ComplyKit for VS Code

Scan your AWS, GCP, Terraform, and GitHub against SOC 2, HIPAA, CIS, ISO 27001, and PCI DSS controls — directly in VS Code.

See failing compliance checks as Problems panel warnings on the exact line of your Terraform file. Get remediation steps on hover. No context switching.

Features

Compliance Findings Panel

Browse all findings grouped by provider, sorted by severity. Failed checks show critical / high / medium / low badges. Click any finding to see the full remediation guide and the compliance controls it maps to (e.g. SOC 2 CC6.1, ISO 27001 A.12.6).

Terraform Diagnostics

Failing checks appear as Problems panel warnings on the exact line of your .tf file — the same experience as ESLint, but for compliance. Hover over a squiggly to read the fix inline.

Multi-Framework Support

Choose a framework at scan time — or run All Frameworks in parallel and see every control mapping in one pass (SOC 2, HIPAA, ISO 27001, PCI DSS, CIS).

Provider Picker

Select exactly what to scan: AWS, Terraform, GitHub, Kubernetes, GCP, Azure, Policy — or all at once.

Run ComplyKit: Sign in to dashboard to connect VS Code to your ComplyKit account. Once signed in, scan results push to the cloud dashboard automatically — shareable with your team and auditor.

Status Bar Score

Live compliance score shown in the status bar, colour-coded: green ≥80, amber 50–79, red <50.

Auto-Scan on Save

Optionally trigger a Terraform scan every time you save a .tf file — instant feedback during IaC authoring.

Loads Last Scan Instantly

On startup, ComplyKit loads your most recent scan from ~/.complykit/evidence/ so findings are visible immediately without waiting for a fresh scan.

Requirements

Install the comply CLI:

brew install nuvlabs/tap/comply

Or download the latest binary from complykit.io.

Quick Start

Install the extension and the comply CLI
Click the shield icon in the Activity Bar to open the ComplyKit panel
Click ▶ Run Scan and pick your framework + providers
Click any failing finding to see the remediation guide

To push results to your team dashboard:

Open the Command Palette → ComplyKit: Sign in to dashboard
Complete sign-in in your browser — results will auto-push after each scan

Extension Settings

Setting	Default	Description
`complykit.binaryPath`	`comply`	Path to the comply binary
`complykit.framework`	`soc2`	Default framework for per-file Terraform scans
`complykit.githubOwner`	``	GitHub org/user (auto-detected from git remote if unset)
`complykit.terraformDir`	`.`	Directory containing Terraform files
`complykit.autoScanOnSave`	`false`	Auto-scan Terraform on save
`complykit.dashboardUrl`	`https://app.complykit.io`	Dashboard URL (change only for self-hosted installs)
`complykit.pushAfterScan`	`false`	Push results to dashboard after each scan

CI/CD Integration

Use --fail-below to gate pipelines on compliance score:

- run: comply scan --framework soc2 --only terraform --fail-below 80

Generate a ready-made workflow:

comply ci github > .github/workflows/compliance.yml

ComplyKit

nuvlabs