🗂️ Navigation
📁 Infrastructure as Code
📋 Terraform Modules
🔧 compliance.tf

compliance.tf

A controlled registry for Terraform modules that are compliant by default.

Visit Website →

Overview

compliance.tf, created by Anton Babenko, provides a controlled, private Terraform registry where modules are automatically validated and remediated to enforce compliance controls. It ensures that any infrastructure deployed using these modules adheres to standards such as SOC 2, HIPAA, and PCI DSS by default. The service works by providing a secure source for Terraform modules that have been hardened with secure defaults, helping teams pass audits faster and reduce security findings from CSPM tools.

✨ Key Features

  • Controlled private registry for Terraform modules
  • Automatic validation and remediation of module configurations
  • Enforces compliance for SOC 2, HIPAA, PCI DSS, GDPR, and CIS
  • Provides secure-by-default modules
  • Integrates with CSPM tools like AWS Security Hub and AWS Config
  • Detailed reports on implemented frameworks and controls

🎯 Key Differentiators

  • Focuses on providing compliant-by-default modules rather than just scanning code
  • Acts as a private registry that intercepts and remediates module source code
  • Leverages the popular terraform-aws-modules as a base for its compliant versions

Unique Value: compliance.tf shifts compliance left by providing pre-approved, automatically remediated Terraform modules, ensuring infrastructure is compliant by default before it's ever deployed.

🎯 Use Cases (4)

Ensuring all Terraform deployments are compliant with industry standards Automating cloud security posture management Simplifying and accelerating the audit process Reducing misconfigurations and security findings in production

✅ Best For

  • Deploying S3 buckets that are compliant with SOC 2 and other standards
  • Enforcing secure transport policies on resources automatically

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Teams not operating in regulated industries or without strict compliance requirements
  • Organizations that prefer to manage their own module security and validation

🏆 Alternatives

Spacelift env0 Bridgecrew Checkov

Unlike static analysis tools that only detect issues, compliance.tf actively remediates them. Compared to manual processes, it automates the enforcement of compliance controls, saving time and reducing human error.

💻 Platforms

Web API

🔌 Integrations

Terraform AWS AWS Marketplace AWS Security Hub AWS Config AWS Audit Manager

🛟 Support Options

  • ✓ Email Support
  • ✓ Dedicated Support (Enterprise tier)

🔒 Compliance & Security

✓ SOC 2 ✓ HIPAA ✓ BAA Available ✓ GDPR ✓ SSO ✓ SOC 2 ✓ HIPAA ✓ PCI DSS ✓ GDPR ✓ CIS

💰 Pricing

Contact for pricing

✓ 14-day free trial

Free tier: N/A

Visit compliance.tf Website →

🔄 Similar Tools in Terraform Modules

Gruntwork

Provides a library of reusable, production-grade Terraform modules and DevOps expertise....

$795.00/mo

Cloud Posse

Offers a massive library of open-source Terraform modules and a framework for building production-gr...

Contact

terraform-aws-modules

Open-source Terraform modules for provisioning AWS resources....

Contact

Claranet

A managed services provider that publishes and maintains a collection of open-source Terraform modul...

Contact

HashiCorp AWS Modules

A set of Terraform modules for AWS services, officially published and maintained by HashiCorp....

Contact

terraform-google-modules

A collection of community-supported Terraform modules for provisioning and managing resources on Goo...

Contact