Skip to content

BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

License

Notifications You must be signed in to change notification settings

bo156/bicepgoat

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

BicepGoat - Vulnerable Bicep and ARM Infrastructure

Maintained by Bridgecrew.io slack-community

BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat

BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Introduction

BicepGoat was built to enable DevSecOps design and implement a sustainable misconfiguration prevention strategy. It can be used to test a policy-as-code framework like Bridgecrew & Checkov, inline-linters, pre-commit hooks or other code scanning methods.

BicepGoat follows the tradition of existing *Goat projects that provide a baseline training ground to practice implementing secure development best practices for cloud infrastructure.

Important notes

Where to get help: the Bridgecrew Community Slack

Before you proceed please take a note of these warning:

⚠️ BicepGoat creates intentionally vulnerable Azure resources into your account. DO NOT deploy BicepGoat in a production environment or alongside any sensitive Azure resources.

Bridgecrew's IaC herd of goats

  • BicepGoat - Vulnerable by design Bicep templates
  • CDKGoat - Vulnerable by design CDK application
  • CfnGoat - Vulnerable by design Cloudformation template
  • TerraGoat - Vulnerable by design Terraform stack
  • kustomizegoat - Vulnerable by design kustomize deployment

Contributing

Contribution is welcomed!

We would love to hear about more ideas on how to find vulnerable infrastructure-as-code design patterns.

Support

Bridgecrew builds and maintains BicepGoat to encourage the adoption of policy-as-code.

If you need direct support you can contact us at [email protected].

About

BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Bicep 100.0%