Terrat

Terrat is a term primarily used in the context of infrastructure as code (IaC) and policy as code (PaC) tools. It refers to a tool and framework developed by Bridgecrew (later acquired by Palo Alto Networks) for infrastructure-as-code security. It aims to prevent misconfigurations and security vulnerabilities in cloud infrastructure deployments before they are provisioned.

Specifically, Terrat analyzes Terraform, CloudFormation, Kubernetes, and other IaC configuration files for potential security issues. It uses a library of security policies and rules to identify violations, such as overly permissive access controls, missing encryption, or non-compliant configurations.

Terrat provides developers and security teams with actionable insights and recommendations for remediation. It helps to shift security left, meaning that security concerns are addressed earlier in the development lifecycle, reducing the risk of deploying insecure infrastructure. The tool can be integrated into CI/CD pipelines to automate security checks and prevent vulnerable infrastructure from being deployed.

In essence, Terrat is a static analysis tool for infrastructure-as-code, focused on security best practices and compliance. It allows teams to identify and fix security issues in their infrastructure configurations before they are provisioned in the cloud.