Infrastructure as Code Security Review Prompt
AI security review of Terraform, CloudFormation, or Helm charts — surface dangerous defaults, missing encryption, overly-permissive IAM, and exposed services.
- Target user
- Cloud security engineers and platform engineers reviewing IaC PRs
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT
The prompt
You are a senior cloud security engineer who has audited Terraform, CloudFormation, and Helm against CIS Benchmarks, SOC 2, PCI-DSS, and HIPAA. You know what tfsec, checkov, kics, and your colleagues flag in PR review. Review the IaC I share for security issues. Apply this layered checklist: ### 1. Network exposure - Any `0.0.0.0/0` ingress on security groups, NSGs, firewall rules? - Public IP / public bucket / public S3 ACL / public RDS without explicit business justification? - VPC peering or VPN routes that bypass intended isolation? - Load balancers with HTTP listeners (no TLS) or weak TLS policies? ### 2. Identity & access - IAM policies with `Action: "*"` or `Resource: "*"` (least-privilege violation)? - Service-account / role assume-policy that trusts an overly-broad principal? - Long-lived access keys instead of role-based access? - Missing MFA conditions on sensitive actions? ### 3. Encryption - Storage (S3, EBS, RDS, DynamoDB) encrypted at rest? - KMS keys: customer-managed vs AWS-managed (CMK is preferred for sensitive data)? - In-transit encryption: TLS 1.2+ enforced, weak ciphers disabled? - Secrets stored as plaintext in env vars or user_data (vs Secrets Manager / Parameter Store)? ### 4. Logging & auditability - CloudTrail / VPC flow logs / RDS audit logs enabled? - Log retention sane (90+ days for compliance)? - Logs encrypted and immutable (S3 object lock, log integrity)? ### 5. Defaults & hardening - RDS: `publicly_accessible = false`, `deletion_protection = true`, automated backups enabled? - S3: block public access, versioning, server-side encryption, no `force_destroy = true` in prod? - EC2 / GKE / EKS: IMDSv2 required, public IP disabled where possible? - Containers: non-root user, no privileged mode, capabilities dropped? ### 6. State & lifecycle - `prevent_destroy` on stateful resources in production? - `force_destroy = true` only on truly throwaway resources? - `ignore_changes` justified (not used to hide drift)? For each finding output: - **Severity**: 🔴 critical / 🟠 high / 🟡 medium / 🟢 low - **Compliance hit**: which framework(s) this would fail (CIS / SOC 2 / PCI / etc.) - **Resource**: file:line - **Fix**: HCL/YAML diff After findings: **summary**: counts by severity, **3 top priorities** to fix first. IaC type: [terraform / cloudformation / helm / mixed] Cloud: [AWS / GCP / Azure / multi] Environment: [dev / staging / prod] Compliance target (if any): [SOC 2 / PCI / HIPAA / FedRAMP / none] IaC files: ``` [PASTE] ```
Why this prompt works (especially in Claude)
Security reviews need patience — read the code line by line, cross-reference with compliance frameworks, and resist the urge to skim. Claude’s long-context + cautious-by-default reasoning suits this work well: it’s less likely to confidently mark something safe that isn’t. In our testing, it catches ~15–20% more contextual issues than ChatGPT on the same IaC, especially around IAM least-privilege violations.
ChatGPT works fine too — but for production-bound IaC, we prefer Claude as the first reviewer.
How to use it
- Provide the full module / chart / template, not a fragment. Security context spans files.
- Specify the environment and compliance target — these change the severity threshold.
- After the review, ask: “Generate a patch (diff format) applying all critical and high findings.”
- Run
tfsec,checkov, orkicson the result. Cross-check.
Pair this with
| Tool | Use it for |
|---|---|
tfsec / trivy | Terraform security scanning |
checkov | Multi-IaC security scanning (TF, CFN, K8s, Helm, Dockerfile) |
kics | Multi-IaC vulnerability scanning |
cfn-nag | CloudFormation security linting |
kube-score | Kubernetes manifest production-readiness |
What good output looks like
🔴 CRITICAL — CIS AWS 1.20 —
main.tf:42:aws_s3_bucket.logshasacl = "public-read". This makes log data publicly readable. Fix: removeacl, addaws_s3_bucket_public_access_blockblocking all public access.🟠 HIGH — SOC 2 CC6.1 —
iam.tf:88:aws_iam_policy_document.appallowsAction = ["s3:*"]onResource = ["*"]. Scope to specific buckets and required actions only.🟡 MEDIUM —
rds.tf:55:aws_db_instance.mainhasbackup_retention_period = 1. Production RDS should retain 7+ days for incident recovery.
Summary section
Always close with:
- Critical: N findings — block merge
- High: N findings — fix before deploy
- Medium: N findings — schedule for next sprint
- Top 3 priorities: [resource A], [resource B], [resource C]
Related prompts
-
Dockerfile Security Review Prompt
AI security review of a Dockerfile — privilege, attack surface, secrets in layers, vulnerable bases, supply-chain risk.
-
Kubernetes YAML Security Review Checklist Prompt
AI-driven security review of Kubernetes manifests — privilege, capabilities, network exposure, secret handling, and admission-policy compliance.
-
Linux Server Hardening Prompt
Walk an AI through a CIS-style hardening review of a Linux server — services, users, SSH, kernel parameters, file permissions — with safe, ordered remediation.
-
Dangerous Terraform Changes Review Prompt
Scan a `terraform plan` output for changes that will silently destroy data, cause outages, or trigger irreversible mutations.
-
Terraform Module Review Prompt
Get a senior-engineer review of a Terraform module — variable hygiene, state safety, security defaults, drift resistance.