---
title: "Cloud DevSecOps for Terraform with Bridgecrew"
chapter: true
weight: 1
---

# Welcome!

In this workshop, you’ll learn how to leverage infrastructure as code (IaC) and DevSecOps to automate, scale, and improve the security posture of your cloud infrastructure. We’ll create a pipeline that provides frequent, easy-to-digest improvements to ensure our configurations are secure and compliant from the build-time to runtime.

Using **Bridgecrew, Checkov, VS Code, GitHub, Terraform Cloud,** and **AWS**, we’ll get hands-on experience implementing an automated **Terraform** security and compliance workflow.

![Diagram of workshop flow](terraform/images/0_flow_diagram.png "Diagram of workshop flow")

## Learning Objectives
- Get an overview of DevSecOps and Terraform infrastructure as code (IaC)
- Scan IaC files for misconfigurations locally
- Set up CI/CD pipelines to automate security scanning and policy enforcement
- Fix IaC security errors and AWS resource misconfigurations with Bridgecrew

**Let’s start with a few core concepts!**