# Install yatas with Homebrew, Nix

Tool to audit AWS/GCP infrastructure for misconfiguration or security issues. Version 1.6.1 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:yatas
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install yatas
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#yatas
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ya/yatas/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:yatas
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/yatas>
- **Version:** 1.6.1
- **Source summary:** Tool to audit AWS/GCP infrastructure for misconfiguration or security issues
- **Homepage:** <https://github.com/padok-team/yatas>
- **Repository:** <https://github.com/padok-team/yatas>
- **Upstream docs:** <https://github.com/padok-team/yatas#readme>
- **License:** Apache-2.0
- **Source archive:** <https://github.com/padok-team/yatas/archive/refs/tags/v1.6.1.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- yatas (cli)
- yatas (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.6.1
- Local data: ok
- Upstream repository: https://github.com/padok-team/yatas
- Upstream latest detected: v1.6.1 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

YATAS, Yet Another Testing & Auditing Solution, is a Padok Team CLI for checking AWS and GCP infrastructure for misconfiguration and security issues. The public history is mostly repository-level, but enough is documented to place it in the 2022 wave of lightweight DevSecOps audit tools.

### Project history

The GitHub repository was created in August 2022. Its README frames the tool as a practical auditor rather than a complete benchmark suite: it checks the practices Padok considered important from experience, then lets users install plugins and configure checks through .yatas.yml.

The changelog shows rapid early iteration through 2022, including dynamic plugin calling, plugin result interfaces, category initialization, and a 1.0.0 release in September 2022. A larger 2023 refactor removed AWS-only assumptions, added documentation and config validation, and updated the project for broader cloud-audit use.

### Adoption history

YATAS appears to have remained a focused DevSecOps tool rather than a broad industry standard. Its GitHub topics, README, and plugin repositories position it for AWS/GCP hardening, account assessment, CI use, and infrastructure review by teams that want a small CLI rather than a hosted posture-management product.

### How it is used

The normal flow is to initialize a .yatas.yml file, edit it for the desired checks, install selected plugins, and run the yatas command locally or in CI. The README documents flags for showing details, comparing with a previous run, returning a CI failure code when issues are found, summarizing results, and timing checks.

### Why package nerds care

YATAS is a useful package-index entry because it packages cloud security review as a single developer CLI with plugins. Its significance is not raw popularity; it is the shape of the tool: cloud posture checks that can live beside infrastructure code, run in pipelines, and be installed with ordinary package managers.

### Timeline

- 2022-08-05: The padok-team/yatas GitHub repository is created.
- 2022-09: The changelog records plugin-system work and the 1.0.0 release.
- 2023-04: The changelog records documentation, config validation, and removal of AWS-only references.
- 2025-12: The changelog records the 1.6.x line with an added HDS CLI option.

### Related projects

- padok-team/yatas-aws provides AWS checks for the YATAS plugin model.
- padok-team/yatas-gcp provides GCP checks for the same auditing workflow.

### Sources

- <https://api.github.com/repos/padok-team/yatas>
- <https://github.com/padok-team/yatas>
- <https://github.com/padok-team/yatas-aws>
- <https://github.com/padok-team/yatas-gcp>
- <https://raw.githubusercontent.com/padok-team/yatas/main/CHANGELOG.md>


## Security Notes

infrastructure mutation or orchestration signal.

- **Geiger risk:** orange / medium
- infrastructure mutation or orchestration signal


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: .yatas.yml
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** yatas
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - yatas: normalized package name match | nixpkgs package indexes: pkgs/by-name/ya/yatas/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Cloud CLI packages](https://www.automicvault.com/pkg/cloud-clis/) - Belongs to a cloud or infrastructure command family.
- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [cliam](https://www.automicvault.com/pkg/brew/cliam/) - Shares av.db curated category or tags: aws, cli, cloud-security, gcp, security.
- [cloudfox](https://www.automicvault.com/pkg/brew/cloudfox/) - Shares av.db curated category or tags: aws, cli, cloud-security, gcp, security.
- [principalmapper](https://www.automicvault.com/pkg/brew/principalmapper/) - Shares av.db curated category or tags: aws, cli, cloud-security, security.
- [prowler](https://www.automicvault.com/pkg/brew/prowler/) - Shares av.db curated category or tags: audit, cli, cloud-security, security.
- [cfripper](https://www.automicvault.com/pkg/brew/cfripper/) - Shares av.db curated category or tags: aws, cli, cloud-security, security.
- [cloudsplaining](https://www.automicvault.com/pkg/brew/cloudsplaining/) - Shares av.db curated category or tags: aws, cli, cloud-security, security.
- [lacework-cli](https://www.automicvault.com/pkg/brew/lacework-cli/) - Shares av.db curated category or tags: cli, cloud-security, security.
- [legitify](https://www.automicvault.com/pkg/brew/legitify/) - Shares av.db curated category or tags: cli, cloud-security, misconfiguration, security.
- [parliament](https://www.automicvault.com/pkg/brew/parliament/) - Security-sensitive metadata or terminology overlaps. Shared terms: aws, cli, cloud, cloud-security, security.

## Combined YAML source

View the package source record on GitHub. [combined/yatas.yml](https://github.com/automic-vault/db/blob/main/combined/yatas.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
