Bridgecrew Setup
You’ll need to sign up for a free Bridgecrew account to follow along with this tutorial. You can sign up for a free account here.
Checkov CLI
In this tutorial, we’re also going to use Checkov CLI. The CLI works on Windows, Mac, and Linux. You can install it with pip:
pip3 install checkovIf installing globally on your system (not in a python venv or pipenv) you may need to have permissions to write the libraries to the necessary locations, ie:
sudo pip3 install checkovIf you run into problems, try the alternate install instructions.
Yor CLI
We’ll also be using a new Bridgecrew open source tool, Yor, to make tagging and tracing infrastructure between code and the cloud easier, to install into our linux environment, run the following:
wget -q -O - https://github.com/bridgecrewio/yor/releases/download/0.1.62/yor-0.1.62-linux-amd64.tar.gz | sudo tar -xvz -C /usr/binNow test we can run yor
$ yor
NAME:
yor - enrich IaC files with tags automatically
USAGE:
yor [global options] command [command options] [arguments...]
VERSION:
0.1.61Bridgecrew API token
Throughout the tutorial, you’ll need to use the Bridgecrew API token. You can access it here or in your Bridgecrew account by navigating to the Integrations tab and selecting API Token.
