Lior Abitbol
← Back to projects

Infrastructure Analysis (in progress)

TerraLens

Terraform analysis tool for surfacing infrastructure risk before deployment.

Coming soon

What it is

TerraLens is a planned Terraform analysis tool designed to surface infrastructure risks before deployment.

It focuses on making configuration, security, and governance issues visible during development rather than at apply time.

Problem

Infrastructure-as-code changes often introduce security risks, misconfigurations, and policy violations that are difficult to detect during code review and are typically discovered late in the deployment process.

This creates delayed feedback, inconsistent standards, and increased operational risk.

Approach

TerraLens is designed as a pre-deployment validation layer.

  • analyzes Terraform configurations and plans
  • identifies risky patterns and misconfigurations
  • evaluates code against defined rules and policies
  • produces structured findings for developers

The goal is to shift infrastructure validation earlier into the workflow, where issues are easier to understand and fix.

Key Capabilities

Terraform Analysis

Detection of misconfigurations, unsafe defaults, and anti-patterns.

Policy Checks

Rule-based validation aligned to organizational standards.

Risk Classification

Severity-based findings to prioritize remediation.

Pre-Deployment Focus

Designed to run before terraform apply as part of development workflows.

Extensible Policy Model (Future)

Support for reusable policy packs and customizable rules.

CI/CD Integration (Future)

Pipeline-based validation with pass/fail enforcement.

Explainable Findings (Future)

Clear reasoning and remediation guidance for each issue.

Why it matters

Infrastructure validation should be part of the development workflow, not a post-deployment concern.

TerraLens is intended to demonstrate how infrastructure governance can be consistent, automated, and developer-friendly.

TerraLens complements linters and scanners by focusing on when and how infrastructure risk is surfaced in the development lifecycle.

Technology

  • Terraform
  • IaC analysis
  • Policy checks
  • Risk detection
  • CI/CD