# compliance.tf

> Preventive infrastructure-as-code compliance controls for Terraform modules.
> Enforces SOC 2, HIPAA, PCI DSS, NIST 800-53, CIS, FedRAMP, ISO 27001, GDPR, NIS2, and 30+ frameworks at the module level - before terraform apply.

## Key Facts
- 34 AWS modules based on terraform-aws-modules (same variables, same outputs)
- Compliance controls are built into the modules - no scanning, no policy authoring
- Works with Terraform, OpenTofu, Terragrunt, and Terramate
- Private registry with API token authentication
- Control exceptions with audit trail
- Evidence generation via AWS Config and Audit Manager

## Pricing
- Free Trial: 30-day free trial with S3 bucket module
- Pro: $100/year for all 34 modules, up to 5 AWS accounts
- Custom: Unlimited AWS accounts and custom module development

## How It Works
1. Change one line - replace your module source from registry.terraform.io to soc2.compliance.tf (or your framework endpoint)
2. Run terraform init and terraform apply
3. Every compliance control for your chosen framework is enforced automatically

## Company
- Product: compliance.tf
- Parent company: Betajob (https://www.betajob.com)
- Creator: Anton Babenko (AWS Hero, Terraform influencer)

## Links
- Website: https://compliance.tf
- Documentation: https://compliance.tf/docs/
- Blog: https://compliance.tf/blog/
- Twitter/X: https://x.com/compliancetf
- LinkedIn: https://www.linkedin.com/company/compliance-tf/

## Website Pages
- Home: https://compliance.tf/
- Contact: https://compliance.tf/contact/
- Security: https://compliance.tf/security/
- Privacy Policy: https://compliance.tf/privacy/
- Terms and Conditions: https://compliance.tf/terms-and-conditions/
- Service Level Agreement: https://compliance.tf/sla/
- Data Processing Agreement: https://compliance.tf/dpa/
- Acceptable Use Policy: https://compliance.tf/acceptable-use/
- Cookie Policy: https://compliance.tf/cookie-policy/
- License: https://compliance.tf/license/

## Framework Landing Pages
- SOC 2: https://compliance.tf/soc2/
- PCI DSS: https://compliance.tf/pci-dss/
- HIPAA: https://compliance.tf/hipaa/
- NIST 800-53: https://compliance.tf/nist/
- FedRAMP: https://compliance.tf/fedramp/
- CIS AWS: https://compliance.tf/cis/
- GDPR: https://compliance.tf/gdpr/
- ISO 27001: https://compliance.tf/iso27001/
- NIS2: https://compliance.tf/nis2/

## Blog
- Why Enterprises Choose Compliance.tf Over terraform-aws-modules (2026-03-06): https://compliance.tf/blog/why-enterprises-choose-compliance-tf/
- Verifying Compliance.tf Modules: From Guardrails to Audit Evidence (2025-11-27): https://compliance.tf/blog/verifying-compliance-tf-modules/
- Make Non-Compliant Terraform Impossible With Compliance.tf (2025-11-26): https://compliance.tf/blog/make-non-compliant-terraform-impossible/

## compliance.tf Documentation

> Preventive compliance controls for Terraform modules - enforces SOC 2, HIPAA, PCI DSS, and 30+ frameworks before terraform apply.

### Pages
- Docs: https://compliance.tf/docs/
- Features - Overview: https://compliance.tf/docs/features/
- Features - Terraform Registry Endpoints: https://compliance.tf/docs/features/endpoints/
- Features - Customize Modules: https://compliance.tf/docs/features/controls/
- Features - Compatibility with terraform-aws-modules: https://compliance.tf/docs/features/compatibility/
- Guides - Overview: https://compliance.tf/docs/guides/
- Guides - Get Started: https://compliance.tf/docs/guides/get-started/
- Guides - Migration Guide: https://compliance.tf/docs/guides/migration/
- Guides - Audit Evidence: https://compliance.tf/docs/guides/audit-evidence/
- Guides - Make the Case: https://compliance.tf/docs/guides/make-the-case/
- Guides - CI/CD Integration - Overview: https://compliance.tf/docs/guides/ci-cd/
- Guides - CI/CD Integration - GitHub Actions: https://compliance.tf/docs/guides/ci-cd/github-actions/
- Guides - CI/CD Integration - GitLab CI: https://compliance.tf/docs/guides/ci-cd/gitlab-ci/
- Guides - CI/CD Integration - Terraform Cloud: https://compliance.tf/docs/guides/ci-cd/terraform-cloud/
- Guides - CI/CD Integration - Other Platforms: https://compliance.tf/docs/guides/ci-cd/other-platforms/
- Guides - Compare Approaches - Overview: https://compliance.tf/docs/guides/compare/
- Guides - Compare - vs Checkov / Trivy: https://compliance.tf/docs/guides/compare/vs-checkov-trivy/
- Guides - Compare - vs OPA / Sentinel: https://compliance.tf/docs/guides/compare/vs-opa-sentinel/
- Guides - Compare - vs Custom Wrappers: https://compliance.tf/docs/guides/compare/vs-custom-wrappers/
- Guides - Compare - vs AWS Control Tower: https://compliance.tf/docs/guides/compare/vs-control-tower/

### Frameworks
- CIS AWS Benchmark v6.0.0 (96 controls): https://compliance.tf/docs/frameworks/aws/cis_v600/
- FFIEC Cybersecurity Assessment Tool (168 controls): https://compliance.tf/docs/frameworks/aws/ffiec/
- SOC 2 (232 controls): https://compliance.tf/docs/frameworks/aws/soc_2/
- CCCS Medium Cloud Control Profile (47 controls): https://compliance.tf/docs/frameworks/aws/cccs_medium/
- CIS Controls v8.0 IG1 (99 controls): https://compliance.tf/docs/frameworks/aws/cis_v80_ig1/
- PCI DSS v4.0 (323 controls): https://compliance.tf/docs/frameworks/aws/pci_dss_v40/
- ACSC Essential Eight (145 controls): https://compliance.tf/docs/frameworks/aws/acsc_essential_eight/
- HIPAA Omnibus Rule 2013 (199 controls): https://compliance.tf/docs/frameworks/aws/hipaa_final_omnibus_2013/
- NIST SP 800-171 Rev 2 (133 controls): https://compliance.tf/docs/frameworks/aws/nist_800_171_rev_2/
- ACSC ISM March 2023 (66 controls): https://compliance.tf/docs/frameworks/aws/acsc_ism_2023/
- AWS Control Tower Guardrails (33 controls): https://compliance.tf/docs/frameworks/aws/aws_control_tower/
- ISO/IEC 27001:2022 (333 controls): https://compliance.tf/docs/frameworks/aws/iso_27001_2022/
- AWS Well-Architected Framework v10 (283 controls): https://compliance.tf/docs/frameworks/aws/aws_well_architected_v10/
- EU GMP Annex 11 (78 controls): https://compliance.tf/docs/frameworks/aws/eu_gmp_annex_11/
- GDPR (100 controls): https://compliance.tf/docs/frameworks/aws/gdpr/
- Title 21 CFR Part 11 (185 controls): https://compliance.tf/docs/frameworks/aws/cfr_part_11/
- CISA Cyber Essentials (170 controls): https://compliance.tf/docs/frameworks/aws/cisa_cyber_essentials/
- NIS2 Directive (EU 2022/2555) (247 controls): https://compliance.tf/docs/frameworks/aws/nis2/
- NIST SP 800-53 Rev 5 (157 controls): https://compliance.tf/docs/frameworks/aws/nist_800_53_rev_5/
- NYDFS Cybersecurity Regulation (125 controls): https://compliance.tf/docs/frameworks/aws/nydfs_23/
- RBI Cyber Security Framework for UCBs (134 controls): https://compliance.tf/docs/frameworks/aws/rbi_cyber_security/
- NIST Cybersecurity Framework v2.0 (360 controls): https://compliance.tf/docs/frameworks/aws/nist_csf_v2/
- RBI IT Framework for NBFCs (117 controls): https://compliance.tf/docs/frameworks/aws/rbi_itf_nbfc/
- AWS Generative AI Best Practices v2 (9 controls): https://compliance.tf/docs/frameworks/aws/aws_genai_v2/
- FedRAMP Moderate Baseline Rev 4 (136 controls): https://compliance.tf/docs/frameworks/aws/fedramp_moderate_rev_4/
- FedRAMP Low Baseline Rev 4 (154 controls): https://compliance.tf/docs/frameworks/aws/fedramp_low_rev_4/
- CIS AWS Benchmark v1.4.0 (96 controls): https://compliance.tf/docs/frameworks/aws/cis_v140/
- CIS AWS Benchmark v5.0.0 (96 controls): https://compliance.tf/docs/frameworks/aws/cis_v500/

### Modules
- Terraform AWS ACM: https://compliance.tf/docs/modules/terraform-aws-acm/
- Terraform AWS ALB: https://compliance.tf/docs/modules/terraform-aws-alb/
- Terraform AWS API Gateway v2: https://compliance.tf/docs/modules/terraform-aws-apigateway-v2/
- Terraform AWS AppSync: https://compliance.tf/docs/modules/terraform-aws-appsync/
- Terraform AWS Autoscaling: https://compliance.tf/docs/modules/terraform-aws-autoscaling/
- Terraform AWS CloudFront: https://compliance.tf/docs/modules/terraform-aws-cloudfront/
- Terraform AWS CloudWatch: https://compliance.tf/docs/modules/terraform-aws-cloudwatch/
- Terraform AWS DMS: https://compliance.tf/docs/modules/terraform-aws-dms/
- Terraform AWS DynamoDB Table: https://compliance.tf/docs/modules/terraform-aws-dynamodb-table/
- Terraform AWS EC2 Instance: https://compliance.tf/docs/modules/terraform-aws-ec2-instance/
- Terraform AWS ECR: https://compliance.tf/docs/modules/terraform-aws-ecr/
- Terraform AWS ECS: https://compliance.tf/docs/modules/terraform-aws-ecs/
- Terraform AWS EFS: https://compliance.tf/docs/modules/terraform-aws-efs/
- Terraform AWS EKS: https://compliance.tf/docs/modules/terraform-aws-eks/
- Terraform AWS Elasticache: https://compliance.tf/docs/modules/terraform-aws-elasticache/
- Terraform AWS ELB: https://compliance.tf/docs/modules/terraform-aws-elb/
- Terraform AWS EMR: https://compliance.tf/docs/modules/terraform-aws-emr/
- Terraform AWS FSx: https://compliance.tf/docs/modules/terraform-aws-fsx/
- Terraform AWS KMS: https://compliance.tf/docs/modules/terraform-aws-kms/
- Terraform AWS Lambda: https://compliance.tf/docs/modules/terraform-aws-lambda/
- Terraform AWS MSK Kafka Cluster: https://compliance.tf/docs/modules/terraform-aws-msk-kafka-cluster/
- Terraform AWS Network Firewall: https://compliance.tf/docs/modules/terraform-aws-network-firewall/
- Terraform AWS OpenSearch: https://compliance.tf/docs/modules/terraform-aws-opensearch/
- Terraform AWS RDS: https://compliance.tf/docs/modules/terraform-aws-rds/
- Terraform AWS RDS Aurora: https://compliance.tf/docs/modules/terraform-aws-rds-aurora/
- Terraform AWS Redshift: https://compliance.tf/docs/modules/terraform-aws-redshift/
- Terraform AWS S3 Bucket: https://compliance.tf/docs/modules/terraform-aws-s3-bucket/
- Terraform AWS Secrets Manager: https://compliance.tf/docs/modules/terraform-aws-secrets-manager/
- Terraform AWS SNS: https://compliance.tf/docs/modules/terraform-aws-sns/
- Terraform AWS SQS: https://compliance.tf/docs/modules/terraform-aws-sqs/
- Terraform AWS SSM Parameter: https://compliance.tf/docs/modules/terraform-aws-ssm-parameter/
- Terraform AWS Step Functions: https://compliance.tf/docs/modules/terraform-aws-step-functions/
- Terraform AWS VPC: https://compliance.tf/docs/modules/terraform-aws-vpc/
- Terraform AWS VPN Gateway: https://compliance.tf/docs/modules/terraform-aws-vpn-gateway/

### Controls
296 preventive controls enforced at plan time.
- Full control list: https://compliance.tf/docs/controls/