- Parsing time has been greatly reduced (estimated 10x faster).
- Documentation has been added for all checks.
- Documentation is now built into check code and deployed to https://tfsec.dev instead of the wiki.
- Added custom check functionality.
- Added a guide for contributing checks.
- Added a snazzy new logo.
- Checks are always run in the same order to ensure consistent behaviour.
- Terraform files are now only parsed in the given directory - files are no longer parsed recursively.
- Modules are now fully supported (a
terraform init
is required.) - Fixed various panics across multiple checks/parsing functions.
- All example code in documentation is now automatically tested.
- Fixed AWS046 issue with IAM policy wildcards when
Deny
is used. - Fixed IPv6 CIDR message in AWS006.
- Fixed issue with severity sometimes showing as blank in all output formats.