Infrastructure as Code Security

Docs > Datadog Security > Code Security > Infrastructure as Code Security

Join the Preview!

Infrastructure as Code (IaC) Security is in Preview. To request access, complete the form.

IaC misconfiguration side panel showing details for the high severity IMDSv1 Enabled issue, including a security summary, code snippet, detection timestamps, and remediation steps.

Infrastructure as Code (IaC) Security automatically analyzes your Terraform files for security misconfigurations. With IaC Security, you can:

Scan Terraform files for security misconfigurations
Surface IaC misconfigurations in the Code Security Vulnerabilities tab
Group and filter findings by severity, triage status, and other facets
View detailed remediation guidance and code snippets for each finding
Track finding status and history for triage and resolution
Configure scanning exclusions

IaC Security supports GitHub for version control and Terraform for infrastructure as code.

Getting started

Set up IaC Security in your environment
Configure scanning exclusions to reduce false positives or ignore expected results
Review and triage findings in the Code Security Vulnerabilities tab

Further reading

Additional helpful documentation, links, and articles:

Set up IaC SecurityDOCUMENTATION

Configure IaC Security ExclusionsDOCUMENTATION