A New Version of AWS Compliance Enforcer, CloudFormation Guard 2.0 Is in GA

This new version delivers a more mission-critical compliance policy enforcer


Amazon’s cloud-oriented division, Amazon Web Services, on May 17, 2021, released a sequel version of the Amazon CloudFormation Compliance Analyzer and general-purpose policy-as-code evaluation tool, CloudFormation Guard. AWS has made it generally available in CloudFormation Guard’s Github repository.

The tool personifies a light scale, declarative code for defining rules.
The tool personifies a light scale, declarative code for defining rules.
Key Facts
  1. 1

    This new upgrade of AWS CloudFormation Guard came barely a year after the prequel release.

  2. 2

    The new upgrade supports policy encryptions for JSON- and YAML- formatted files.

  3. 3

    Rule writing becomes easier and less equivocal with the improvement of Guard’s DSL


Barely a year after the preview release of the maiden version AWS CloudFormation Guard, the cloud hosting giant has released a sequel AWS CloudFormation Guard 2.0. The tool was oriented at mitigating risks such as overspending, security fragility, or legal affairs. The tool personifies a light scale, declarative code for defining rules. The tool supports wildcards, lists, declaration of variables and regex, and can be integrated with CloudFormation exclusive functions. The open source CLI compliance enforcer could, for example, create rules to ensure that S3 buckets get encrypted by default or deter using particular availability zones.

Built-in this tool is a CLI that goes by the name CloudFormation Guard Rulegen. This tool is essentially automated to generate Guard rules from preexisting CloudFormation templates. The resultant code can be sorted and compiled into a file for editing and spawning the relevant rule sets.

The new version extends to many functions and applications with a strict policy syntax enforcer. In addition to writing rules for CloudFormation’s already supported templates, the rule-writing now extends to any JSON and YAML file extensions, be it Kubernetes or Terraform JSON configurations.

Guard still retains its niche as a personification of open source command syntax equipping developers/organizations with an easy-to-use domain-specific language (DSL) to write company policy guidelines, compliance, cluster schedules, and more and validate JSON and YAML data against those rules according to their hierarchy, this data could be code written with cloud infrastructure.

The new version also features an improved domain-specific language (DSL) to better policy writing and delete ambiguity. It also allows the configuration of custom and advanced rules if proceedings get more complex for the developer.

Get similar news in your inbox weekly, for free

Share this news:

Latest stories

How ManageEngine Applications Manager Can Help Overcome Challenges In Kubernetes Monitoring

We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …

AIOps with Site24x7: Maximizing Efficiency at an Affordable Cost

In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …

A Review of Zoho ManageEngine

Zoho Corp., formerly known as AdventNet Inc., has established itself as a major player in …

Should I learn Java in 2023? A Practical Guide

Java is one of the most widely used programming languages in the world. It has …

The fastest way to ramp up on DevOps

You probably have been thinking of moving to DevOps or learning DevOps as a beginner. …

Why You Need a Blockchain Node Provider

In this article, we briefly cover the concept of blockchain nodes provider and explain why …

Top 5 Virtual desktop Provides in 2022

Here are the top 5 virtual desktop providers who offer a range of benefits such …

Why Your Business Should Connect Directly To Your Cloud

Today, companies make the most use of cloud technology regardless of their size and sector. …

7 Must-Watch DevSecOps Videos

Security is a crucial part of application development and DevSecOps makes it easy and continuous.The …