We’re always on the lookout for new ways to bring continuous security to developers. Integrating security into infrastructure earlier in the process benefits everyone, saving time for both infrastructure developers and security teams. With that, Cloudrail is pleased to announce the launch of our brand new Visual Studio Code extension.

What Is Cloudrail?

Cloudrail is an infrastructure as code scanning tool which identifies vulnerabilities in both static terraform code on your machine, and the current state of the cloud environment. The two are combined to generate a full context picture of your live environment and any possible vulnerabilities in it. The Cloudrail command line tool allows developers to perform static assessments on code they’ve written locally, or combine them with a cloud account to create a larger context assessment.

The Cloudrail Visual Studio Code Extension

With our new Visual Studio Code extension, developers are now able to bring Cloudrail more easily into their workflows; checking infrastructure as code as it’s written, allowing problems to be identified and corrected immediately. Our objective is to make infrastructure security an easy process, and the closer we can bring our tools to developers, the easier it becomes for them to integrate them into their workflows. 

How To Install Cloudrail for Visual Studio Code

Installation is a one-click process, and can be done from the Visual Studio Extension marketplace. A Cloudrail account is required, and registration for that is also a simple process. Once installed, users can navigate to a directory with terraform code, open a terraform file, and select “Cloudrail Scan” from the command palette to begin an assessment. Cloudrail will collect all terraform files associated with the currently open one, and perform a static assessment on all of them.

For example:

If a file named ec2.tf is open in your editor, and there are other .tf files in the same directory, Cloudrail will perform an assessment on all of them in scope. We do this to give the developer the best possible picture of misconfigurations in the module they’re currently writing, understanding that many of us choose to split terraform resources across multiple files in the same module for better organization.

We’re fortunate enough to have a great developer community giving us feedback on what they need to integrate security best practices into their development workflows, and we’re confident that this new extension will allow even more developers to start bringing continuous security into their organizations. If you have any questions, ideas, or feedback, please feel free to reach out to community@cloudrail.app with your suggestions.