Tip: See all of our documentation at regula.dev!
Regula is a tool that evaluates infrastructure as code files for potential AWS, Azure, Google Cloud, and Kubernetes security and compliance violations prior to deployment.
Regula supports the following file types:
- CloudFormation JSON/YAML templates
- Terraform source code
- Terraform JSON plans
- Kubernetes YAML manifests
- Azure Resource Manager (ARM) JSON templates (in preview)
Regula includes a library of rules written in Rego, the policy language used by the Open Policy Agent (OPA) project. Regula works with your favorite CI/CD tools such as Jenkins, Circle CI, and AWS CodePipeline; we’ve included a GitHub Actions example so you can get started quickly. Where relevant, we’ve mapped Regula policies to the CIS AWS, Azure, Google Cloud, and Kubernetes Foundations Benchmarks so you can assess compliance posture. Regula is maintained by engineers at Fugue.
Regula is also available as a Docker image on DockerHub here.
More information is available at regula.dev.
To install Regula via Homebrew:
brew tap fugue/regula brew install regula
To upgrade Regula:
brew upgrade regula
Download the Regula archive for your platform from the Releases page.
Extract the downloaded archive.
Move the extracted
regulabinary to somewhere in your PATH:
mv regula /usr/local/bin
sudo mv regula /usr/local/bin
md C:\regula\bin move regula.exe C:\regula\bin setx PATH "%PATH%;C:\regula\bin"
md C:\regula\bin move regula.exe C:\regula\bin $env:Path += ";C:\regula\bin" # You can add '$env:Path += ";C:\regula\bin"' to your profile.ps1 file to # persist that change across shell sessions.
Windows users only: Close cmd and re-open it so the changes take effect.
You can now run
Regula is available as a Docker image on DockerHub here.
For usage, see Running Regula with Docker.
macOS, Linux, and WSL only
Build binary and move to
make # this builds ./bin/regula make install # this builds ./bin/regula and installs it to /usr/local/bin/regula
Once you've built the binary, execute the following to run tests:
git submodule update --init --recursive make test
For a tutorial on using Regula with example IaC, see Getting Started.
Regula Usage: regula [command] Available Commands: completion generate the autocompletion script for the specified shell help Help about any command init Create a new Regula configuration file in the current working directory. repl Start an interactive session for testing rules with Regula run Evaluate rules against infrastructure as code with Regula. show Show debug information. test Run OPA test with Regula. version Print version information. write-test-inputs Persist dynamically-generated test inputs for use with other Rego interpreters Flags: -h, --help help for regula -v, --verbose verbose output Use "regula [command] --help" for more information about a command.
For details about each command, including examples, see Usage.
Visit regula.dev for more information about Regula, including: