Terraform Cloud (TFC) users can now use the new Run Tasks feature (currently beta) to have Bridgecrew scan every new plan they run in TFC. The task provides a simple status for the run with a summary and a link to a Bridgecrew Code Reviews page.
We’ve made Bridgecrew integrations easier to add, find, and manage. Our latest update includes an integration catalog, integration grid, integration wizards.
Customers using Azure Repos now receive Bridgecrew scan results in every pull request as a Code Review. The included link will take you to the repository and branch of the scan on Bridgecrew’s Projects page.
We’ve updated our GitHub pull request comments with a new design, richer context, and commit fixes in the comments. We provide all the context needed about the error right in the comment itself, so you can get all of the info you need to fix misconfigurations in your repository.
Our visual editor for custom policies already supports multiple frameworks including CloudFormation and Terraform. Now we’ve added a new field to make that differentiation more obvious.
We’ve expanded the Projects page to include every Code Review from VCS commits and CI runs. If a scan is performed on a repository (configurable with Code Repository Settings) or a CI run such as Jenkins and Terraform Cloud with an API key, that run will show up in the Projects page in a dropdown menu. In this launch we’ve included:
In addition to our Terraform Cloud Drift Detection, we’ve added the ability to detect drift for any Terraform resource tagged using Yor. Any onboarded repository across all supported providers will act as the Terraform state. We compare that to runtime environments for AWS, Azure, and GCP. If a difference is detected, we flag that as drift in the Projects page. If you select “Fix Drift” Bridgecrew will create a pull request/merge request in your repo to update your code to match the cloud configurations.
Bridgecrew extended API token management. We now offer the ability to generate, manage, and delete multiple keys for different integrations with the following capabilities:
The Checkov VS Code plugin finds misconfigurations in IaC code as you type. You could always suppress misconfiguration alerts inline using code. Now you can suppress policies in the Bridgecrew platform and they will sync to the VS Code plugin. If you suppress a policy by resource, source, tag, or full policy, VS Code will not show misconfiguration alerts for relevant resources. This allows teams to suppress alerts across organizations and reduces noise for the entire team.
Bridgecrew added 45 new out of the box policies across multiple resource types and providers.