🗂️ Navigation
📁 Infrastructure as Code
📋 Pre-Commit IaC Scanning
🔧 Yor

Yor

Automated IaC tagging and tracing.

Visit Website →

Overview

Yor is an open-source tool from the creators of Checkov (Bridgecrew/Palo Alto Networks) that automatically adds consistent, traceable tags to Infrastructure as Code files during development. It creates a trail from code to cloud, enriching resources with details like git repository, commit hash, and code owners. While not a scanner itself, it provides the necessary context for other tools to trace misconfigurations back to their source.

✨ Key Features

  • Automatically tags IaC resources (Terraform, CloudFormation, Serverless)
  • Adds git context tags (repo, file path, commit, owner)
  • Extensible with custom taggers
  • Integrates as a pre-commit hook or in CI/CD pipelines

🎯 Key Differentiators

  • Automates the process of adding traceability tags
  • Focuses on a specific, unsolved problem in the IaC lifecycle
  • From the creators of Checkov, ensuring good integration

Unique Value: Automatically creates a link from cloud resources back to the code and developers who created them, enhancing traceability and accountability.

🎯 Use Cases (3)

Enriching IaC with ownership and traceability information Improving context for security alerts from runtime scanners Automating cost allocation and resource management through tags

✅ Best For

  • Automated IaC tagging in a pre-commit workflow.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Finding security misconfigurations (it's a tagger, not a scanner).

🏆 Alternatives

infracost (for tagging context) custom scripts

Most organizations solve this problem with manual tagging policies or custom scripts. Yor provides a standardized, open-source, and automated way to achieve this.

💻 Platforms

Desktop

✅ Offline Mode Available

🔌 Integrations

pre-commit GitHub Actions

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: Fully open-source and free.

Visit Yor Website →

🔄 Similar Tools in Pre-Commit IaC Scanning

Checkov

Open-source IaC scanner that finds misconfigurations in Terraform, CloudFormation, Kubernetes, and m...

Contact

Terrascan

Open-source static code analyzer for IaC that helps detect security issues and compliance violations...

Contact

KICS

Open-source IaC scanner from Checkmarx that supports a wide range of platforms and offers extensive ...

Contact

Trivy

Versatile open-source security scanner from Aqua Security that finds vulnerabilities, IaC misconfigu...

Contact

tfsec

A fast, open-source static analysis scanner for Terraform code to find security misconfigurations....

Contact

Prisma Cloud

A comprehensive Cloud Native Application Protection Platform (CNAPP)....

Contact