Policy-as-Code (PaC) adoption is hindered by the complexity of policy languages and error-prone manual configuration. This paper proposes a modular agent architecture integrating Retrieval-Augmented Generation (RAG), LLM-based tool calling, and external knowledge bases to automatically synthesize formal Rego policies from natural language specifications and to verify and iteratively repair Infrastructure-as-Code (IaC) configurations—such as Terraform—for compliance. Key contributions are: (i) the first synergistic use of RAG and a pluggable toolchain for end-to-end PaC automation; and (ii) a modular design that significantly improves accuracy and cross-framework generalization of small-parameter open-source LLMs in policy semantic understanding and rule generation. Experiments demonstrate that our approach generates syntactically and semantically correct Rego rules, accurately detects non-compliant IaC configurations, and performs effective automated remediation—substantially reducing human intervention.

Policy as Code (PaC) is a paradigm that encodes security and compliance policies into machine-readable formats, enabling automated enforcement in Infrastructure as Code (IaC) environments. However, its adoption is hindered by the complexity of policy languages and the risk of misconfigurations. In this work, we present ARPaCCino, an agentic system that combines Large Language Models (LLMs), Retrieval-Augmented-Generation (RAG), and tool-based validation to automate the generation and verification of PaC rules. Given natural language descriptions of the desired policies, ARPaCCino generates formal Rego rules, assesses IaC compliance, and iteratively refines the IaC configurations to ensure conformance. Thanks to its modular agentic architecture and integration with external tools and knowledge bases, ARPaCCino supports policy validation across a wide range of technologies, including niche or emerging IaC frameworks. Experimental evaluation involving a Terraform-based case study demonstrates ARPaCCino's effectiveness in generating syntactically and semantically correct policies, identifying non-compliant infrastructures, and applying corrective modifications, even when using smaller, open-weight LLMs. Our results highlight the potential of agentic RAG architectures to enhance the automation, reliability, and accessibility of PaC workflows.