GitFlops: The Dangers of Terraform Automation Platforms

Terraform is a popular Infrastructure-as-Code platform used by organizations for managing their cloud or on-premises infrastructure. However, automation platforms designed to manage the Terraform lifecycle can be exploited to compromise entire cloud environments. Several SaaS and open-source platforms follow a pull request based approach where a repository contains HCL files describing the target infrastructure. Executing terraform plan can create an execution plan that lets users preview changes before deployment, but this process also has potential attack points. Custom providers and data sources in HCL can be used to execute malicious commands during a Terraform plan. Automation platforms like Hashicorp Cloud, Atlantis, Digger, Env0, and Terrateam are susceptible to these attacks under default configurations. Mitigations include integrating CI jobs with allowlists for providers and data sources or adopting secure defaults in automation platforms.