> ## Documentation Index
> Fetch the complete documentation index at: https://docs.trunk.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Checkov

> Checkov is a static code analysis tool for scanning infrastructure as code. It identifies misconfigurations in IaC files that could lead to security breaches.

[**Checkov**](https://github.com/bridgecrewio/checkov) is a linter for CloudFormation, Security, Terraform and Docker.

You can enable the Checkov linter with:

```shell theme={null}
trunk check enable checkov
```

<Frame caption="Checkov example output">
  <img src="https://mintcdn.com/trunk-4cab4936/WAR0qJ1WO0rtUlqz/assets/code-quality/overview/linters/supported/checkov.gif?s=7920dfa1dac4c11e3aceeddca4ba7b7a" alt="checkov example output" width="1000" height="600" data-path="assets/code-quality/overview/linters/supported/checkov.gif" />
</Frame>

## Auto Enabling

Checkov will be auto-enabled if any *Terraform, CloudFormation, Docker, Yaml or Json* files are present.

## Settings

Checkov supports the following config files:

* `.checkov.yml`
* `.checkov.yaml`

You can move these files to `.trunk/configs` and `trunk check` will still find them. See [Moving Linters](../configure-linters#moving-linters) for more info.

## Links

* [Checkov site](https://github.com/bridgecrewio/checkov)
* Checkov Trunk Code Quality [integration source](https://github.com/trunk-io/plugins/tree/main/linters/checkov)
* Trunk Code Quality's [open source plugins repo](https://github.com/trunk-io/plugins/tree/main)