
tflint
A Pluggable Terraform Linter
The Lens
TFLint catches Terraform mistakes that terraform validate misses: invalid instance types, deprecated syntax, unused declarations, and provider-specific errors that would otherwise blow up at apply time. It's a linter built specifically for Terraform, open source and free.
It runs as a single binary, locally or in CI, and it's extensible through plugins, one per cloud provider, that add rules specific to AWS, Azure, or GCP resources. Setup is the binary plus the provider plugin you need. It's fast and focused on correctness and best practices rather than security posture.
Fully free, no paid tier. It's not a security scanner, so it complements rather than replaces Checkov or KICS. Run TFLint to catch Terraform errors and style issues, and run a security scanner alongside it for misconfigurations. Together they cover different halves of the problem.
The catch: it only knows Terraform. It won't touch your CloudFormation, Kubernetes, or other IaC, and it's not looking for security issues. Scope it correctly: it makes your Terraform cleaner and catches provider errors early, but it's one tool in a larger IaC quality stack.
Free vs Self-Hosted vs Paid
fully freeSelf-hosted (free): TFLint under MPL-2.0, a single binary that lints Terraform for errors validate misses: invalid instance types, deprecated syntax, unused declarations, provider-specific mistakes. Extensible via per-provider plugins (AWS, Azure, GCP).
Commercial: None.
The call: A correctness and best-practices linter, not a security scanner. Run it alongside Checkov or KICS, which cover the security half.
Completely free and open source. No paid tier.
Get tools like this every Wednesday
One featured tool, three on the radar. No fluff.
About
- Owner
- Terraform Linters (Organization)
- Stars
- 5,762
- Forks
- 400
Explore Further
More tools in the directory
openclaw
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
381.5k ★everything-claude-code
The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
225.3k ★hermes-agent
The agent that grows with you
208.2k ★