Skip to content
Switch branches/tags

Latest commit

* [RM-5761] Add source code location info to output

* [RM-5761] Fix location for module resources and add test

* [RM-5761] Fix location for cfn resources and add test

* [RM-5761] Use resourceKey location in error handling

* [RM-5761] Add TODO regarding cfn attribute paths

* [RM-5761] Call stack for modules location info

Co-authored-by: Jason Lynch <>

Git stats


Failed to load latest commit information.


Tip: See all of our documentation at!


Regula is a tool that evaluates CloudFormation and Terraform infrastructure-as-code for potential AWS, Azure, and Google Cloud security and compliance violations prior to deployment.

Regula supports the following file types:

  • CloudFormation JSON/YAML templates
  • Terraform HCL code
  • JSON-formatted Terraform plans

Regula includes a library of rules written in Rego, the policy language used by the Open Policy Agent (OPA) project. Regula works with your favorite CI/CD tools such as Jenkins, Circle CI, and AWS CodePipeline; we’ve included a GitHub Actions example so you can get started quickly. Where relevant, we’ve mapped Regula policies to the CIS AWS, Azure, and Google Cloud Foundations Benchmarks so you can assess compliance posture. Regula is maintained by engineers at Fugue.

Regula is also available as a Docker image on DockerHub here.

More information is available at


Homebrew (macOS & Linux)

To install Regula via Homebrew:

brew tap fugue/regula
brew install regula

To upgrade Regula:

brew upgrade regula

Prebuilt binary (all platforms)

  1. Download the Regula archive for your platform from the Releases page.

  2. Extract the downloaded archive.

  3. Move the extracted regula binary to somewhere in your PATH:


    mv regula /usr/local/bin


    sudo mv regula /usr/local/bin

    Windows (cmd):

    md C:\regula\bin
    move regula.exe C:\regula\bin
    setx PATH "%PATH%;C:\regula\bin"
  4. Windows users only: Close cmd and re-open it so the changes take effect.

  5. You can now run regula.

Docker (all platforms)

Regula is available as a Docker image on DockerHub here.

For usage, see Running Regula with Docker.


For a tutorial on using Regula with example IaC, see Getting Started.


  regula [command]

Available Commands:
  help              Help about any command
  repl              Start an interactive session for testing rules with Regula
  run               Evaluate rules against infrastructure as code with Regula.
  show              Show debug information.
  test              Run OPA test with Regula.
  version           Print version information.
  write-test-inputs Persist dynamically-generated test inputs for use with other Rego interpreters

  -h, --help      help for regula
  -v, --verbose   verbose output

Use "regula [command] --help" for more information about a command.

For details about each command, including examples, see Usage.

For more information

Visit for more information about Regula, including:


Regula checks infrastructure as code templates (Terraform, CloudFormation) for AWS, Azure and Google Cloud security and compliance using Open Policy Agent/Rego




No packages published