Checkov

Checkov is a code analysis tool that scans Terraform deployments for vulnerabilities and compliance violations. If Checkov is enabled, Scalr will insert the Checkov step before the Terraform init phase runs. Checkov will evaluate the code that is being pulled in, and if any errors are found, the run in Scalr will stop. Runs that are stopped during the Checkov step are not billed for.

To enable Checkov, go to the integrations page at the administrative scope. Users need the integrations:read and integrations:manage permissions to set up and manage this integration.:

Click on Checkov and then "Add connection", where you will be prompted to name the integration and provide the Checkov version(i.e. 3.2.288) that you want to run. Do not use the "sha..." tag that is also provided in the Docker hub list of versions:

Once enabled, Checkov will execute on ALL workspaces within the account: