SonarCloud support for custom CFN Linting rules

  • What language are you writing rules for?
    CFN Linting Custom rules are written in python
  • What have you tried, and what’s your challenge / stumbling block
    Unsure about how these rules will be picked/applied. Will .cfnlintrc.yaml append_rules be picked by default by the Scanner?

Refer:

You can pass tflint-formatted reports to the SonarQube scanner by using the External Analyzer Reports feature.

If this isn’t what you’re looking for, you can also convert any issue reports into the SonarQube Generic Issue Import Format, which is widely supported and flexible.

However, SonarQube itself does not interpret or execute cfn-lint rules; it only ingests the report output. So, the scanner will not directly “pick up” custom rules from .cfnlintrc.yaml unless you ensure cfn-lint runs with those rules active and the output is passed to SonarQube as described above.