This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.


Understand the pluggable architecture powering Terrascan

Terrascan’s architecture is built to be modular to facilitate adding IaC languages and policies. At a high level Terrascan is composed of the following architectural components: a command line interface, API server, runtime, pluggable IaC providers, pluggable policy engine, notifier, and writer.

  • Command Line Interface = Provides CLI input to Terrascan.
  • API Server = Provides input to Terrascan through an API.
  • Runtime = Performs input validation and process inputs
  • IaC Providers = Converts IaC language into normalized JSON
  • Policy Engine = Applies policies against normalized JSON
  • Notifier = Provides webhooks for results of Terrascan scans.
  • Writer = Writes results into various formats like JSON, YAML, or XML.

Terrascan architecture