- Support for _ in flag names, e.g. --input_type=tf_plan
- A new text format as the default output format
- Many new Terraform rules! See the full list on our docs site.
- Unified input_type values in rules with --input-type flag
- Bug when reading .tf files from stdin
- Use specific filepath in report output for tf inputs (#128)
data.prefix in data source type names (e.g.
data.aws_iam_policy_document) for tf inputs
- Remove coloring for WAIVED status and severity in table output so that it's readable against a black background (#126)
- Improve support for conditional resources (count = 0) in Terraform HCL
regulaCLI tool with lots of new features, including:
- Support for HCL source code
- Built-in OPA and input processing - removes the need for a separate OPA installation as well as the Python and Terraform dependencies.
- Discovery of IaC configurations
- Additional output formats (an ASCII table, JUnit XML, etc.)
- A configurable exit status based on rule severity
replcommands which enhance OPA with the Regula library
For descriptions of the new features and how to use them, please see our updated documentation at https://regula.dev
- Put all rego code in a
regosubdirectory. Please see our Conftest documentation for the updated URLs.
- Add support for waivers.
- Add support for disabling rules.
- Always use multiple input file mode to display the file path.
filepathin report out.
- Use nonzero exit code when rules are failing.
- Update regula report output format.
- Support multiple input files.
- Add support for CloudFormation templates.
- Add 23 new CIS AWS rules for CloudFormation templates.
- Reorganize rules and tests and standardize rule names.
- Update control and compliance family names to new format.
- Add a Dockerfile.
- New rule: Ensure AWS S3 Buckets are encrypted.
- New rule: Ensure AWS CloudFront uses HTTPS.
deny[msg]style simple rules.
- Enable structured output for
- Relicense under Apache 2.0 rather than AGPL.
NIST_800-53mapping to existing rules.
- Add support for
fugue.missing_resource_with_messageto return custom messages from rules.
- Add a workaround for a bug in OPA >= 0.20 that prevented simple
denyrules from working.
- Fix an issue where multiple terraform refs would cause an
object keys must be uniqueerror.
- Add conftest integration.
- Add a human-readable message to the report.
- Work around terraform issue with subdirectories & remote backends.
- Add initial set of Azure rules.
- Add initial set of GCP rules.
- Minor README.md and SECURITY.md fixes and improvements.
- Add support for terraform modules.
mktempinvocation on Mac.
- Various README improvements.
- Initial release.