Pre-deployment Validation
Catch compliance and security issues before they reach production. Scan your ROS templates locally during development.
Hundreds of Built-in Rules
Comprehensive coverage for Aliyun services including ECS, RDS, OSS, ACK, and more with dozens of compliance packs.
Multiple Formats
Get results in table, JSON, or interactive HTML reports. Easily integrate with CI/CD pipelines.
Extensible & Open
Write custom policies using Rego (Open Policy Agent). Built on proven technologies and fully open source.
Internationalization
Full support for 7 languages: English, Chinese, Spanish, French, German, Japanese, and Portuguese. All rules, packs, and documentation available in multiple languages.
Fast & Lightweight
Built in Go for speed and efficiency. Single binary with no dependencies. Scan large templates in seconds.
Standardize Your Infrastructure
InfraGuard provides a unified way to enforce best practices across your organization. Whether you are using standard Aliyun compliance packs or your own custom rules, InfraGuard ensures consistency and security.
Catch Issues Early
InfraGuard helps you identify security risks, configuration errors, and compliance violations directly in your development workflow or CI/CD pipeline.
- Prevent insecure deployments
- Standardize infrastructure across teams
- Automate compliance audits
$ infraguard scan template.yaml -p rule:aliyun:ecs-available-disk-encrypted
🔴 High #1 Encryption protects data at rest from unauthorized access.
template.yaml:8
┌────────┬─────────────────────────────┐
│ 6 │ ZoneId: cn-hangzhou-h │
│ 7 │ Size: 40 │
│ > 8 │ Encrypted: false │
└────────┴─────────────────────────────┘
Rule ID: rule:aliyun:ecs-available-disk-encrypted
Resource: Disk
Recommendation: Set the 'Encrypted' property of ECS disks to true.
────────────────────────────────── Scan Results ──────────────────────────────────
Total: 1 | High: 1 | Medium: 0 | Low: 0