Skip to content

Make your Terraform compliant. In one command.

Scan your OpenTofu or Terraform state against 53 frameworks. Get deterministic patches — not AI suggestions. 

$ uv tool install complyform
$ complyform scan --state=terraform.tfstate --frameworks=soc2
Get Started — Free View Pricing → |

Three commands to compliant.

Works on what you already deployed. No rewriting. No account required.

01

Scan

Point it at your .tfstate. Get a full resource inventory back.

$ complyform scan --state=terraform.tfstate

✓ Parsed terraform.tfstate
  Found 142 resources across 12 resource types
  Cloud: gcp | Region: us-central1
  State format: v4 | Terraform: v1.9.2
02

Assess

Every resource mapped to real control IDs. See exactly what's failing — and why.

$ complyform assess --frameworks=soc2

SOC 2 Type II Assessment
────────────────────────
Controls evaluated:  47
Passing:             31  (66%)
Failing:             16  (34%)

Top findings:
  CC6.1  google_sql_database_instance  ssl_mode != ENCRYPTED_ONLY
  CC6.7  google_compute_firewall       allows 0.0.0.0/0 on port 22
  CC7.2  google_storage_bucket         versioning disabled
03

Remediate

Get a patch for every finding. Apply it, re-scan, pass.

$ complyform remediate --frameworks=soc2

Generated 16 patches across 9 files
✓ main.tf          — 6 patches (sql, firewall, storage)
✓ networking.tf    — 4 patches (firewall rules)
✓ storage.tf       — 3 patches (bucket config)
✓ iam.tf           — 3 patches (service accounts)

$ complyform validate
✓ All 47 SOC 2 controls passing — Checkov validation clean

Brownfield-first

You have 200 resources already deployed. ComplyForm scans them as-is — no migration, no rewrite, no new modules.

Fixes your code, not your console

Console fixes create drift. ComplyForm patches your .tf files directly — your code and your cloud stay in sync.

53 frameworks, one command

SOC 2, HIPAA, ISO 27001, NIS2, DORA, and 48 more. One install. One command. No per-framework fees.

Runs locally. No data leaves your machine.

Your state file never touches our servers. OpenTofu-native, Terraform-compatible. Open-source, Apache 2.0, zero telemetry on the free tier.

Plugs into the tools your auditor already trusts

Export findings to Vanta, Drata, Audit Manager, and Purview. Cross-reference SCC, Security Hub, and Defender for Cloud. Your existing compliance stack stays intact.

Pricing

Assess everything free. Flat annual pricing. No per-resource or per-seat fees.

Community

Free

Scan, assess, remediate 4 frameworks. No limits.

uv tool install complyform
Pro

$599/yr

11 frameworks, HTML reports, CI/CD, batch scan.

View Plans →
Team

$1,999/yr

Hosted dashboard, drift alerts, cloud intelligence.

View Plans →
Agency

$4,999/yr

Branded PDFs, batch remediation, GRC export.

View Plans →
Enterprise

$24,999/yr

Air-gap, ME frameworks, SSO, data residency.

View Plans →
Enterprise Unlimited

Custom

Unlimited everything. Custom SLA.

Contact Sales →

Install

Your first compliance gap report in under a minute.

pip / uv

uv tool install complyform

homebrew

brew install complyform/tap/complyform

Then run your first scan:

$ complyform scan --state=terraform.tfstate --frameworks=soc2