Create nginx in docker using Terraform and Checkov

To create an Nginx web server using Docker and Terraform, with static code analysis using Checkov, you will need to perform the following steps:

Install Docker and Terraform:

• Install Docker by following the instructions on the official website (https://docs.docker.com/get-docker/).
• Download and install Terraform from the official website (https://www.terraform.io/downloads.html).

Install Checkov:

• Install Checkov using pip: pip install checkov

1. Write a Dockerfile to build an Nginx image:

• Create a file named Dockerfile in an empty directory and add the following content to it:

FROM nginx:alpine
COPY index.html /usr/share/nginx/html

This Dockerfile specifies that you want to use the nginx:alpine image as the base for your custom image, and that you want to copy the file index.html into the image at the default Nginx document root.

1. Create an index.html file:

• Create a file named index.html in the same directory as your Dockerfile and add some content to it. This content will be served by the Nginx web server when you run the Docker container.

1. Build the Docker image:

• Run the following command to build the Docker image:

docker build -t my-nginx .

This will build the image and tag it with the name my-nginx.

1. Write a Terraform configuration file:

• Create a file with a main.tf extension and define a docker_container resource to run the Nginx container. For example:

resource "docker_container" "nginx" {
  name = "nginx"
  image = "my-nginx"
  ports {
    internal = 80
    external = 8080
  }
}

This configuration will run a Docker container named “nginx” using the my-nginx image, and will expose port 8080 on the host machine and map it to port 80 in the container.

1. Run Checkov to perform static code analysis:

• Run Checkov on your Terraform configuration file using the following command:

checkov -d path/to/terraform/directory

In this case I’ll be running a test to check the best policies and check for vulnerabilities or deprecated files and versions.

After running the entire application, I put it on purpose so that everyone can see the messages it picks up. And finally run the container on docker using Terraform.

This will scan your Terraform code for potential security issues, such as open security group ports or IAM policies with excessive permissions.

1. Initialize and apply the Terraform configuration:

• Initialize Terraform by running the following command:

terraform init

This will download any required plugins and modules.

• Apply the Terraform configuration by running the following command:

terraform apply

This will create the Docker container and start the Nginx web server.