https://github.com/advanced-security/codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
https://github.com/advanced-security/codeql-extractor-iac
Last synced: 14 days ago
JSON representation
CodeQL Extractor, Library, and Queries for Infrastructure as Code
- Host: GitHub
- URL: https://github.com/advanced-security/codeql-extractor-iac
- Owner: advanced-security
- License: mit
- Created: 2023-08-10T15:54:38.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-12-11T17:35:52.000Z (3 months ago)
- Last Synced: 2025-12-12T22:13:43.212Z (3 months ago)
- Language: CodeQL
- Size: 1.05 MB
- Stars: 57
- Watchers: 2
- Forks: 12
- Open Issues: 15
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
- Support: SUPPORT.md
Awesome Lists containing this project
- awesome-codeql - codeql-extractor-iac - CodeQL Extractors, Library, and Queries for Infrastructure as Code ( Terraform / HCL, JSON, YAML, Container files, Bicep ) (CodeQL Extractors)
README
CodeQL IaC Extractor, Libraries, and Queries
[](https://github.com/advanced-security/codeql-extractor-iac)
[](https://github.com/advanced-security/codeql-extractor-iac/actions/workflows/publish.yml?query=branch%3Amain)
[](https://github.com/advanced-security/codeql-extractor-iac/issues)
[](https://github.com/advanced-security/codeql-extractor-iac)
[](./LICENSE)
> [!NOTE]
> This is **not** an official GitHub project and is not supported by the CodeQL team.
> This is a community project.
>
> β οΈ **Important:** As of September 2025, this project **no longer supports Bicep or GitHub Actions scanning**. Please refer to the documentation for supported languages and frameworks.
## π Overview
[CodeQL][codeql] Extractor, Library, and Queries for Infrastructure as Code.
## π οΈ Usage
```yaml
- name: Initialize and Analyze IaC
uses: advanced-security/codeql-extractor-iac@v0.5.1
```
**Note:** See full documentation on [Workflows][docs-workflows].
## π Documentation
The [documentation for CodeQL IaC extractor can be found here][docs].
**Other Useful Links:**
- [Q&A][docs-qanda] β
- [Languages and Frameworks][docs-languages-and-frameworks] π
- [Coverage][docs-coverage] π
- [Example Workflows][docs-workflows] π
## π License
This project is licensed under the terms of the MIT open source license.
Please refer to [MIT](./LICENSE.md) for the full terms.
To use this project for Infrastructure as Code, you will need to [use CodeQL][codeql] and follow all terms and conditions of the [CodeQL License][codeql-license].
For use in private repositories and code, you will need to [purchase a GitHub Advanced Security license][advanced-security].
## π₯ Contributors
Mathew Payne
π» π¬ π§ π‘οΈ π€
Arthur Baars
π» π€ π§βπ«
Edward Minnix III
π» π¨ π€
Joe Farebrother
π» π¨ π€
Viktor LindstrΓΆm
π»
## π¬ Support
Support is via [GitHub Issues][issues] or [GitHub Discussions][discussions].
[issues]: https://github.com/advanced-security/codeql-extractor-iac/issues
[discussions]: https://github.com/advanced-security/codeql-extractor-iac/discussions
[codeql]: https://codeql.github.com/
[codeql-license]: https://github.com/github/codeql-cli-binaries/blob/main/LICENSE.md
[advanced-security]: https://github.com/features/security
[docs]: ./docs
[docs-qanda]: ./docs/Q%26A.md
[docs-languages-and-frameworks]: ./docs/languages-and-frameworks.md
[docs-coverage]: ./docs/coverage.md
[docs-workflows]: ./docs/workflows.md