Set up Infrastructure as Code Security

Join the Preview!

Infrastructure as Code (IaC) Security is in Preview. To request access, complete the form.

Request Access

Use the following instructions to enable Infrastructure as Code (IaC) Security for Code Security.

IaC Security supports GitHub for version control and Terraform for infrastructure as code.

Set up the GitHub integration

Follow the instructions for creating a GitHub app for your organization.

To use IaC Security, the GitHub App must have Read & Write permissions for Contents and Pull Requests. You can grant this access to all repositories or restrict it to selected ones.

Enable IaC Security for your repositories

After setting up the GitHub integration, enable IaC Security for your repositories.

  1. On the Code Security Setup page, expand the Activate scanning for your repositories section.
  2. Under Select your source code management provider, choose GitHub.
  3. Under Where do you want the scans to run?, select Datadog.
  4. In the GitHub account you want to configure, click Select repositories, or click Edit if Code Security features are already enabled.
  5. To enable IaC Security, choose one of the following options:
    • To enable it for all repositories, toggle Enable Infrastructure as Code Scanning (IaC) to the on position.
    • To enable it for a specific repository, toggle the IaC switch for that repository to the on position.

Further reading

Additional helpful documentation, links, and articles:

Code SecurityDOCUMENTATION more more IaC SecurityDOCUMENTATION more more Configure IaC Security ExclusionsDOCUMENTATION more more
PREVIEWING: deforest/docs-11221-move-iac-to-code-security