New integration: CircleCI Orb for Accurics

We’re excited to release our CircleCI Orb for Accurics, which enables users to easily erect policy guardrails in their CircleCI pipelines. It leverages the Accurics CLI to identify violations and drifts, and users of Accurics commercial offerings can access advanced capabilities including automated fixes.

We prepared a convenient video to help you get started.

For the impatient, here’s a summary. We'll assume you already have a free or paid Accurics account.

First, download the config from the appropriate environment tab in the Accurics UI.

accurics-download-config

Make a note of the app and env values in the downloaded config.

Next, in your CircleCI Project Settings add two new environment variables:

  • ACCURICS_API_KEY=<value of app from Accurics config>
  • ACCURICS_ENV_ID=<value of env from Accurics config>

Now, in your code repository add or edit .circleci/config.yml:

  • Import the accurics-cli orb:
version: 2.1
orbs:
    accurics: accurics/accurics-cli@0.1.0
  • Run the scan by adding an accurics_scan job in the appropriate workflows:
jobs:
  - accurics/accurics_scan:
      terraform-version: latest
      directories: <path to your IaC within the repo>
      plan-args: <any additional args for terraform plan>
      fail-on-violations: true
      fail-on-all-errors: true

A couple of extra notes:

  • You can specify a different version of Terraform under terraform-version
  • Any variables or command line parameters needed for terraform plan should be added under plan-args