Custom cfn-nag rules or rules not yet defined nag files the filename should be template filename appended with.
Or scan directories using cfn_nag_scan running (cfn_nag_scan -input-path src/main/config/ -o json -> target/cfn-nag-scan.nagscan) and set the property =target/cfn-nag-scan.nagscan Properties supported Prepare cfn_nag reports running (cfn_nag -output-format=json src/main/config/template.yml > target/) and set the property =target/ (comma separated if multiple reports) Or that add support for json/yaml languages Howto Cfn-nag Requires Yaml plugin and optional Json plugin if json is used for cloudformation templates. Sonarqube 7.7+ and supports cfn_nag and checkov reports Cloudformation template rules (cfn-nag,checkov) but also infrastructure-as-code-languages Terraform, Terraform plan, Kubernetes, Serverless or ARM Templates Demo linksĭemo Sonarqube quality profile Demo Sonarqube quality rules Demo Sonarqube quality issues Support
