Time to Complete: 15 minutes
Terraform makes creating and tearing down cloud infrastructure as easy as writing configuration files. In the Infrastructure as Code course in the CircleCI Academy, you created a workflow that uses Terraform to create a GKE cluster and deploy an application into it as part of a continuous delivery pipeline.
According to the NSA, misconfigurations are the top Cloud vulnerability. In this add-on module, you'll add Snyk Infrastructure as Code into the workflow to reinforce secure IaC development practices, ensuring your Terraform files aren't configured in ways that open up your cluster, and the applications running in them, to risks caused by cloud misconfiguration. Let's begin!
This lab assumes the following courses were completed in CircleCI Academy:
We'll use the same code used in the Infrastructure as Code course. It can be found on GitHub.
When ready, continue to the next page.