Fugue, the company helping organizations innovate faster and more securely in the cloud, announced support for AWS CloudFormation in Regula, the open-source infrastructure as code (IaC) policy engine.

Cloud engineering and security teams can now use Regula to secure their AWS CloudFormation and Terraform configurations before deployment and apply those same rules to running cloud environments using the Fugue platform to secure the entire cloud development lifecycle.

Expanding Regula capabilities represents Fugue’s continued leadership in innovating on the policy as code for IaC and running cloud infrastructure since 2015.

Ideal for multi-cloud environments

Regula is ideal for organizations with DevOps teams that use both AWS CloudFormation and Terraform and those operating multi-cloud environments.

Regula is the only AWS CloudFormation security tool that can address vulnerabilities involving multiple resources, and the only one that helps teams meet the CIS AWS Foundations Benchmarks 1.2.0 and 1.3.0.

Regula easily integrates into CI/CD pipelines and enables pre-commit IaC checks and provides pull request feedback

Regula easily integrates into CI/CD pipelines and enables pre-commit IaC checks and provides pull request feedback. Fugue provides examples of Regula working with GitHub Actions for CI/CD.

Code security requirements

At Cadwell, we needed an effective way to check our infrastructure as code to ensure our cloud infrastructure deployments are secure so we can move faster in the cloud with confidence,” said Sawyer Ward, Enterprise Support Specialist at Cadwell Industries, Inc.

Regula is ideal for our infrastructure as code security requirements, and the ability to apply those same rules to our cloud environment with Fugue means we can keep our infrastructure in continuous compliance and avoid the risks and overhead of maintaining multiple policy frameworks.”

Independent working software

While Regula works independently of Fugue, teams can use Fugue to apply the same Regula rules to assess the security posture of their running AWS, Azure, and Google Cloud cloud infrastructure environments, eliminating the investment and cloud risk associated with using and reconciling different policy frameworks for different stages of the cloud development lifecycle and different cloud platforms.  

Unified cloud policy framework

Regula can be used across cloud platforms at every stage of the cloud development lifecycle

Companies operating at scale in the cloud need a policy as code framework that’s flexible, works with the leading infrastructure as code tools, and can be used across cloud platforms at every stage of the cloud development lifecycle,” said Josh Stella, co-founder, and CEO of Fugue.

By extending Regula support to AWS CloudFormation, cloud engineering and security teams now have a unified cloud policy framework that works with their tools and workflows, giving them the confidence to move faster in the cloud—without breaking the rules needed to keep cloud infrastructure secure and in compliance.”

Rules are user-defined

Regula’s rule library checks for a wide variety of cloud misconfiguration vulnerabilities, such as dangerously permissive AWS IAM policies and security group rules, S3 buckets without “block public access” options enabled, Lambda function policies allowing global access, VPCs with flow logs disabled, EBS volumes with encryption disabled, and untagged cloud resources.

Regula supports user-defined rules using the Rego query language developed by the Open Policy Agent project and includes helper libraries that enable users to easily build their own rules that conform to enterprise policies.

Fugue created and open-sourced Fregot, a tool that enables developers to easily evaluate Rego expressions, debug code, and test policies. 

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version
  • Related companies
  • Fugue
  • View all news from
  • Fugue

In case you missed it

Why Access Control Is Important
Why Access Control Is Important

When we talk about security, people are often quick to jump to conclusions and picture bouncers, heavy steel doors and alarms that go off as soon as a door is opened. Access control is in fact one of the most common and least invasive methods of adding extra security to a home, communal or business premises – controlling who is able to enter a space based on the use of entry codes, key fobs, and/or access cards. Communal flats and office blocks are where access control is often an important factor in keeping the building secure, though private residences also have their own lowkey methods of access control with burglar alarms and personalized codes. With that said, what is it that makes access codes so effective across so many spaces – and why are they so important in today’s society? Benefits of access control Every time you visit an office space, enter a block of flats, or drive into a gated community, you will likely be faced with restricted access and a code pad – plus a button to ring through if you are a visitor. This is a prime example of access control, whereby the owner of the premises has installed a gate or security door which requires a code to enter from the outside. Pressing the request button puts you through to a controller who can then either grant access or deny access. The primary benefit of access control is that it ensures that a space remains secure Some of these code pads have cameras so that the controller can see the visitor – some just have a microphone and speaker. The primary benefit of access control is that it ensures that a space remains secure – only visited by those who are granted access. This restriction helps to keep residents and property safe, not only deterring burglars but ensuring that they are unable to gain entry without permission. Access control panels Some of the examples of access control panels in use include: Private car parks, granting access to employees or residents or paying guests based on the location. Communal buildings and flat entranceways, granting access to residents. These kinds of access control panels will have multiple buttons, one for each flat so that guests can buzz and speak to their contacts. Offices, granting access to employees and their guests. Another key benefit of access control is that entry and exit data can be tracked Another key benefit of access control is that entry and exit data can be tracked, and data can be used for anything from tracking the use of a building, to understanding and logging when individuals have entered and left the premises. For those who have ever watched a Detective drama, you will know how crucial this kind of data can be to determining alibis! Replacing lost keys Inhouse, this can also be useful in identifying who is around when an incident occurs, and in ascertaining how many people are in the premises in the event of a fire or emergency situation. On top of knowing when individuals are accessing certain spaces, access controls can also be used to restrict access to spaces during certain time periods – for example at the end of a shift, or overnight. This is most often found in commercial spaces and car parks, as private residences will grant access at all hours to residents. Access control plays an important role in security and can impact everything from your insurance bills and insurance cover to the amount you spend on replacing lost keys. By keeping certain spaces restricted, only granting access to those who are supposed to be there for work or through their private residence, you are able to keep individuals safe and protect them from the effect of theft. Preventing unlawful access Access control is particularly crucial in tracking the movement of employees should an incident occur In a workspace, access control is particularly crucial in tracking the movement of employees should an incident occur, as well as making the life of your team much easier in allowing them to move between spaces without security personnel and site managers present. It can also reduce the outgoings of a business by reducing the need for security individuals to be hired and paid to remain on site. For a private homeowner or flat owner, access control is what grants you the privacy and security that you deserve in your own space. Whether the control is placed on the outside of a bin store, car parks, communal entrance way or your own personal flat, creating barriers to prevent unlawful access can make a private residence more appealing to tenants or homeowners, and can also provide information and data about who has entered a building and when. Vacant property security The value of access control is that there are a range of solutions according to your budget, your requirements, and the way that you intend to use access control across your site or inside space. For the most part, access control is considered to be a cost effective way of increasing security, cutting back on personnel while ensuring that access is only granted to those who are supposed to be a specific space. The value of access control is that there are a range of solutions according to your budget According to construction site and vacant property security company Sicuro, access control systems with a built in camera are becoming increasingly popular, particularly on the exterior of a building when it comes to granting access to visitors – as those inside can see who is asking to be let in. Managing access control Meanwhile, across inside workspaces and sites, access control managed by pin numbers or fingerprints is often sufficient. Access control is an important part of modern security, ensuring that everywhere from office spaces to private residences are protected from unwanted or unlawful visitors. For the most part, access control is managed automatically, tracking and storing data on who has entered and exited a specific space and at what time – though some examples are tracked and managed manually (for example in a school reception or private residence).

Historic Spanish Building Upgrades Security With ASSA ABLOY's SMARTair® Wireless Access Control
Historic Spanish Building Upgrades Security With ASSA ABLOY's SMARTair® Wireless Access Control

Schools present unique challenges for security and access control. But what about a school that is also a heritage site of exceptional value? The Colegio Diocesano Santo Domingo in Orihuela, Spain, is more than just a school. Its historic buildings date to the 1500s, a heritage site as well as a place of learning — with a museum that requires the protection of the same access system. The college buildings are a Resource of Cultural Interest and on Spain’s heritage registry: They must not be damaged. Wire-free electronic locks were the obvious answer.   A wireless solution SMARTair® wireless locking devices now control access through 300 doors around the school. Electronic escutcheons, knob cylinders, and wall readers (including lifts) are connected to intuitive SMARTair software by a network of 38 HUBs. The school chose SMARTair Wireless Online management for their new keyless access system. This powerful management option enables real-time control of access to and around the site, even if the school’s data network is down. Automated emails inform security staff of any incidents, keeping students, teachers, equipment, and precious heritage safe. real-time key management “The main benefit is the ease of real-time key management — from any place and at any time — via the wireless online management system,” says the school’s IT Manager, Francisco Fernández Soriano. “This increases security for children and for staff because no unauthorized people can enter the school.” In addition to the main entrances and classrooms, access to private spaces is constantly monitored “In addition to the main entrances and classrooms, access to private spaces such as lifts, offices, staff rooms, the church, the museum, the library, and the IT room is constantly monitored.” Scalable modular system Installation of the school’s SMARTair system required minimal work. Some doors date to the 16th century, so major alterations were not possible. “The system was installed without a hitch and also without any disruption to classes,” he adds. Because SMARTair is a modular system, scalability is built in. They can extend or fine-tune their access system when they choose. Indeed, the school’s “SMARTair Phase II” is already under discussion.

Hanwha Techwin America’s Wisenet Q Series 4MP Cameras Safeguard Anaheim Union High School District (AUHSD)
Hanwha Techwin America’s Wisenet Q Series 4MP Cameras Safeguard Anaheim Union High School District (AUHSD)

Hanwha Techwin America, a global supplier of IP and analog video surveillance solutions, announced that Anaheim Union High School District (AUHSD), one of the largest school districts in California, has strengthened its security infrastructure with a district-wide solution that includes 1,250 Hanwha Techwin Q series cameras across 20 different locations. Anaheim Union High School District Located just outside of Los Angeles, AUHSD is a public-school district serving portions of the Orange County cities of Anaheim, Buena Park, Cypress, La Palma and Stanton and has an estimated 2,900 employees in 20 different facilities. In total, it serves approximately 29,000 students from grades 7 to 12. Despite its size and expanse, the district was lacking a robust security camera system that could allow administrators to monitor or document incidents on campus. “Other than a few sites with some DVR-based systems, we did not have any security cameras,” explained Erik Greenwood, Chief Technology Officer for AUHSD. IP security cameras installed AUHSD decided to strengthen its security infrastructure with a district-wide solution Additionally, as the district continued to grow, so did the seriousness of some of its security issues. After several security incidents and school shootings at other campuses across the U.S., the district faced mounting concerns from the community. AUHSD decided to strengthen its security infrastructure with a district-wide solution that would include IP security cameras at its center. AUHSD officials collaborated with school principals, administrative staff, and local police departments to identify key areas where cameras should be placed, such as gathering points for students and the buildings’ main entrances and exits, as well as what specifications the system should have to produce viable footage for law enforcement. Wisenet Q series 4MP cameras The district brought on CA-based integrator, HCI Systems Inc., which recommended Hanwha Techwin’s QNV-7080R 4MP Network IR Vandal-Resistant Cameras. The Wisenet Q series 4MP cameras enable high-resolution monitoring with clear images, and the innovative hallway view feature maximizes the area of surveillance in narrow locations, such as school corridors. In addition, these Q series cameras are equipped with IR function, enabling clear, sharp images in dimly lit environments and during the night. Robust set of technical specifications According to Greenwood, the Hanwha cameras were chosen as the key part of the system for several reasons. He said, “We had a very robust set of technical specifications in our RFP, and the image quality, frame rate and light specifications of the Hanwha cameras matched our requirements.” In addition to their rich feature set, the Hanwha camera configuration presented a streamlined solution. Greenwood further stated, “We didn't have a large quantity of different camera models which meant we didn’t need to keep stock of all sorts of lenses and other accessories. The committee liked that approach from a troubleshooting and ongoing maintenance standpoint.” Vandal resistance  The vandal-resistant features of the Hanwha cameras were also a big factor in their decision process The vandal-resistant features of the Hanwha cameras were also a big factor in their decision process since the camera domes can easily be cleaned or swapped without having to replace the entire camera. The Hanwha cameras were installed throughout the district in entrances, exits, exterior restroom doors, staff work areas and in general meeting areas. They are helping the district keep eyes on campus vandalism, graffiti, any other potential threats and, in some cases, even monitoring certain personnel issues, such as inappropriate use of school equipment. Campus surveillance When an incident is reported, administrators can quickly access and review the security footage to see what happened. In all, Greenwood said, “It's been a great project that involved everyone and the new cameras have some great qualities.” Now that the installation is complete, AUHSD is taking a closer look to see where there may still be some blind spots and exploring where they might benefit from potential expansion.