Integrate terraform-compliance with Vulnetix. Write BDD-style compliance tests in Gherkin for your Terraform plans and export JSON results for upload to Vulnetix.
TerraformCLI toolJSON
Install & scan
$ # Install with pip pip install terraform-compliance # Or via uv uv run --with terraform-compliance terraform-compliance --help $ # Generate Terraform plan JSON first terraform plan -out=tfplan terraform show -json tfplan > plan.json # Run compliance tests terraform-compliance -f ./compliance-tests/ -p plan.json --junit-xml compliance-results.xml
Run terraform-compliance in CI
Scan on every push and upload the results to Vulnetix:
- name: Generate Terraform plan
run: |
terraform init
terraform plan -out=tfplan
terraform show -json tfplan > plan.json
- name: Run compliance tests
run: |
pip install terraform-compliance
terraform-compliance -f ./compliance-tests/ -p plan.json --junit-xml compliance-results.xml
- name: Upload results to Vulnetix
run: vulnetix upload --file compliance-results.xml
Centralise terraform-compliance results in Vulnetix
Upload terraform-compliance JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.