The Best Terraform Static Analysis Tools (Linters/Formatters)
We rank 8 Terraform linters, code analyzers, formatters, and more. Find and compare tools like Mega-Linter, Semgrep, trunk, and more. Please rate and review tools that you've used. This helps others find the best tools for their projects.
1 Terraform Tools
7 Multi-Language Tools
Mega-Linter
Mega-Linter can handle any type of project thanks to its 70+ embedded Linters, its advanced reporting, runnable on any CI system or locally, with assisted installation and configuration, able to apply formatting and fixes
Semgrep
A fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time. Its rules look like the code you already write; no abstract syntax trees or regex wrestling. Supports 17+ languages.
trunk
Modern repositories include many technologies, each with its own set of linters. With 30+ linters and counting, Trunk makes it dead-simple to identify, install, configure, and run the right linters, static analyzers, and formatters for all your repos.
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations in your infrastructure-as-code. Supports Terraform, Kubernetes, Docker, AWS CloudFormation and Ansible
SonarCloud
SonarCloud enables your team to deliver clean code consistently and efficiently with a code review tool that easily integrates into the cloud DevOps platforms and extend your CI/CD workflow. SonarCloud is free for open source projects.
GitGuardian ggshield
ggshield is a CLI application that runs in your local environment or in a CI environment to help you detect more than 350+ types of secrets, as well as other potential security vulnerabilities or policy breaks affecting your codebase.
SonarLint
SonarLint is a free IDE extension available for IntelliJ, VS Code, Visual Studio, and Eclipse, to find and fix coding issues in real-time, flagging issues as you code, just like a spell-checker. More than a linter, it also delivers rich contextual guidance to help developers understand why there is an issue, assess the risk, and educate them on how to fix it.
Help make this list better
Suggest Tools
Frequently Asked Questions
What are Terraform tools?
What are the best Terraform static analysis tools and linters?
The most popular Terraform tools ranked by user votes are: Mega-Linter, Semgrep, trunk, kics, shisho.
Which Terraform tools are free to use?
Tools with a free plan include trunk. On top of that, there are also a number of open source like Mega-Linter, Semgrep, trunk, kics, shisho, GitGuardian ggshield, SonarLint.