Automic VaultAutomic Vault

brew

Install yatas with Homebrew, Nix

Tool to audit AWS/GCP infrastructure for misconfiguration or security issues. Version 1.6.1 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install yatas

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#yatas

nixpkgs package indexes · pkgs/by-name/ya/yatas/package.nix · source: api.github.com

overview

Package summary

Tool to audit AWS/GCP infrastructure for misconfiguration or security issues

Commands and aliases

  • yatas

history

Project history and usage

YATAS, Yet Another Testing & Auditing Solution, is a Padok Team CLI for checking AWS and GCP infrastructure for misconfiguration and security issues. The public history is mostly repository-level, but enough is documented to place it in the 2022 wave of lightweight DevSecOps audit tools.

Project history

The GitHub repository was created in August 2022. Its README frames the tool as a practical auditor rather than a complete benchmark suite: it checks the practices Padok considered important from experience, then lets users install plugins and configure checks through .yatas.yml.

The changelog shows rapid early iteration through 2022, including dynamic plugin calling, plugin result interfaces, category initialization, and a 1.0.0 release in September 2022. A larger 2023 refactor removed AWS-only assumptions, added documentation and config validation, and updated the project for broader cloud-audit use.

Adoption history

YATAS appears to have remained a focused DevSecOps tool rather than a broad industry standard. Its GitHub topics, README, and plugin repositories position it for AWS/GCP hardening, account assessment, CI use, and infrastructure review by teams that want a small CLI rather than a hosted posture-management product.

How it is used

The normal flow is to initialize a .yatas.yml file, edit it for the desired checks, install selected plugins, and run the yatas command locally or in CI. The README documents flags for showing details, comparing with a previous run, returning a CI failure code when issues are found, summarizing results, and timing checks.

Why package nerds care

YATAS is a useful package-index entry because it packages cloud security review as a single developer CLI with plugins. Its significance is not raw popularity; it is the shape of the tool: cloud posture checks that can live beside infrastructure code, run in pipelines, and be installed with ordinary package managers.

Timeline

  • 2022-08-05: The padok-team/yatas GitHub repository is created.
  • 2022-09: The changelog records plugin-system work and the 1.0.0 release.
  • 2023-04: The changelog records documentation, config validation, and removal of AWS-only references.
  • 2025-12: The changelog records the 1.6.x line with an added HDS CLI option.

Related projects

  • padok-team/yatas-aws provides AWS checks for the YATAS plugin model.
  • padok-team/yatas-gcp provides GCP checks for the same auditing workflow.

security posture

Risk level: orange

infrastructure mutation or orchestration signal.

Risk classifier

orange risk · medium confidence · infrastructure

Why

  • infrastructure mutation or orchestration signal

Signals

  • text:infrastructure

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
.yatas.yml

executables

Installed executables

CommandKindExposureNote
yatascliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.6.1
manager updated
local dataok
upstreamcurrent
latest detectedv1.6.1

https://github.com/padok-team/yatas

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:yatas
Version1.6.1
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/yatas
Homepagehttps://github.com/padok-team/yatas
Repositoryhttps://github.com/padok-team/yatas
Upstream docshttps://github.com/padok-team/yatas#readme
LicenseApache-2.0
Source archivehttps://github.com/padok-team/yatas/archive/refs/tags/v1.6.1.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameyatas
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

yatas

nix profile install nixpkgs#yatas
  • normalized package name match
  • Matched by: Yatas
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/ya/yatas/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment