BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository.
BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
BicepGoat was built to enable DevSecOps design and implement a sustainable misconfiguration prevention strategy. It can be used to test a policy-as-code framework like Bridgecrew & Checkov, inline-linters, pre-commit hooks or other code scanning methods.
BicepGoat follows the tradition of existing *Goat projects that provide a baseline training ground to practice implementing secure development best practices for cloud infrastructure.
Where to get help: the Bridgecrew Community Slack
Before you proceed please take a note of these warning:
⚠️ BicepGoat creates intentionally vulnerable Azure resources into your account. DO NOT deploy BicepGoat in a production environment or alongside any sensitive Azure resources.
- BicepGoat - Vulnerable by design Bicep templates
- CDKGoat - Vulnerable by design CDK application
- CfnGoat - Vulnerable by design Cloudformation template
- TerraGoat - Vulnerable by design Terraform stack
- kustomizegoat - Vulnerable by design kustomize deployment
Contribution is welcomed!
We would love to hear about more ideas on how to find vulnerable infrastructure-as-code design patterns.
Bridgecrew builds and maintains BicepGoat to encourage the adoption of policy-as-code.
If you need direct support you can contact us at [email protected].