Tip: See all of our documentation at regula.dev!
Regula is a tool that evaluates CloudFormation and Terraform infrastructure-as-code for potential AWS, Azure, and Google Cloud security and compliance violations prior to deployment.
Regula supports the following file types:
- CloudFormation JSON/YAML templates
- Terraform HCL code
- JSON-formatted Terraform plans
Regula includes a library of rules written in Rego, the policy language used by the Open Policy Agent (OPA) project. Regula works with your favorite CI/CD tools such as Jenkins, Circle CI, and AWS CodePipeline; we’ve included a GitHub Actions example so you can get started quickly. Where relevant, we’ve mapped Regula policies to the CIS AWS, Azure, and Google Cloud Foundations Benchmarks so you can assess compliance posture. Regula is maintained by engineers at Fugue.
Regula is also available as a Docker image on DockerHub here.
More information is available at regula.dev.
To install Regula via Homebrew:
brew tap fugue/regula
brew install regula
To upgrade Regula:
brew upgrade regula
-
Download the Regula archive for your platform from the Releases page.
-
Extract the downloaded archive.
-
Move the extracted
regula
binary to somewhere in your PATH:macOS:
mv regula /usr/local/bin
Linux:
sudo mv regula /usr/local/bin
Windows (cmd):
md C:\regula\bin move regula.exe C:\regula\bin setx PATH "%PATH%;C:\regula\bin"
-
Windows users only: Close cmd and re-open it so the changes take effect.
-
You can now run
regula
.
Regula is available as a Docker image on DockerHub here.
For usage, see Running Regula with Docker.
For a tutorial on using Regula with example IaC, see Getting Started.
Regula
Usage:
regula [command]
Available Commands:
help Help about any command
repl Start an interactive session for testing rules with Regula
run Evaluate rules against infrastructure-as-code with Regula.
show Show debug information.
test Run OPA test with Regula.
Flags:
-h, --help help for regula
-v, --version version for regula
Use "regula [command] --help" for more information about a command.
For details about each command, including examples, see Usage.
Visit regula.dev for more information about Regula, including:
- Regula's report output
- Integrations
- Writing and testing custom rules
- Configuring waivers and disabling rules
- and more!