diff --git a/ale_linters/terraform/gitleaks.vim b/ale_linters/terraform/gitleaks.vim
new file mode 100644
index 0000000000..8279dff7d9
--- /dev/null
+++ b/ale_linters/terraform/gitleaks.vim
@@ -0,0 +1,5 @@
+scriptencoding utf-8
+" Author: Peter Benjamin <https://github.com/pbnj>
+" Description: gitleaks support for terraform files.
+
+call ale#handlers#gitleaks#DefineLinter('terraform')
diff --git a/autoload/ale/handlers/gitleaks.vim b/autoload/ale/handlers/gitleaks.vim
new file mode 100644
index 0000000000..2478e9d63e
--- /dev/null
+++ b/autoload/ale/handlers/gitleaks.vim
@@ -0,0 +1,55 @@
+scriptencoding utf-8
+" Author: Peter Benjamin <https://github.com/pbnj>
+" Description: Define a handler function for gitleaks
+
+call ale#Set('gitleaks_executable', 'gitleaks')
+call ale#Set('gitleaks_options', '')
+
+function! ale#handlers#gitleaks#GetExecutable(buffer) abort
+    return ale#Var(a:buffer, 'gitleaks_executable')
+endfunction
+
+function! ale#handlers#gitleaks#GetCommand(buffer) abort
+    let l:executable = ale#handlers#gitleaks#GetExecutable(a:buffer)
+    let l:options = ale#Var(a:buffer, 'gitleaks_options')
+
+    return l:executable
+    \   . ' detect --no-git --no-color --no-banner --redact --verbose'
+    \   . ale#Pad(l:options)
+endfunction
+
+function! ale#handlers#gitleaks#Handle(buffer, lines) abort
+    " Look for lines like the following:
+    "
+    " Finding:     ACCESS_KEY_ID=REDACTED
+    " Secret:      REDACTED
+    " RuleID:      generic-api-key
+    " Entropy:     3.546594
+    " File:        tmp/env
+    " Line:        1
+    " Fingerprint: tmp/env:generic-api-key:1
+    let l:pattern = '\v^Fingerprint: .*:(.*):(\d+)$'
+    let l:output = []
+
+    for l:match in ale#util#GetMatches(a:lines, l:pattern)
+        call add(l:output, {
+        \   'lnum': l:match[2] + 0,
+        \   'text': l:match[1],
+        \   'type': 'E',
+        \})
+    endfor
+
+    return l:output
+endfunction
+
+function! ale#handlers#gitleaks#DefineLinter(filetype) abort
+    call ale#Set('gitleaks_executable', 'gitleaks')
+    call ale#Set('gitleaks_options', '')
+
+    call ale#linter#Define(a:filetype, {
+    \   'name': 'gitleaks',
+    \   'executable': function('ale#handlers#gitleaks#GetExecutable'),
+    \   'command': function('ale#handlers#gitleaks#GetCommand'),
+    \   'callback': 'ale#handlers#gitleaks#Handle',
+    \})
+endfunction