests/   -p plan.json   --junit-xml compliance-results.xml

Run terraform-compliance in CI

Scan on every push and upload the results to Vulnetix:

- name: Generate Terraform plan
  run: |
    terraform init
    terraform plan -out=tfplan
    terraform show -json tfplan > plan.json

- name: Run compliance tests
  run: |
    pip install terraform-compliance
    terraform-compliance -f ./compliance-tests/ -p plan.json --junit-xml compliance-results.xml

- name: Upload results to Vulnetix
  run: vulnetix upload --file compliance-results.xml

Centralise terraform-compliance results in Vulnetix

Upload terraform-compliance JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.

terraform-compliance documentation ↗  ·  Source repository ↗

Wire terraform-compliance into your CI/CD pipeline →