SonarCloud detects "Encryption at Transit" and "Traceability" security problems on AWS resources

Hello CloudFormation and Terraform developers,

After the support of the Encryption at Rest and Permission domains, we are now happy to announce that SonarCloud covers the 5 major domains where security problems can be introduced in Infrastructure as Code AWS files:

  • AWS S3 Buckets
  • Permissions
  • Encryption at Rest
  • Encryption in Transit
  • Traceability

These domains are covered for CloudFormation and Terraform for AWS and the full list of rules is visible here:

Note: if you are a SonarQube user, don’t worry we got you covered as the same features are available with the recently released SonarQube 9.2.

Alex