checkov
Checkov is a static code analysis tool for Infrastructure as Code (IaC).
TLDR
Scan a directory containing IaC (Terraform, Cloudformation, ARM, Ansible, Bicep, Dockerfile, etc)
$ checkov --directory [path/to/directory]
Scan an IaC file, omitting code blocks in the output
$ checkov --compact --file [path/to/file]
List all checks for all IaC types
$ checkov --list