GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → bridgecrewio → yor

bridgecrewio / yor

Licence: Apache-2.0 License
Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

Programming Languages

go
31211 projects - #10 most used programming language
HCL
1544 projects

Labels

devopscloudcloudformationserverlessterraformtaggingiacinfrastructure-as-codehacktoberfestcloudsecurity

Projects that are alternatives of or similar to yor

Terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+485.4%)
Mutual labels:  terraform, iac, infrastructure-as-code, cloudsecurity
Checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+678.21%)
Mutual labels:  cloudformation, terraform, infrastructure-as-code
Nietzsche
Scrap quotes from Goodreads and schedule random tweets.
Stars: ✭ 44 (-90.41%)
Mutual labels:  cloudformation, iac, infrastructure-as-code
Terratag
Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources
Stars: ✭ 385 (-16.12%)
Mutual labels:  terraform, tagging, infrastructure-as-code
paco
Paco: Prescribed automation for cloud orchestration
Stars: ✭ 32 (-93.03%)
Mutual labels:  cloudformation, infrastructure-as-code
ggshield
Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
Stars: ✭ 1,272 (+177.12%)
Mutual labels:  iac, infrastructure-as-code
icp-ce-on-linux-containers
Multi node IBM Cloud Private Community Edition 3.2.x w/ Kubernetes 1.13.5 in a Box. Terraform, Packer and BASH based Infrastructure as Code script sets up a multi node LXD cluster, installs ICP-CE and clis on a metal or VM Ubuntu 18.04 host.
Stars: ✭ 52 (-88.67%)
Mutual labels:  iac, infrastructure-as-code
tfu
tfu is a terraform helper to update the providers.
Stars: ✭ 13 (-97.17%)
Mutual labels:  iac, infrastructure-as-code
Kumogata
Kumogata is a tool for AWS CloudFormation. It can define a template in Ruby DSL.
Stars: ✭ 128 (-72.11%)
Mutual labels:  cloudformation, infrastructure-as-code
eks-cluster
Quickly spin up an AWS EKS Kubernetes cluster using AWS CloudFormation
Stars: ✭ 41 (-91.07%)
Mutual labels:  cloudformation, iac
terraform-modules
Terraform Modules by Peak
Stars: ✭ 16 (-96.51%)
Mutual labels:  iac, infrastructure-as-code
aws-cloudformation-simplified
AWS CloudFormation - Simplified | Hands On Learning !!
Stars: ✭ 51 (-88.89%)
Mutual labels:  cloudformation, infrastructure-as-code
aws-cfn-custom-resource-lambda-edge
🏗 AWS CloudFormation custom resource that allows deploying Lambda@Edge from any region
Stars: ✭ 19 (-95.86%)
Mutual labels:  cloudformation, infrastructure-as-code
cfsec
Static analysis for CloudFormation templates to identify common misconfiguration
Stars: ✭ 53 (-88.45%)
Mutual labels:  cloudformation, cloudsecurity
gotf
Managing multiple environments with Terraform made easy
Stars: ✭ 25 (-94.55%)
Mutual labels:  iac, infrastructure-as-code
Aws Labs
step by step guide for aws mini labs. Currently maintained on : https://github.com/Cloud-Yeti/aws-labs Youtube playlist for labs:
Stars: ✭ 153 (-66.67%)
Mutual labels:  cloudformation, terraform
driftctl
Detect, track and alert on infrastructure drift
Stars: ✭ 2,020 (+340.09%)
Mutual labels:  iac, infrastructure-as-code
terraform-vsphere-single-vm
Deploy single vSphere VM with Terraform - template.
Stars: ✭ 21 (-95.42%)
Mutual labels:  iac, infrastructure-as-code
Cloudformation Templates
Common tasks automated by CloudFormation
Stars: ✭ 79 (-82.79%)
Mutual labels:  cloudformation, infrastructure-as-code
Serverless static website with basic auth
Builds a serverless infrastructure in AWS for hosting a static website protected with Basic Authentication and published on a subdomain registered via Route 53
Stars: ✭ 112 (-75.6%)
Mutual labels:  cloudformation, terraform
View All Similar Projects ➔

Hacktoberfest

Maintained by Bridgecrew.io golangci-lint security gopherbadger-tag-do-not-edit slack-community Go Report Card Go Reference Docker pulls Chocolatey downloads GitHub All Releases

Yor is an open-source tool that helps add informative and consistent tags across infrastructure-as-code frameworks such as Terraform, CloudFormation, and Serverless.

Yor is built to run as a GitHub Action automatically adding consistent tagging logics to your IaC. Yor can also run as a pre-commit hook and a standalone CLI.

Features

  • Apply tags and labels on infrastructure as code directory
  • Tracing: yor_trace tag enables simple attribution between an IaC resource block and a running cloud resource.
  • Change management: git-based tags automatically add org, repo, commit and modifier details on every resource block.
  • Custom taggers: user-defined tagging logics can be added to run using Yor.
  • Skips: inline annotations enable developers to exclude paths that should not be tagged.
  • Dry-Run: get a preview of what tags will be added without applying any.

Demo

Table of contents

Getting Started

Installation

MacOS / Linux

brew tap bridgecrewio/tap
brew install bridgecrewio/tap/yor

OR

Windows

choco install yor

OR

Docker

docker pull bridgecrew/yor

docker run --tty --volume /local/path/to/tf:/tf bridgecrew/yor tag --directory /tf

GitHub Action

name: IaC trace

on:
  # Triggers the workflow on push or pull request events but only for the main branch
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

jobs:
  yor:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        name: Checkout repo
        with:
          fetch-depth: 0
          ref: ${{ github.head_ref }}
      - name: Run yor action and commit
        uses: bridgecrewio/yor-action@main

Pre-commit

  - repo: git://github.com/bridgecrewio/yor
    rev: 0.0.44
    hooks:
      - id: yor
        name: yor
        entry: yor tag -d
        args: ["example/examplea"]
        language: golang
        types: [terraform]
        pass_filenames: false

Usage

tag : Apply tagging on a given directory.

 # Apply all the tags in yor on the directory tree terraform.
 yor tag --directory terraform/

# Apply all the tags in yor except the tags git_last_modified_by and yor_trace.
 yor tag --directory terraform/ --skip-tags git_last_modified_by,yor_trace

# Apply only the tags under the git tag group.
 yor tag --tag-groups git --directory terraform/

# Apply key-value tags on a specific directory
 export YOR_SIMPLE_TAGS='{ "Environment" : "Dev" }'
 yor tag --tag-groups simple --directory terraform/dev/

-o : Modify output formats.

yor tag -d . -o cli
# default cli output

yor tag -d . -o json
# json output

yor tag -d . --output cli --output-json-file result.json
# print cli output and additional output to file on json file -- enables programmatic analysis alongside printing human readable result

--skip-tags: Specify only named tags (allow list) or run all tags except those listed (deny list).

yor tag -d . --skip-tags yor_trace
## Run all but yor_trace

yor tag -d . --skip-tags yor_trace,git_modifiers
## Run all but yor_trace and git_modifiers

yor tag -d . --skip-tags git*
## Run all tags except tags with specified patterns

skip-dirs : Skip directory paths you can define paths that will not be tagged.

yor tag -d path/to/files
## Run on the directory path/to/files

yor tag -d path/to/files --skip-dirs path/to/files/skip,path/to/files/another/skip2
## Run yor on the directory path/to/files, skipping path/to/files/skip/ and path/to/files/another/skip2/

list-tag

yor list-tag-groups
 # List tag classes that are built into yor.

yor list-tags
 # List all the tags built into yor
yor list-tags --tag-groups git

 # List all the tags built into yor under the tag group git

dry-run

yor tag -d . --dry-run
# Perform a dry run to get a preview in the CLI output of all of the tags that will be added using Yor without applying any changes to your IaC files.

What is Yor trace?

yor_trace is a magical tag creating a unique identifier for an IaC resource code block.

Having a yor_trace in place can help with tracing code block to its cloud provisioned resources without access to sensitive data such as plan or state files.

See demo here

Contributing

Contribution is welcomed!

We are working on extending Yor and adding more parsers (to support additional IaC frameworks) and more taggers (to tag using other contextual data).

To maintain our conventions, please run lint on your branch before opening a PR. To run lint:

golangci-lint run --fix --skip-dirs tests/yor_plugins

Support

For more support contact us at https://slack.bridgecrew.io/.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].