Tip: See all of our documentation at regula.dev!

• Regula
  • Introduction
  • Installation
    • Homebrew (macOS & Linux)
    • Prebuilt binary (all platforms)
    • Docker (all platforms)
    • From source
  • Usage
  • For more information

Regula is a tool that evaluates infrastructure as code files for potential AWS, Azure, Google Cloud, and Kubernetes security and compliance violations prior to deployment.

Regula supports the following file types:

• CloudFormation JSON/YAML templates
• Terraform source code
• Terraform JSON plans
• Kubernetes YAML manifests
• Azure Resource Manager (ARM) JSON templates (in preview)

Regula includes a library of rules written in Rego, the policy language used by the Open Policy Agent (OPA) project. Regula works with your favorite CI/CD tools such as Jenkins, Circle CI, and AWS CodePipeline; we’ve included a GitHub Actions example so you can get started quickly. Where relevant, we’ve mapped Regula policies to the CIS AWS, Azure, Google Cloud, and Kubernetes Foundations Benchmarks so you can assess compliance posture. Regula is maintained by engineers at Fugue.

Regula is also available as a Docker image on DockerHub here.

More information is available at regula.dev.

To install Regula via Homebrew:

brew tap fugue/regula
brew install regula

To upgrade Regula:

brew upgrade regula

1. Download the Regula archive for your platform from the Releases page.

2. Extract the downloaded archive.

3. Move the extracted regula binary to somewhere in your PATH:

   macOS:

   mv regula /usr/local/bin
   

   Linux:

   sudo mv regula /usr/local/bin
   

   Windows (cmd):

   md C:\regula\bin
   move regula.exe C:\regula\bin
   setx PATH "%PATH%;C:\regula\bin"
   

   Windows (PowerShell):

   md C:\regula\bin
   move regula.exe C:\regula\bin
   $env:Path += ";C:\regula\bin"
   # You can add '$env:Path += ";C:\regula\bin"' to your profile.ps1 file to
   # persist that change across shell sessions.
   

4. Windows users only: Close cmd and re-open it so the changes take effect.

5. You can now run regula.

Regula is available as a Docker image on DockerHub here.

For usage, see Running Regula with Docker.

macOS, Linux, and WSL only

1. Install Go (v1.18+)

2. Build binary and move to /usr/local/bin/regula:

   make # this builds ./bin/regula
   make install # this builds ./bin/regula and installs it to /usr/local/bin/regula

Once you've built the binary, execute the following to run tests:

git submodule update --init --recursive
make test

For a tutorial on using Regula with example IaC, see Getting Started.

Regula

Usage:
  regula [command]

Available Commands:
  completion        generate the autocompletion script for the specified shell
  help              Help about any command
  init              Create a new Regula configuration file in the current working directory.
  repl              Start an interactive session for testing rules with Regula
  run               Evaluate rules against infrastructure as code with Regula.
  show              Show debug information.
  test              Run OPA test with Regula.
  version           Print version information.
  write-test-inputs Persist dynamically-generated test inputs for use with other Rego interpreters

Flags:
  -h, --help      help for regula
  -v, --verbose   verbose output

Use "regula [command] --help" for more information about a command.

For details about each command, including examples, see Usage.

Visit regula.dev for more information about Regula, including:

• Regula's report output
• Integrations
• Writing and testing custom rules
• Configuring waivers and disabling rules
• and more!