<ul><li>Checkov is an open-source tool for scanning Infrastructure as Code for security issues.</li><li>It supports various frameworks, but lacks built-in support for the AWS Cloud Control (AWSCC) provider.</li><li>The article discusses creating custom Checkov policies for AWSCC resources to address this gap.</li><li>An example custom check ensures no hardcoded AWS credentials in the provider configuration.</li><li>Utilizing a GenAI coding agent helped in scaling up the policy creation process.</li><li>Contributions were made back to the Checkov repository to integrate these custom checks.</li><li>Features of the custom security checks include extensive coverage, working examples, and policy validation.</li><li>The goal is to continue expanding the security checks for AWSCC provider resources.</li><li>Integration with GitHub Actions is detailed for incorporating these custom checks into CI/CD pipelines.</li><li>In conclusion, these custom Checkov policies help ensure consistent security practices in AWS Cloud Control environments.</li></ul>

Custom Security Checks for AWS Cloud Control Provider with Checkov

Discover more