{"id":20480066,"url":"https://github.com/quixoticmonk/conformity-template-scanner","last_synced_at":"2026-04-20T06:33:45.328Z","repository":{"id":218820841,"uuid":"747446893","full_name":"quixoticmonk/conformity-template-scanner","owner":"quixoticmonk","description":"GitHub action which scans Terraform/CloudFormation templates using cloud conformity template scanner api.","archived":false,"fork":false,"pushed_at":"2024-02-18T18:37:07.000Z","size":16,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-05T15:27:09.699Z","etag":null,"topics":["conformity","iac-scanner","trendmicro"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/quixoticmonk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-24T00:07:06.000Z","updated_at":"2024-01-24T02:39:28.000Z","dependencies_parsed_at":"2024-02-15T03:27:53.701Z","dependency_job_id":"925730aa-1c3b-45b7-b113-f8b140847e25","html_url":"https://github.com/quixoticmonk/conformity-template-scanner","commit_stats":null,"previous_names":["quixoticmonk/conformity-template-scanner"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/quixoticmonk/conformity-template-scanner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quixoticmonk%2Fconformity-template-scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quixoticmonk%2Fconformity-template-scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quixoticmonk%2Fconformity-template-scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quixoticmonk%2Fconformity-template-scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/quixoticmonk","download_url":"https://codeload.github.com/quixoticmonk/conformity-template-scanner/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quixoticmonk%2Fconformity-template-scanner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32036474,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-20T00:18:06.643Z","status":"online","status_checked_at":"2026-04-20T02:00:06.527Z","response_time":94,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["conformity","iac-scanner","trendmicro"],"created_at":"2024-11-15T15:48:52.225Z","updated_at":"2026-04-20T06:33:45.310Z","avatar_url":"https://github.com/quixoticmonk.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Conformity Template Scanner\n\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/quixoticmonk/conformity-template-scanner/badge)](https://api.securityscorecards.dev/projects/github.com/quixoticmonk/conformity-template-scanner)\n\n\nA GitHub action to scan your infrastructure templates modelled either in Terraform or CloudFormation. The type of resources scanned depends on the currently supported list from Cloud Conformity.\n\n## Pre-requisites\n\n- You have a Cloud Conformity API key\n- You know the Cloud Conformity region\n\n\n## Usage\n\n\n\n```yaml\n - name: Initiate scan\n uses: quixoticmonk/conformity-template-scanner@v1\n with:\n conformity_region: \"us-1\"\n conformity_api_key: ${{secrets.conformity_api_key}}\n template_type: \"terraform-template\"\n template_path: \"infra/tf_plan.json\"\n```\n\n\n## Input\n\n| Input | Description |\n|--------------------|-----------------------------------|\n| conformity_region | Your Cloud Conformity region |\n| conformity_api_key | Your Cloud Conformity API key |\n| template_type | Your infrastructure template type |\n| template_path | Path of the template to scan |\n\n## Output\n\nThe action reviews the generated CloudFormation template or Terraform plan against the conformity api to provide you a categorized output of rules , their risk levels and status. The script is further configured to fail with an exit code of 1 in case of high or Very_high findings.\n\nThe output generated will be a json the format below\n\n```bash\n\n{\n \"DNS Compliant S3 Bucket Names\": {\n \"risk\": \"LOW\",\n \"status\": \"SUCCESS\"\n },\n \"Enable S3 Block Public Access for S3 Buckets\": {\n \"risk\": \"MEDIUM\",\n \"status\": \"FAILURE\"\n },\n .....\n \"Secure Transport\": {\n \"risk\": \"MEDIUM\",\n \"status\": \"FAILURE\"\n },\n \"Server Side Encryption\": {\n \"risk\": \"HIGH\",\n \"status\": \"FAILURE\"\n },\n \"Tags\": {\n \"risk\": \"LOW\",\n \"status\": \"FAILURE\"\n }\n}\n{'VERY_HIGH': 10, 'MEDIUM': 3, 'LOW': 7, 'HIGH': 1}\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquixoticmonk%2Fconformity-template-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fquixoticmonk%2Fconformity-template-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquixoticmonk%2Fconformity-template-scanner/lists"}