Skip to content

Welcome to Stacklet IaC Governance

Stacklet's IaC Governance tool (Sinistral) helps you "shift-left" by enforcing security policy against your infrastructure-as-code assets, like Terraform. The security policies are represented in YAML files which are easy to read and can be customized to the precise needs of your organization. Sinistral has two main components: a web console and a CLI.

Web console

The web console is used to:

  • Add, update, and delete Sinistral policies
  • Manage users, groups, and projects
  • View scan results

CLI

The CLI is used to scan directories of Terraform code and report the results to the Sinistral API. It can be used on a developer machine or integrated into an existing CI pipeline.

Getting Started

If you are brand new to Sinistral, we recommend that you begin with our Getting Started guide.