This repository is no longer maintained and has been retired.
Deprecated: February 2026 | New Light Technologies, Inc. (NLT)
AICF has been completely redesigned as AICF v2.0, rebuilt from the ground up on a modern serverless-native, cloud-agnostic architecture.
This repository is preserved for historical reference only. No new development will occur here.
Replaces Fugue.co (discontinued in 2023) with AWS Config + AWS Security Hub for native, GovCloud-compatible drift detection
- Replaces Regula (abandoned) with OPA v1.14 + Checkov v3 + Trivy — all actively maintained
- Built on SST v4 — serverless, cloud-native, deployable on AWS, Azure, and GCP
- Native compliance coverage for FedRAMP, CMMC 2.0, NIST SP 800-53, SOC2, PII, CIS
- OSCAL v1.2 output for FedRAMP automated authorization pipeline
SBOM generation (EO 14028 software supply chain compliance)
At the time of retirement (February 2026):
- Fugue.co — the core drift detection engine — was shut down and no longer operational
- Regula — the policy rules library — was abandoned following the Fugue acquisition by Snyk
All pinned tool versions were 3+ years out of date (OPA v0.28, Terraform v0.15, Regula v0.8)
- Zero external forks; effectively no active community usage
The Automated Infrastructure Compliance Framework was an open-source integrated pipeline for deploying and monitoring infrastructure. Features included:
- Pre-deployment policy checking using Open Policy Agent
- Post-deployment AWS/Azure drift detection using Fugue.co
Terraform for Infrastructure-as-Code deployments
AWS CodePipeline and GitHub Actions deployment methods
NOTE: v1 is no longer functional due to Fugue.co and Regula being discontinued.
New Light Technologies, Inc. (NLT) aicf@nltgis.com https://newlighttechnologies.com/cybersecurity-services
NLTGit/automated_infrastructure_compliance_framework
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|