Policy Defined. Infrastructure Secured.
Infrastructure as Code (IaC) compliance pre-check CLI for Alibaba Cloud ROS templates. Evaluate your ROS YAML/JSON templates against security and compliance policies before deployment.
💡 InfraGuard embraces Policy as Code - treating compliance policies as versioned, testable, and reusable code artifacts.
Language: English | 中文 | Español | Français | Deutsch | 日本語 | Português
- 🔍 Pre-deployment Validation - Catch compliance issues before they reach production
- 🎯 Dual Scan Modes - Static analysis or cloud-based preview validation
- 📦 Built-in Rules - Comprehensive coverage for Aliyun services
- 🏆 Compliance Packs - MLPS, ISO 27001, PCI-DSS, SOC 2, and more
- ✏️ Editor Integration - VS Code extension with auto-completion, real-time diagnostics, and hover documentation for ROS templates
- 🌍 Multilingual Support - Available in 7 languages (English, Chinese, Spanish, French, German, Japanese, Portuguese)
- 🎨 Multiple Output Formats - Table, JSON, and interactive HTML reports
- 🔧 Extensible - Write custom policies in Rego (Open Policy Agent)
- ⚡ Fast - Built in Go for speed and efficiency
go install github.com/aliyun/infraguard/cmd/infraguard@latestOr download pre-built binaries from GitHub Releases.
# Scan with a compliance pack
infraguard scan template.yaml -p pack:aliyun:quick-start-compliance-pack
# Scan with a specific rule
infraguard scan template.yaml -p rule:aliyun:ecs-instance-no-public-ip
# Scan with wildcard pattern (all rules)
infraguard scan template.yaml -p "rule:*"
# Scan with wildcard pattern (all ECS rules)
infraguard scan template.yaml -p "rule:aliyun:ecs-*"
# Generate HTML report
infraguard scan template.yaml -p pack:aliyun:mlps-level-3-pre-check-compliance-pack --format html -o report.htmlFor detailed documentation, please visit our Documentation Site
- Getting Started - Installation and quick start guide
- User Guide - Learn how to scan templates and manage policies
- Policy Reference - Browse all available rules and compliance packs
- Development Guide - Write custom rules and packs
- CLI Reference - Command-line interface documentation
- FAQ - Frequently asked questions