Regula is an open-source static code analysis tool for Terraform maintained by Fugue. It checks for misconfigurations terraform, cloudformation, and kubernetes files. Which can be useful when you wish to test a variety of different infrastructure as code files for misconfigurations.


To install regula you can refer to their installation documentation as well as their release page.


Getting started with regula is as simple as regula run . to scan the current directory recursively. Regula will immediately begin to scan your IaC and identify the locations of those misconfigurations.


DynamoDB Encryption

FG_R00069: DynamoDB tables should be encrypted with AWS or customer managed KMS keys [Medium]

  [1]: aws_dynamodb_table.dynamodb_table
       in remotestate/

CloudFront Geo-Restrictions

FG_R00018: CloudFront distributions should have geo-restrictions specified [Medium]

  [1]: aws_cloudfront_distribution.distribution
       in s3_static_site/