Skip to content

Qualimetry/intellij-terraform-plugin

BranchesTags

Repository files navigation

Qualimetry Terraform Analyzer - IntelliJ Plugin

Static analysis of Terraform files (.tf) in IntelliJ IDEA and other JetBrains IDEs, including headless analysis in JetBrains Qodana for CI/CD pipelines.

Powered by the same analysis engine as the VS Code extension and the SonarQube plugin.

Features

  • 766 rules from tflint, Trivy, and checkov covering misconfigurations, security, style, and correctness.
  • Real-time diagnostics as you edit .tf files.
  • Configurable — enable/disable individual rules and override severities via a per-rule settings panel.
  • SonarQube import — import active rules from a SonarQube quality profile via Tools > Qualimetry Terraform > Import Rules from SonarQube.
  • Qodana support — runs automatically in JetBrains Qodana for quality gates in CI/CD.

Rule categories

Source Focus Examples
tflint Terraform conventions Naming conventions, deprecated syntax, provider requirements
Trivy Security misconfigurations S3 encryption, IAM policies, network security groups
checkov Compliance & best practices CIS benchmarks, SOC2, HIPAA, PCI-DSS checks

Prerequisites

The plugin runs tflint, Trivy, and checkov as external tools. Install them on your PATH:

If a tool is not installed, findings from that tool are silently skipped.

Installation

From JetBrains Marketplace

  1. Open Settings > Plugins > Marketplace.
  2. Search for Qualimetry Terraform Analyzer.
  3. Click Install and restart.

From source

cd <monorepo-root>
mvn clean install -pl terraform-rules

cd intellij-plugin
./gradlew buildPlugin

The plugin ZIP is produced in build/distributions/.

Configuration

Configure the analyzer under Settings > Tools > Qualimetry Terraform Analyzer:

  • Enable/disable the analyzer globally.
  • Per-rule table — enable/disable individual rules, set severity overrides, filter by name or key.
  • Reset to Defaults — clear all overrides and return to the default profile.
  • Per-rule overrides are stored in qualimetry-terraform.xml.

Import from SonarQube

Use Tools > Qualimetry Terraform > Import Rules from SonarQube to fetch active rules from a SonarQube quality profile. Enter your server URL, an optional authentication token, and an optional profile name. The imported rules replace the current configuration. The server URL and profile name are remembered between sessions.

Also available

The same analysis engine powers plugins for other platforms:

Rule keys and severities align across all three tools so findings are directly comparable.

Requirements

  • IntelliJ IDEA 2024.3 or later (any JetBrains IDE based on the IntelliJ Platform).
  • tflint, Trivy, and/or checkov on PATH.

License

Apache License 2.0. See LICENSE for details.

About

Static analysis of Terraform (HCL) files in IntelliJ IDEA and JetBrains Qodana. 400+ rules from tflint, Trivy, and Checkov.

qualimetry.com

Topics

testing intellij jetbrains terraform linter static-analysis iac intellij-plugin hcl static-analyzer terraform-modules qodana

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 3

v2.2.4 Latest
Mar 19, 2026
+ 2 releases

Packages

 
 
 

Contributors

Languages