mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-03-31 16:20:28 +02:00
67 lines
1.7 KiB
YAML
67 lines
1.7 KiB
YAML
name: "terrascan"
|
||
command: "terrascan"
|
||
enabled: true
|
||
short_description: "基础设施即代码安全扫描工具"
|
||
description: |
|
||
Terrascan是一个基础设施即代码安全扫描工具,用于检测IaC配置中的安全问题。
|
||
|
||
**主要功能:**
|
||
- IaC安全扫描
|
||
- 多种框架支持
|
||
- 策略检查
|
||
- 合规性验证
|
||
|
||
**使用场景:**
|
||
- IaC安全扫描
|
||
- 云配置审计
|
||
- 安全策略检查
|
||
- 合规性检查
|
||
parameters:
|
||
- name: "scan_type"
|
||
type: "string"
|
||
description: "扫描类型(all, terraform, k8s等)"
|
||
required: false
|
||
flag: "--scan-type"
|
||
format: "flag"
|
||
default: "all"
|
||
- name: "iac_dir"
|
||
type: "string"
|
||
description: "IaC目录"
|
||
required: false
|
||
flag: "-d"
|
||
format: "flag"
|
||
default: "."
|
||
- name: "policy_type"
|
||
type: "string"
|
||
description: "要使用的策略类型"
|
||
required: false
|
||
flag: "--policy-type"
|
||
format: "flag"
|
||
- name: "output_format"
|
||
type: "string"
|
||
description: "输出格式(json, yaml, xml)"
|
||
required: false
|
||
flag: "--output"
|
||
format: "flag"
|
||
default: "json"
|
||
- name: "severity"
|
||
type: "string"
|
||
description: "严重程度过滤(high, medium, low)"
|
||
required: false
|
||
flag: "--severity"
|
||
format: "flag"
|
||
- name: "additional_args"
|
||
type: "string"
|
||
description: |
|
||
额外的terrascan参数。用于传递未在参数列表中定义的terrascan选项。
|
||
|
||
**示例值:**
|
||
- 根据工具特性添加常用参数示例
|
||
|
||
**注意事项:**
|
||
- 多个参数用空格分隔
|
||
- 确保参数格式正确,避免命令注入
|
||
- 此参数会直接追加到命令末尾
|
||
required: false
|
||
format: "positional"
|