Agentic AI Atlasby a5c.ai
/
GitHubDocsDiscord
iiRecord
Agentic AI Atlas · IaC Security Scanning
workflow:iac-security-scanninga5c.ai
II.
Workflow JSON

workflow:iac-security-scanning

Structured · live

IaC Security Scanning json

Inspect the normalized record payload exactly as the atlas UI reads it.

File · workflows/workflows/workflows-security-compliance-deep.yamlCluster · workflows
Record JSON
{
  "id": "workflow:iac-security-scanning",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-security-compliance-deep.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "IaC Security Scanning",
    "workflowKind": "security",
    "triggerType": "event-driven",
    "typicalCadence": "per-pull-request",
    "complexity": "single-team",
    "description": "Scans Infrastructure-as-Code templates (Terraform, CloudFormation, Helm,\nPulumi) for misconfigurations, overly permissive IAM policies, unencrypted\nstorage, public network exposure, and CIS benchmark violations before\nmerge -- triaging findings by severity, suppressing accepted risks, and\nblocking deployments with critical violations. Excludes IaC authoring and\ndrift remediation.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:iac-security-scanning",
      "to": "role:security-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "role:platform-engineer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "role:cloud-architect",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "skill-area:terraform-infrastructure",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "skill-area:container-security",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "domain:security",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "domain:cloud-infra",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "responsibility:run-security-scans",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "responsibility:terraform-state-mgmt",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "org-unit:security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:iac-security-scanning",
      "to": "org-unit:platform-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    }
  ],
  "incomingEdges": [
    {
      "from": "stack-profile:security-operations",
      "to": "workflow:iac-security-scanning",
      "kind": "follows_workflow"
    },
    {
      "from": "stack-profile:terraform-landing-zone",
      "to": "workflow:iac-security-scanning",
      "kind": "follows_workflow"
    }
  ]
}