Write better infrastructure code - free from vulnerabilities

Bring Cloudrail into your workflow with our command line tool or Visual Studio Code extension, and check for vulnerabilities before you deploy.


resource "aws_subnet" "my_subnet" {
  vpc_id            = aws_vpc.my_vpc.id
  cidr_block        = "172.16.10.0/24"
  availability_zone = "us-west-2a"

  tags = {
    Name = "tf-example"
  }
}

What is Cloudrail?

Cloudrail is a tool that helps you automate the security review of your infrastructure, and infrastructure as code.

Your cloud infrastructure is built, managed, and deployed using automation. Your security framework should discover potentially new infrastructure, detect security issues, and allow you to control what gets deployed. Most cloud security issues are not fixed because the risk of exposure is too low. Cloudrail helps take risk out of the equation by recommending a few fixes – before you deploy to production.

Expand All Collapse All

What languages / frameworks are supported?

Cloudrail currently supports parsing both terraform and cloudformation files.

Which terraform providers / clouds are supported?

Cloudrail currently supports Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure (azurerm).

Cloudrail In Your Workflow

Cloudrail supports a few different methods for integrating into your workflow, so you can check for vulnerabilities in your infrastructure as code before you deploy.

Command Line Interface

Use the "cloudrail run" command to parse the files in your working directory and identify any misconfigurations.

Visual Studio Code Extension

Download our VS Code extension from the marketplace to run scans on files in your workspace.

Terraform Pre-Commit

Use Cloudrail with the pre-commit framework to automatically identify issues before you push them to remote.

Ready to write more secure infrastructure code?

Get started today – it’s free and takes 5 minutes.

Get Started