Skip to content

About⚓︎

About Regula⚓︎

Regula is an open source policy engine for infrastructure as code security and compliance, and is available to developers as a set of open source tools and a CLI.

Regula is the policy engine that powers Fugue, a SaaS platform for securing cloud resources across the entire cloud development lifecycle.

Why Regula?⚓︎

Regula has the following advantages:

  • Support for the IaC tools and templates that you use: AWS CloudFormation YAML and JSON templates, including SAM templates and those generated by the AWS Cloud SDK; Terraform source and plan files, including support for modules and Terraform JSON generated by the Terraform CDK; Kubernetes YAML manifests; Azure Resource Manager (ARM) templates (preview)
  • Easy installation and deployment with Homebrew, Docker, and pre-built binaries for all platforms
  • Out-of-the-box libraries of rules that inspect AWS, Azure, Google Cloud, and Kubernetes resources for potential misconfigurations and compliance issues, including CIS Foundations Benchmarks checks
  • Configurable settings, including waivers for designating exceptions on resources or even an entire IaC file, and enabling/disabling rules based on your team’s needs
  • Support for user-defined custom rules written in Rego, the policy as code language from Open Policy Agent. Users can easily define simple, single-resource type rules, or more complex rules that evaluate multiple resource types or check for missing configurations
  • CI/CD integration examples for GitHub Actions, Travis CI, and more
  • Support for standardized output formats such as JSON, JUnit, and Test Anything Protocol (TAP) for simple integration into existing CI/CD pipelines
  • Integration with Conftest for convenient test running