> For the complete CircleCI developer hub index, see [llms.txt](https://circleci.com/developer/llms.txt)

# mycodeself/tfsec

Orb to easy run tfsec on CircleCI


## Commands

### install

Installs tfsec tool


| Parameter | Type | Default | Description |
|---|---|---|---|
| `version` | string | latest | The tfsec version to install (https://github.com/tfsec/tfsec/releases) |

### scan

Run tfsec scan


| Parameter | Type | Default | Description |
|---|---|---|---|
| `directory` | string | . | Directory with tf code to recursively scan. Default to current directory |
| `exclude-checks` | string |  | Comma separated list of checks to exclude in the scan |
| `tfvars-file` | string |  | Path to tfvars file to include values in the scan |

## Executors

### default

tfsec container executor


| Parameter | Type | Default | Description |
|---|---|---|---|
| `tag` | string | latest | Pick a specific aquasec/tfsec-ci image tag: https://hub.docker.com/r/aquasec/tfsec-ci/tags
 |

## Examples

### example

Example of tfsec installation and usage


```yaml
version: '2.1'
orbs:
  tfsec: mycodeself/tfsec-orb@1.0.5
jobs:
  scan-example:
    executor: tfsec/default
    steps:
      - checkout
      - tfsec/scan:
          directory: path/to/tfcode
          exclude-checks: GEN001,GCP001,GCP002
          tfvars-file: path/to/terraform.tfvars
workflows:
  analyze-tf-code:
    jobs:
      - scan-example
```