Fugue announced Regula 1.0, an open source policy engine for infrastructure as code (IaC) security. The tool includes prebuilt libraries with hundreds of policies that validate AWS, Microsoft Azure, and Google Cloud resources. Regula supports a broad set of IaC inputs including Terraform HCL, Terraform plan JSON, AWS CloudFormation, and Serverless Application Model templates. Developers can create their own custom rules to meet organizational requirements, and Regula includes tooling for running tests.
Source: https://www.helpnetsecurity.com/2021/06/29/regula-iac-security/