Prancer (https://www.prancer.io) VSCode extension helps DevOps engineers working on Infrastructure as Code (IaC) to have early feedback on their templates. This extension can find the security problems in your Infrastructure as Code (IaC) by doing static code analysis (SCA) on your IaC, and also remediate those problems for you! The extension is powered by more than 1000 security compliance policies (https://github.com/prancer-io/prancer-compliance-test/)
By opening a new IaC file, or saving an existing file, the extension starts to make an API call to Prancer Backend servers to review the code and send back the result.
These IaC formats are supported by Prancer Extension:
Open visual studio code and open /prancer-vsccode-extension project
Save workspace as "workspace.prancer"
Press "F5" to start debugging. it should open Extension-Development-Host (a new Visual studio code window)
It should show information "Prancer-extension started"
On opening the "src/test/deploy.yaml" file, the prancer-extension will run "prancer --db NONE --file data/tempdata.yaml --iac cloudformation" and output the results in "Output" window (Select Prancer-Output on the pulldown) and u should see 2 issues with this file. To manually trigger the operation, edit the file and save it to run the extension.
Now edit the file by deleting the "VersionConfiguration" and "status: Enabled" lines for S3 configuration, and it should add this failure to the existing ones.
Prancer-extension requires these settings:
"Company" name used in registration with Prancer Account.