This version of the SonarQube documentation is no longer maintained. It relates to a version of SonarQube that is not active.

Terraform/CloudFormation/Kubernetes

SonarQube can analyze Infrastructure-as-Code (IaC) languages such as CloudFormation, Kubernetes, and Terraform.

Language-specific properties

Discover and update the Terraform Analysis parameters in Administration > General Settings > Languages > Terraform

Discover and update the CloudFormation Analysis parameters in Administration > General Settings > Languages > CloudFormation

Discover and update the Kubernetes Analysis parameters in Administration > General Settings > Languages > Kubernetes

Supported versions

  • Terraform 1.x (HCL format only)

  • CloudFormation with AWSTemplateFormatVersion 2010-09-09 (YAML and JSON)

  • Kubernetes (YAML)

  • AWS, Azure and GCP

Terraform provider versions

The respective Terraform providers are frequently updated. New resources, properties and default values are added. At the same time, others are deprecated or dropped. For this reason, the Terraform analysis is defensive by default: some issues will be automatically silenced to avoid raising false positives. In order to get a more precise analysis you can specify the provider versions your code supports via a parameter.

AWS: sonar.terraform.provider.aws.version Azure: sonar.terraform.provider.azure.version GCP: For Google Cloud Platform, no versions are currently considered in the analysis.

Accepted are versions having the format: X.Y.Z, X.Y or X

Examples:

  • sonar.terraform.provider.aws.version=1.93.4

  • sonar.terraform.provider.aws.version=3.4

  • sonar.terraform.provider.aws.version=4

For CloudFormation you can import cfn-lint reports. See Administration > General Settings > External Analyzers for more information

Issue tracker

Check the issue tracker for this language.

Last updated

Was this helpful?