Skip to content

drata/compliance-as-code-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Drata Compliance as Code Action

Use the Drata Compliance as Code action to scan for infrastructure-as-code findings in your pipeline. By utilizing this GitHub action in your workflow, you can automatically start to find, fix and monitor for compliance related configuration errors in Terraform.

Highlighted Features

Using this Action provides the following features:

  • App Security Design
  • Infrastructure-as-Code Security Checks
  • Automated Security Design Integration
  • Security Design Enforcement
  • Security Design Change Management
  • Out of the box compliance regulations including: SOC 2, PCI DSS, ISO 27001, GDPR, CCPA HIPAA, HI TECH, State Regulations, NIS SP 800- 53

Requirements

To run a scan on your code, you need access to Drata platform.

Usage

The following is an example GitHub Actions workflow:

on: push
jobs:
    drata-iac-scan:
    runs-on: ubuntu-latest
    name: compliance-as-code-action
    steps:
    - name: Checkout repo
        uses: actions/checkout@v4
    - name: Drata Github Action
        id: drata
        uses: drata/[email protected]
        env:
            DRATA_API_TOKEN: ${{ secrets.DRATA_IAC_PIPELINE_KEY }}
            GITHUB_REPOSITORY: $GITHUB_REPOSITORY
            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
            minimumSeverity: 'CRITICAL'

Parameters

  • minimumSeverity - (Required) The threshold at which a detected findings will cause your workflow to fail. One of none, low, moderate, high, or critical.
  • workspaceId - (Optional) Your Drata platform workspace Id. Defaults to 1.
  • region - (Optional) Your Drata platform region. One of 'US' or 'EU'. Defaults to 'US'.
  • verboseLogging - (Optional) An indicator of whether you'd like any detected findings output to the GitHub Actions build log. Defaults to false.
  • timeoutSeconds - (Optional) Time in seconds to wait for Drata tests to complete before failing. Defaults to 600

Secrets

  • DRATA_API_TOKEN - (Required) This is the API key for your Drata Compliance as Code action workflow. The pipeline key can be created in Drata
  • GITHUB_REPOSITORY: $GITHUBREPOSITORY - **(Optional)_** Your GitHub Repository referenced in the Pipeline.
  • GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - (Optional) Your GitHub Token.
  • Platform.

License

This project is released under the Apache 2.0 License.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases 15

v1.0.0 Latest
Jul 17, 2024
+ 14 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages