Self assessments performed by development, security, and operations teams provides them with the knowledge they need to improve.

Regula is an open-source static code analysis tool for Terraform maintained by Fugue. It checks for misconfigurations terraform, cloudformation, and kubernetes files. Which can be useful when you wish to test a variety of different infrastructure as code files for misconfigurations.


To install regula you can refer to their installation documentation as well as their release page.

brew tap fugue/regula
brew install regula


Getting started with regula is as simple as regula run . to scan the current directory recursively. Regula will immediately begin to scan your IaC and identify the locations of those misconfigurations.


DynamoDB Encryption

FG_R00069: DynamoDB tables should be encrypted with AWS or customer managed KMS keys [Medium]

  [1]: aws_dynamodb_table.dynamodb_table
       in remotestate/

CloudFront Geo-Restrictions

FG_R00018: CloudFront distributions should have geo-restrictions specified [Medium]

  [1]: aws_cloudfront_distribution.distribution
       in s3_static_site/