diff --git a/.mega-linter.yaml b/.mega-linter.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d0f98101c6e57bdaba2b5a93dda367834cdd9205
--- /dev/null
+++ b/.mega-linter.yaml
@@ -0,0 +1,62 @@
+---
+DISABLE:
+  - COPYPASTE
+  - SPELL
+
+DISABLE_LINTERS:
+  # Unable to import 'requests' (import-error)
+  - PYTHON_PYLINT
+  # can't be configured (bugs), too many checks
+  - REPOSITORY_KICS
+  # can't be configured
+  - REPOSITORY_TRIVY
+  # usage problems (https://github.com/prettier/prettier/issues/6069)
+  - YAML_PRETTIER
+  # problem with schemas
+  - YAML_V8R
+  # requires terraform files, but without directories selection
+  - TERRAFORM_TERRASCAN
+
+# yaml[octal-values]: bug
+ANSIBLE_ANSIBLE_LINT_ARGUMENTS: >-
+  -x yaml[octal-values]
+  --exclude megalinter-reports/
+  --exclude */deployments/*.yaml
+  --exclude */playbooks/files/calico.yaml
+  --exclude */terraform/cloud-init.yaml
+
+# B105:hardcoded_password_string: false positive
+# B404:blacklist: subprocess needed
+# B603:subprocess_without_shell_equals_true: needed
+PYTHON_BANDIT_ARGUMENTS: --skip B105,B404,B603
+
+# CKV2_ANSIBLE_1 (http): local comunication
+# CKV_OPENSTACK_2: useless check
+# CKV_SECRET_6 (base64): just crazy check
+# FIXME: jupyterhub-jwt.yaml
+REPOSITORY_CHECKOV_ARGUMENTS: >-
+  --skip-check CKV2_ANSIBLE_1,CKV_OPENSTACK_2,CKV_SECRET_6
+  --skip-path .*/playbooks/files/(jupyterhub-jwt|calico).yaml
+  --skip-path .*/playbooks/upgrade.yaml
+
+# DS137138 (http): local communication
+# DS169125 (ssl): protocol actually banned
+# DS169126 (ssl): protocol actually banned
+# DS176209: FIXME jupyterhub-jwt.yaml
+REPOSITORY_DEVSKIM_ARGUMENTS: >-
+  --ignore-globs .git/**,**/playbooks/files/calico.yaml
+  --ignore-rule-ids DS137138,DS169125,DS169126,DS176209
+
+# terraform_unused_declarations: common variables file
+# terraform_required_providers: common requirements file
+# terraform_required_version: common requirements file
+TERRAFORM_TFLINT_ARGUMENTS: >-
+  --disable-rule=terraform_unused_declarations
+  --disable-rule=terraform_required_providers
+  --disable-rule=terraform_required_version
+
+YAML_PRETTIER_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*)\.yaml$
+
+YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: ^[^/]*/(deployments/.*|playbooks/files/calico|terraform/cloud-init)\.yaml$
+
+FILTER_REGEX_EXCLUDE: ^.*\.swp$